Latest redhat codeready linux builder Vulnerabilities

CVE-2023-5455
Ipa: invalid csrf protection
Freeipa Freeipa<4.6.10
Freeipa Freeipa>=4.7.0<4.9.14
Freeipa Freeipa>=4.10.0<4.10.3
Freeipa Freeipa=4.11.0
Freeipa Freeipa=4.11.0-beta1
Fedoraproject Fedora=38
and 54 more
CVE-2023-5157
Mariadb: node crashes with transport endpoint is not connected mysqld got signal 6
Mariadb Mariadb<10.4.26
Mariadb Mariadb>=10.5.0<10.5.17
Mariadb Mariadb>=10.6.0<10.6.9
Mariadb Mariadb>=10.7.0<10.7.5
Mariadb Mariadb>=10.8.0<10.8.4
Fedoraproject Fedora=38
and 32 more
CVE-2023-4732
Kernel: race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode bug in include/linux/swapops.h
Linux Linux kernel<=5.13.19
Redhat Enterprise Linux=8.0
redhat/Kernel<5.14
Redhat Codeready Linux Builder=8.0
Redhat Codeready Linux Builder For Arm64=8.0_aarch64
Redhat Codeready Linux Builder For Power Little Endian=8.0_ppc64le
and 5 more
CVE-2023-4042
Ghostscript: incomplete fix for cve-2020-16305
redhat/ghostscript<9.51
<9.51
=8.0
=8.0_aarch64
=8.0_s390x
=8.0_ppc64le
and 6 more
CVE-2023-4641
Shadow-utils: possible password leak during passwd(1) change
Shadow-maint Shadow-utils<4.14.0
Redhat Codeready Linux Builder=8.0
Redhat Codeready Linux Builder=9.0
Redhat Codeready Linux Builder For Arm64=8.0_aarch64
Redhat Codeready Linux Builder For Arm64=9.0_aarch64
IBM Cognos Analytics 11.1.x=8.0_s390x
and 20 more
CVE-2023-0179
A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Esc...
Linux Linux kernel>=5.5.0<5.10.164
Linux Linux kernel>=5.11<5.15.89
Linux Linux kernel>=5.16<6.1.7
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=20.04
and 131 more
CVE-2022-1011
A flaw in the Linux Kernel found. If unprivileged users can mount FUSE filesystems, then can trigger use after free (UAF) that reads of write() buffers, allowing theft of (partial) /etc/shadow hashes ...
redhat/kernel-rt<0:4.18.0-372.9.1.rt7.166.el8
redhat/kernel<0:4.18.0-372.9.1.el8
Linux Linux kernel<5.17
Linux Linux kernel=5.17
Linux Linux kernel=5.17-rc1
Linux Linux kernel=5.17-rc2
and 181 more
CVE-2022-0847
Linux Kernel Privilege Escalation Vulnerability
redhat/kernel-rt<0:4.18.0-348.20.1.rt7.150.el8_5
redhat/kernel<0:4.18.0-348.20.1.el8_5
redhat/kernel<0:4.18.0-147.64.1.el8_1
redhat/kernel-rt<0:4.18.0-193.79.1.rt13.129.el8_2
redhat/kernel<0:4.18.0-193.79.1.el8_2
redhat/kernel-rt<0:4.18.0-305.40.2.rt7.113.el8_4
and 183 more
CVE-2021-44142
The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions...
