Filtered by vendor Redhat Subscriptions
Filtered by product Enterprise Linux Server Eus Subscriptions
Total 625 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2014-0196 7 Canonical, Debian, F5 and 4 more 33 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 30 more 2024-12-19 N/A
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.
CVE-2021-4034 7 Canonical, Oracle, Polkit Project and 4 more 37 Ubuntu Linux, Http Server, Zfs Storage Appliance Kit and 34 more 2024-11-21 7.8 High
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
CVE-2021-3744 5 Debian, Fedoraproject, Linux and 2 more 24 Debian Linux, Fedora, Linux Kernel and 21 more 2024-11-21 5.5 Medium
A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.
CVE-2021-3659 3 Fedoraproject, Linux, Redhat 17 Fedora, Linux Kernel, Codeready Linux Builder and 14 more 2024-11-21 5.5 Medium
A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.
CVE-2021-20233 4 Fedoraproject, Gnu, Netapp and 1 more 12 Fedora, Grub2, Ontap Select Deploy Administration Utility and 9 more 2024-11-21 8.2 High
A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters, while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2021-20225 4 Fedoraproject, Gnu, Netapp and 1 more 12 Fedora, Grub2, Ontap Select Deploy Administration Utility and 9 more 2024-11-21 6.7 Medium
A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-27779 4 Fedoraproject, Gnu, Netapp and 1 more 12 Fedora, Grub2, Ontap Select Deploy Administration Utility and 9 more 2024-11-21 7.5 High
A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub's memory layout. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-27749 4 Fedoraproject, Gnu, Netapp and 1 more 12 Fedora, Grub2, Ontap Select Deploy Administration Utility and 9 more 2024-11-21 6.7 Medium
A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with a sufficiently large payload, it is possible to overflow the stack buffer, corrupt the stack frame and control execution which could also circumvent Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-25647 4 Fedoraproject, Gnu, Netapp and 1 more 12 Fedora, Grub2, Ontap Select Deploy Administration Utility and 9 more 2024-11-21 7.6 High
A flaw was found in grub2 in versions prior to 2.06. During USB device initialization, descriptors are read with very little bounds checking and assumes the USB device is providing sane values. If properly exploited, an attacker could trigger memory corruption leading to arbitrary code execution allowing a bypass of the Secure Boot mechanism. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-25632 4 Fedoraproject, Gnu, Netapp and 1 more 12 Fedora, Grub2, Ontap Select Deploy Administration Utility and 9 more 2024-11-21 8.2 High
A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-14372 4 Fedoraproject, Gnu, Netapp and 1 more 13 Fedora, Grub2, Cloud Backup and 10 more 2024-11-21 7.5 High
A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel, defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity, as well as system availability.
CVE-2019-9948 6 Canonical, Debian, Fedoraproject and 3 more 18 Ubuntu Linux, Debian Linux, Fedora and 15 more 2024-11-21 9.1 Critical
urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call.
CVE-2019-9636 7 Canonical, Debian, Fedoraproject and 4 more 21 Ubuntu Linux, Debian Linux, Fedora and 18 more 2024-11-21 9.8 Critical
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given hostname). The components are: urllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A specially crafted URL could be incorrectly parsed to locate cookies or authentication data and send that information to a different host than when parsed correctly. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.7, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.3, v3.7.3rc1, v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.
CVE-2019-8308 3 Debian, Flatpak, Redhat 9 Debian Linux, Flatpak, Enterprise Linux and 6 more 2024-11-21 N/A
Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file.
CVE-2019-7221 7 Canonical, Debian, Fedoraproject and 4 more 20 Ubuntu Linux, Debian Linux, Fedora and 17 more 2024-11-21 N/A
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
CVE-2019-6974 5 Canonical, Debian, F5 and 2 more 29 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 26 more 2024-11-21 8.1 High
In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.
CVE-2019-6454 8 Canonical, Debian, Fedoraproject and 5 more 26 Ubuntu Linux, Debian Linux, Fedora and 23 more 2024-11-21 5.5 Medium
An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1, causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic).
CVE-2019-6133 4 Canonical, Debian, Polkit Project and 1 more 12 Ubuntu Linux, Debian Linux, Polkit and 9 more 2024-11-21 N/A
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.
CVE-2019-6116 6 Artifex, Canonical, Debian and 3 more 12 Ghostscript, Ubuntu Linux, Debian Linux and 9 more 2024-11-21 7.8 High
In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.
CVE-2019-5544 4 Fedoraproject, Openslp, Redhat and 1 more 17 Fedora, Openslp, Enterprise Linux and 14 more 2024-11-21 9.8 Critical
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.