ReportizFlow
Filtered by vendor Redhat
Subscriptions
Filtered by product Rhev Hypervisor
Subscriptions
Total
333 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-4154 | 3 Linux, Netapp, Redhat | 6 Linux Kernel, Hci Baseboard Management Controller, Enterprise Linux and 3 more | 2024-11-21 | 8.8 High |
| A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system. | ||||
| CVE-2021-4083 | 5 Debian, Linux, Netapp and 2 more | 30 Debian Linux, Linux Kernel, H300e and 27 more | 2024-11-21 | 7.0 High |
| A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4. | ||||
| CVE-2021-4028 | 3 Linux, Redhat, Suse | 9 Linux Kernel, Enterprise Linux, Rhel Aus and 6 more | 2024-11-21 | 7.8 High |
| A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this use-after-free to crash the system or possibly escalate privileges on the system. | ||||
| CVE-2021-45417 | 5 Advanced Intrusion Detection Environment Project, Canonical, Debian and 2 more | 11 Advanced Intrusion Detection Environment, Ubuntu Linux, Debian Linux and 8 more | 2024-11-21 | 7.8 High |
| AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow. | ||||
| CVE-2021-43975 | 5 Debian, Fedoraproject, Linux and 2 more | 21 Debian Linux, Fedora, Linux Kernel and 18 more | 2024-11-21 | 6.7 Medium |
| In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value. | ||||
| CVE-2021-43527 | 5 Mozilla, Netapp, Oracle and 2 more | 17 Nss, Nss Esr, Cloud Backup and 14 more | 2024-11-21 | 9.8 Critical |
| NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS. *Note: This vulnerability does NOT impact Mozilla Firefox.* However, email clients and PDF viewers that use NSS for signature verification, such as Thunderbird, LibreOffice, Evolution and Evince are believed to be impacted. This vulnerability affects NSS < 3.73 and NSS < 3.68.1. | ||||
| CVE-2021-43267 | 4 Fedoraproject, Linux, Netapp and 1 more | 19 Fedora, Linux Kernel, H300e and 16 more | 2024-11-21 | 9.8 Critical |
| An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type. | ||||
| CVE-2021-3677 | 3 Fedoraproject, Postgresql, Redhat | 9 Fedora, Postgresql, Enterprise Linux and 6 more | 2024-11-21 | 6.5 Medium |
| A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include max_worker_processes=0, the known versions of this attack are infeasible. However, undiscovered variants of the attack may be independent of that setting. | ||||
| CVE-2021-3640 | 6 Canonical, Debian, Fedoraproject and 3 more | 23 Ubuntu Linux, Debian Linux, Fedora and 20 more | 2024-11-21 | 7.0 High |
| A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system. | ||||
| CVE-2021-3609 | 3 Linux, Netapp, Redhat | 46 Linux Kernel, H300e, H300e Firmware and 43 more | 2024-11-21 | 7.0 High |
| .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root. | ||||
| CVE-2021-3501 | 4 Fedoraproject, Linux, Netapp and 1 more | 28 Fedora, Linux Kernel, Cloud Backup and 25 more | 2024-11-21 | 7.1 High |
| A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and system availability. | ||||
| CVE-2021-3450 | 11 Fedoraproject, Freebsd, Mcafee and 8 more | 39 Fedora, Freebsd, Web Gateway and 36 more | 2024-11-21 | 7.4 High |
| The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectively bypasses the check that non-CA certificates must not be able to issue other certificates. If a "purpose" has been configured then there is a subsequent opportunity for checks that the certificate is a valid CA. All of the named "purpose" values implemented in libcrypto perform this check. Therefore, where a purpose is set the certificate chain will still be rejected even when the strict flag has been used. A purpose is set by default in libssl client and server certificate verification routines, but it can be overridden or removed by an application. In order to be affected, an application must explicitly set the X509_V_FLAG_X509_STRICT verification flag and either not set a purpose for the certificate verification or, in the case of TLS client or server applications, override the default purpose. OpenSSL versions 1.1.1h and newer are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1h-1.1.1j). | ||||
| CVE-2021-3449 | 13 Checkpoint, Debian, Fedoraproject and 10 more | 172 Multi-domain Management, Multi-domain Management Firmware, Quantum Security Gateway and 169 more | 2024-11-21 | 5.9 Medium |
| An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j). | ||||
| CVE-2021-3447 | 2 Fedoraproject, Redhat | 7 Fedora, Ansible, Ansible Automation Platform and 4 more | 2024-11-21 | 5.5 Medium |
| A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. These parameters were not protected by the no_log feature. An attacker can take advantage of this information to steal those credentials, provided when they have access to the log files containing them. The highest threat from this vulnerability is to data confidentiality. This flaw affects Red Hat Ansible Automation Platform in versions before 1.2.2 and Ansible Tower in versions before 3.8.2. | ||||
| CVE-2021-34866 | 3 Linux, Netapp, Redhat | 19 Linux Kernel, H300e, H300e Firmware and 16 more | 2024-11-21 | 7.8 High |
| This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.14-rc3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBPF programs. The issue results from the lack of proper validation of user-supplied eBPF programs, which can result in a type confusion condition. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-14689. | ||||
| CVE-2021-33909 | 7 Debian, Fedoraproject, Linux and 4 more | 16 Debian Linux, Fedora, Linux Kernel and 13 more | 2024-11-21 | 7.8 High |
| fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. | ||||
| CVE-2021-33655 | 3 Debian, Linux, Redhat | 5 Debian Linux, Linux Kernel, Enterprise Linux and 2 more | 2024-11-21 | 6.7 Medium |
| When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds. | ||||
| CVE-2021-33034 | 4 Debian, Fedoraproject, Linux and 1 more | 11 Debian Linux, Fedora, Linux Kernel and 8 more | 2024-11-21 | 7.8 High |
| In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value. | ||||
| CVE-2021-32399 | 4 Debian, Linux, Netapp and 1 more | 27 Debian Linux, Linux Kernel, Cloud Backup and 24 more | 2024-11-21 | 7.0 High |
| net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. | ||||
| CVE-2021-30483 | 2 Isomorphic-git, Redhat | 3 Isomorphic-git, Rhev Hypervisor, Rhev Manager | 2024-11-21 | 5.3 Medium |
| isomorphic-git before 1.8.2 allows Directory Traversal via a crafted repository. | ||||