Samba Samba<4.13.17
Samba Samba>=4.14.0<4.14.12
Samba Samba>=4.15.0<4.15.5
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Canonical Ubuntu Linux=14.04
and 36 more
CVE-2022-0492
A vulnerability was found in cgroup_release_agent_write in kernel/cgroup/cgroup-v1.c in the Linux kernel. In this flaw, under certain circumstances, the cgroups v1 release_agent feature can be used t...
redhat/kernel<0:2.6.32-754.47.1.el6
redhat/kernel-rt<0:3.10.0-1160.66.1.rt56.1207.el7
redhat/kernel<0:3.10.0-1160.66.1.el7
redhat/kernel<0:3.10.0-514.101.1.el7
redhat/kernel<0:3.10.0-693.103.1.el7
redhat/kernel<0:3.10.0-957.94.1.el7
and 214 more
CVE-2022-0516
A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obta...
redhat/kernel<0:4.18.0-348.20.1.el8_5
redhat/kernel<0:4.18.0-305.40.1.el8_4
Linux Linux kernel<5.17
Linux Linux kernel=5.17-rc1
Linux Linux kernel=5.17-rc2
Linux Linux kernel=5.17-rc3
and 172 more
CVE-2022-0435
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 ...
redhat/kernel-rt<0:4.18.0-348.20.1.rt7.150.el8_5
redhat/kernel<0:4.18.0-348.20.1.el8_5
redhat/kernel<0:4.18.0-147.65.1.el8_1
redhat/kernel-rt<0:4.18.0-193.80.1.rt13.130.el8_2
redhat/kernel<0:4.18.0-193.80.1.el8_2
redhat/kernel-rt<0:4.18.0-305.40.1.rt7.112.el8_4
and 208 more
CVE-2022-0330
A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system ...
redhat/kernel-rt<0:3.10.0-1160.59.1.rt56.1200.el7
redhat/kernel<0:3.10.0-1160.59.1.el7
redhat/kernel<0:3.10.0-514.99.1.el7
redhat/kernel<0:3.10.0-693.99.1.el7
redhat/kernel<0:3.10.0-957.92.1.el7
redhat/kernel<0:3.10.0-1062.63.1.el7
and 246 more
CVE-2021-3975
A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. T...
Redhat Libvirt<7.1.0
Canonical Ubuntu Linux=21.10
Fedoraproject Fedora=35
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Eus=8.6
Redhat Enterprise Linux For Ibm Z Systems=8.0
and 31 more
CVE-2021-23177
An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user,...
Libarchive Libarchive<3.5.2
Fedoraproject Fedora=35
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Eus=8.6
Redhat Enterprise Linux For Ibm Z Systems=8.0
Redhat Enterprise Linux For Ibm Z Systems Eus=8.6
and 14 more
CVE-2021-31566
An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a mal...
redhat/libarchive<3.5.2
Libarchive Libarchive<3.5.2
Fedoraproject Fedora=35
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Eus=8.6
Redhat Enterprise Linux For Ibm Z Systems=8.0
and 24 more
CVE-2021-3930
An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A...
QEMU qemu<6.2.0
Redhat Codeready Linux Builder=8.0
IBM Cognos Analytics 11.1.x=8.0
Redhat Codeready Linux Builder For Power Little Endian=8.0
Redhat Openstack=10
Redhat Openstack=13
and 15 more
CVE-2020-25717
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.
Samba Samba>=3.0.0<4.13.14
Samba Samba>=4.14.0<4.14.10
Samba Samba>=4.15.0<4.15.2
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=33
and 58 more
CVE-2016-2124
A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.
Samba Samba>=3.0.0<4.13.14
Samba Samba>=4.14.0<4.14.10
Samba Samba>=4.15.0<4.15.2
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=33
and 56 more
CVE-2021-3744
A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This v...
redhat/kernel-rt<0:4.18.0-372.9.1.rt7.166.el8
redhat/kernel<0:4.18.0-372.9.1.el8
Linux Linux kernel<5.15
Linux Linux kernel=5.15
Linux Linux kernel=5.15-rc1
Linux Linux kernel=5.15-rc2
and 157 more
CVE-2021-3733
Python is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the AbstractBasicAuthHandler class in urllib. By persuading a victim to visit a specially-...
