Filtered by vendor Redhat
Subscriptions
Total
21758 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-4569 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2025-02-27 | 5.5 Medium |
| A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, which can result in a memory leak. | ||||
| CVE-2023-4611 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-02-27 | 7 High |
| A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak. | ||||
| CVE-2023-4155 | 3 Fedoraproject, Linux, Redhat | 7 Fedora, Linux Kernel, Enterprise Linux and 4 more | 2025-02-27 | 5.3 Medium |
| A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the `VMGEXIT` handler recursively. If an attacker manages to call the handler multiple times, they can trigger a stack overflow and cause a denial of service or potentially guest-to-host escape in kernel configurations without stack guard pages (`CONFIG_VMAP_STACK`). | ||||
| CVE-2023-2163 | 2 Linux, Redhat | 7 Linux Kernel, Enterprise Linux, Rhel Aus and 4 more | 2025-02-27 | 10 Critical |
| Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. | ||||
| CVE-2023-5158 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-02-27 | 6.5 Medium |
| A flaw was found in vringh_kiov_advance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a denial of service from guest to host via zero length descriptor. | ||||
| CVE-2023-42753 | 3 Debian, Linux, Redhat | 9 Debian Linux, Linux Kernel, Enterprise Linux and 6 more | 2025-02-27 | 7 High |
| An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system. | ||||
| CVE-2023-42756 | 4 Debian, Fedoraproject, Linux and 1 more | 4 Debian Linux, Fedora, Linux Kernel and 1 more | 2025-02-27 | 4.4 Medium |
| A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of `__ip_set_put` on a wrong `set`. This issue may allow a local user to crash the system. | ||||
| CVE-2023-39191 | 3 Fedoraproject, Linux, Redhat | 4 Fedora, Linux Kernel, Enterprise Linux and 1 more | 2025-02-27 | 8.2 High |
| An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code in the context of the kernel. | ||||
| CVE-2023-46129 | 2 Nats, Redhat | 3 Nats Server, Nkeys, Openshift Distributed Tracing | 2025-02-27 | 7.5 High |
| NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. The cryptographic key handling library, nkeys, recently gained support for encryption, not just for signing/authentication. This is used in nats-server 2.10 (Sep 2023) and newer for authentication callouts. In nkeys versions 0.4.0 through 0.4.5, corresponding with NATS server versions 2.10.0 through 2.10.3, the nkeys library's `xkeys` encryption handling logic mistakenly passed an array by value into an internal function, where the function mutated that buffer to populate the encryption key to use. As a result, all encryption was actually to an all-zeros key. This affects encryption only, not signing. FIXME: FILL IN IMPACT ON NATS-SERVER AUTH CALLOUT SECURITY. nkeys Go library 0.4.6, corresponding with NATS Server 2.10.4, has a patch for this issue. No known workarounds are available. For any application handling auth callouts in Go, if using the nkeys library, update the dependency, recompile and deploy that in lockstep. | ||||
| CVE-2023-3676 | 3 Kubernetes, Microsoft, Redhat | 3 Kubernetes, Windows, Openshift | 2025-02-27 | 8.8 High |
| A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes. | ||||
| CVE-2023-1192 | 2 Linux, Redhat | 7 Linux Kernel, Enterprise Linux, Rhel Aus and 4 more | 2025-02-27 | 6.5 Medium |
| A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service. | ||||
| CVE-2023-3397 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-02-27 | 7 High |
| A race condition occurred between the functions lmLogClose and txEnd in JFS, in the Linux Kernel, executed in different threads. This flaw allows a local attacker with normal user privileges to crash the system or leak internal kernel information. | ||||
| CVE-2023-1193 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-02-27 | 6.5 Medium |
| A use-after-free flaw was found in setup_async_work in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. This issue could allow an attacker to crash the system by accessing freed work. | ||||
| CVE-2023-31018 | 8 Canonical, Citrix, Linux and 5 more | 9 Ubuntu Linux, Hypervisor, Linux Kernel and 6 more | 2025-02-27 | 6.5 Medium |
| NVIDIA GPU Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause a NULL-pointer dereference, which may lead to denial of service. | ||||
| CVE-2023-31022 | 8 Canonical, Citrix, Linux and 5 more | 9 Ubuntu Linux, Hypervisor, Linux Kernel and 6 more | 2025-02-27 | 5.5 Medium |
| NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a NULL-pointer dereference may lead to denial of service. | ||||
| CVE-2023-1476 | 2 Linux, Redhat | 6 Linux Kernel, Enterprise Linux, Enterprise Linux Eus and 3 more | 2025-02-27 | 7 High |
| A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code. This issue occurs due to a race condition between rmap walk and mremap, allowing a local user to crash the system or potentially escalate their privileges on the system. | ||||
| CVE-2023-6039 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-02-27 | 5.5 Medium |
| A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel. This flaw allows a local attacker to crash the system when the LAN78XX USB device detaches. | ||||
| CVE-2023-28154 | 2 Redhat, Webpack.js | 2 Enterprise Linux, Webpack | 2025-02-27 | 9.8 Critical |
| Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object. | ||||
| CVE-2024-31419 | 1 Redhat | 1 Container Native Virtualization | 2025-02-27 | 4.3 Medium |
| An information disclosure flaw was found in OpenShift Virtualization. The DownwardMetrics feature was introduced to expose host metrics to virtual machine guests and is enabled by default. This issue could expose limited host metrics of a node to any guest in any namespace without being explicitly enabled by an administrator. | ||||
| CVE-2024-26808 | 1 Redhat | 3 Enterprise Linux, Rhel E4s, Rhel Eus | 2025-02-27 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEV_UNREGISTER event is reported, otherwise a stale reference to netdevice remains in the hook list. | ||||