CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Redhat » Enterprise Linux : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-35653 79 Exec Code XSS 2022-07-25 2022-07-28
0.0
None ??? ??? ??? ??? ??? ???
A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website to steal potentially sensitive information, change appearance of the web page, can perform phishing and drive-by-download attacks. This vulnerability does not impact authenticated users.
2 CVE-2022-35651 79 Exec Code XSS 2022-07-25 2022-07-29
0.0
None ??? ??? ??? ??? ??? ???
A stored XSS and blind SSRF vulnerability was found in Moodle, occurs due to insufficient sanitization of user-supplied data in the SCORM track details. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website to steal potentially sensitive information, change appearance of the web page, can perform phishing and drive-by-download attacks.
3 CVE-2022-34303 Exec Code Bypass 2022-08-26 2022-09-01
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media.
4 CVE-2022-34302 Exec Code Bypass 2022-08-26 2022-09-01
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media.
5 CVE-2022-34301 Exec Code Bypass 2022-08-26 2022-09-01
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media.
6 CVE-2022-25310 DoS 2022-09-06 2023-02-02
0.0
None ??? ??? ??? ??? ??? ???
A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bidi_marks() function of the lib/fribidi.c file. This flaw allows an attacker to pass a specially crafted file to Fribidi, leading to a crash and causing a denial of service.
7 CVE-2022-25309 787 DoS Overflow 2022-09-06 2023-02-02
0.0
None ??? ??? ??? ??? ??? ???
A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_to_unicode() function of the fribidi-char-sets-cap-rtl.c file. This flaw allows an attacker to pass a specially crafted file to the Fribidi application with the '--caprtl' option, leading to a crash and causing a denial of service.
8 CVE-2022-25308 787 DoS Overflow 2022-09-06 2023-02-02
0.0
None ??? ??? ??? ??? ??? ???
A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service.
9 CVE-2022-4743 401 DoS 2023-01-12 2023-01-23
0.0
None ??? ??? ??? ??? ??? ???
A potential memory leak issue was discovered in SDL2 in GLES_CreateTexture() function in SDL_render_gles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x are not affected.
10 CVE-2022-4285 476 DoS 2023-01-27 2023-02-07
0.0
None ??? ??? ??? ??? ??? ???
An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.
11 CVE-2022-4283 416 Exec Code 2022-12-14 2023-02-02
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability was found in X.Org. This issue occurs because the XkbCopyNames function leaves a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.
12 CVE-2022-4144 125 DoS 2022-11-29 2023-01-27
0.0
None ??? ??? ??? ??? ??? ???
An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address, potentially reading past the end of the bar space into adjacent pages. A malicious guest user could use this flaw to crash the QEMU process on the host causing a denial of service condition.
13 CVE-2022-3821 193 DoS 2022-11-08 2022-12-02
0.0
None ??? ??? ??? ??? ??? ???
An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.
14 CVE-2022-3775 787 Exec Code Mem. Corr. 2022-12-19 2022-12-28
0.0
None ??? ??? ??? ??? ??? ???
When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded.
15 CVE-2022-3715 787 Overflow 2023-01-05 2023-01-13
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.
16 CVE-2022-3500 248 2022-11-22 2023-02-01
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability was found in keylime. This security issue happens in some circumstances, due to some improperly handled exceptions, there exists the possibility that a rogue agent could create errors on the verifier that stopped attestation attempts for that host leaving it in an attested state but not verifying that anymore.
17 CVE-2022-2990 863 Exec Code 2022-09-13 2023-02-02
0.0
None ??? ??? ??? ??? ??? ???
An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
18 CVE-2022-2989 863 Exec Code 2022-09-13 2023-02-02
0.0
None ??? ??? ??? ??? ??? ???
An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
19 CVE-2022-2964 119 Overflow 2022-09-09 2023-01-20
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.
20 CVE-2022-2963 401 2022-10-14 2022-10-18
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability found in jasper. This security vulnerability happens because of a memory leak bug in function cmdopts_parse that can cause a crash or segmentation fault.
21 CVE-2022-2938 416 Mem. Corr. 2022-08-23 2023-01-20
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects.
22 CVE-2022-2905 125 2022-09-09 2022-11-21
0.0
None ??? ??? ??? ??? ??? ???
An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.
23 CVE-2022-2873 131 2022-08-22 2023-01-26
0.0
None ??? ??? ??? ??? ??? ???
An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system.
24 CVE-2022-2850 476 DoS 2022-10-14 2023-02-02
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service.
25 CVE-2022-2639 787 2022-09-01 2023-01-20
0.0
None ??? ??? ??? ??? ??? ???
An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.
26 CVE-2022-2625 1321 2022-08-18 2022-12-02
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser.
27 CVE-2022-2509 415 2022-08-01 2022-08-19
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.
28 CVE-2022-2393 287 2022-07-14 2023-02-02
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but they would not be able to decrypt message content.
29 CVE-2022-2153 476 DoS 2022-08-31 2022-11-21
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.
30 CVE-2022-2132 DoS 2022-08-31 2022-09-06
0.0
None ??? ??? ??? ??? ??? ???
A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.
31 CVE-2022-1355 119 DoS Overflow 2022-08-31 2023-02-02
0.0
None ??? ??? ??? ??? ??? ???
A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service.
32 CVE-2022-1354 787 DoS Overflow 2022-08-31 2023-02-02
0.0
None ??? ??? ??? ??? ??? ???
A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service.
33 CVE-2022-1263 476 DoS 2022-08-31 2022-09-07
0.0
None ??? ??? ??? ??? ??? ???
A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.
34 CVE-2022-1247 362 2022-08-31 2022-09-06
0.0
None ??? ??? ??? ??? ??? ???
An issue found in linux-kernel that leads to a race condition in rose_connect(). The rose driver uses rose_neigh->use to represent how many objects are using the rose_neigh. When a user wants to delete a rose_route via rose_ioctl(), the rose driver calls rose_del_node() and removes neighbours only if their “count” and “use” are zero.
35 CVE-2022-1199 476 2022-08-29 2023-02-02
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.
36 CVE-2022-1198 416 2022-08-29 2022-09-06
0.0
None ??? ??? ??? ??? ??? ???
A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.
37 CVE-2022-1184 416 DoS 2022-08-29 2023-02-02
0.0
None ??? ??? ??? ??? ??? ???
A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.
38 CVE-2022-1158 416 DoS 2022-08-05 2022-08-15
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and potentially corrupt the kernel, resulting in a denial of service condition.
39 CVE-2022-1016 416 +Info 2022-08-29 2023-02-02
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.
40 CVE-2022-0934 416 DoS 2022-08-29 2023-02-02
0.0
None ??? ??? ??? ??? ??? ???
A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service.
41 CVE-2022-0852 668 2022-08-29 2023-02-02
0.0
None ??? ??? ??? ??? ??? ???
There is a flaw in convert2rhel. convert2rhel passes the Red Hat account password to subscription-manager via the command line, which could allow unauthorized users locally on the machine to view the password via the process command line via e.g. htop or ps. The specific impact varies upon the privileges of the Red Hat account in question, but it could affect the integrity, availability, and/or data confidentiality of other systems that are administered by that account. This occurs regardless of how the password is supplied to convert2rhel.
42 CVE-2022-0851 2022-08-29 2023-02-02
0.0
None ??? ??? ??? ??? ??? ???
There is a flaw in convert2rhel. When the --activationkey option is used with convert2rhel, the activation key is subsequently passed to subscription-manager via the command line, which could allow unauthorized users locally on the machine to view the activation key via the process command line via e.g. htop or ps. The specific impact varies upon the subscription, but generally this would allow an attacker to register systems purchased by the victim until discovered; a form of fraud. This could occur regardless of how the activation key is supplied to convert2rhel because it involves how convert2rhel provides it to subscription-manager.
43 CVE-2022-0485 252 2022-08-29 2022-12-01
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in the copying tool `nbdcopy` of libnbd. When performing multi-threaded copies using asynchronous nbd calls, nbdcopy was blindly treating the completion of an asynchronous command as successful, rather than checking the *error parameter. This could result in the silent creation of a corrupted destination image.
44 CVE-2022-0480 770 2022-08-29 2022-09-01
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in the filelock_init in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface (POSIX) file locks.
45 CVE-2022-0358 273 +Priv 2022-08-29 2022-12-09
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation. This flaw is strictly related to CVE-2018-13405. A local guest user can create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of the group. This could allow a malicious unprivileged user inside the guest to gain access to resources accessible to the root group, potentially escalating their privileges within the guest. A malicious local user in the host might also leverage this unexpected executable file created by the guest to escalate their privileges on the host system.
46 CVE-2022-0175 909 2022-08-26 2022-11-08
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading to information disclosure.
47 CVE-2022-0171 459 2022-08-26 2022-12-03
0.0
None ??? ??? ??? ??? ??? ???
A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).
48 CVE-2022-0168 476 DoS 2022-08-26 2023-02-02
0.0
None ??? ??? ??? ??? ??? ???
A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to crash the system.
49 CVE-2022-0135 787 DoS Exec Code 2022-08-25 2023-02-03
0.0
None ??? ??? ??? ??? ??? ???
An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution.
50 CVE-2021-35939 59 +Priv 2022-08-26 2023-02-04
0.0
None ??? ??? ??? ??? ??? ???
It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Total number of vulnerabilities : 71   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.