redhat/python3<0:3.6.8-39.el8_4
redhat/rh-python38-babel<0:2.7.0-12.el7
redhat/rh-python38-python<0:3.8.11-2.el7
redhat/rh-python38-python-cryptography<0:2.8-5.el7
redhat/rh-python38-python-jinja2<0:2.10.3-6.el7
redhat/rh-python38-python-lxml<0:4.4.1-7.el7
and 48 more
CVE-2021-3697
A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some tri...
debian/grub2
Gnu Grub2>=2.00<2.12
Redhat Developer Tools=1.0
IBM Robotic Process Automation as a Service=3.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=8.1
and 39 more
CVE-2021-3696
A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may...
redhat/grub2<1:2.02-123.el8_6.8
redhat/grub2<1:2.02-87.el8_1.10
redhat/grub2<1:2.02-87.el8_2.10
redhat/grub2<1:2.02-99.el8_4.9
redhat/grub2<1:2.06-27.el9_0.7
Gnu Grub2>=2.00<2.12
and 39 more
CVE-2021-3695
A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and...
redhat/grub2<1:2.02-123.el8_6.8
redhat/grub2<1:2.02-87.el8_1.10
redhat/grub2<1:2.02-87.el8_2.10
redhat/grub2<1:2.02-99.el8_4.9
redhat/grub2<1:2.06-27.el9_0.7
Gnu Grub2>=2.00<2.12
and 40 more
CVE-2021-3737
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite...
redhat/python3<0:3.6.8-45.el8
redhat/python27-python<0:2.7.18-4.el7
Python Python>=3.6.0<3.6.14
Python Python>=3.7.0<3.7.11
Python Python>=3.8.0<3.8.11
Python Python>=3.9.0<3.9.6
and 40 more
CVE-2021-3669
A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.
redhat/kernel-rt<0:4.18.0-372.9.1.rt7.166.el8
redhat/kernel<0:4.18.0-372.9.1.el8
Linux Linux kernel
IBM Spectrum Copy Data Management>=2.2.0.0<=2.2.15.0
IBM Spectrum Protect Plus>=10.1.0<=10.1.10.2
Linux Linux kernel
and 161 more
CVE-2021-3656
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nes...
redhat/kernel-rt<0:3.10.0-1160.45.1.rt56.1185.el7
redhat/kernel<0:3.10.0-1160.45.1.el7
redhat/kernel<0:3.10.0-957.84.1.el7
redhat/kernel<0:3.10.0-1062.59.1.el7
redhat/kernel-rt<0:4.18.0-305.25.1.rt7.97.el8_4
redhat/kernel<0:4.18.0-305.25.1.el8_4
and 209 more
CVE-2021-3659
A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash th...
redhat/kernel-rt<0:4.18.0-348.rt7.130.el8
redhat/kernel<0:4.18.0-348.el8
Linux Linux kernel<5.12
Fedoraproject Fedora=34
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
and 157 more
CVE-2021-20257
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits (tx) descriptors in process_tx_desc if various descriptor fields are initialized wit...
QEMU qemu<6.2.0
Fedoraproject Fedora=33
Redhat Openstack Platform=10.0
Redhat Openstack Platform=13.0
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=8.0
and 16 more
CVE-2020-27842
A flaw was found in OpenJPEG. Specially crafted file can lead to an out-of-bounds read in opj_tgt_reset function in lib/openjp2/tgt.c. Reference: <a href="https://github.com/uclouvain/openjpeg/issues...
Uclouvain Openjpeg<2.4.0
Fedoraproject Extra Packages For Enterprise Linux=7.0
Fedoraproject Fedora=32
Fedoraproject Fedora=33
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 52 more
CVE-2019-8720
WebKitGTK Memory Corruption Vulnerability
redhat/webkitgtk<2.26.0
WebKitGTK WebKitGTK<2.26.0
Wpewebkit Wpe Webkit<2.26.0
Redhat Codeready Linux Builder=8.0
Redhat Codeready Linux Builder Eus=8.4
and 37 more
CVE-2020-14301
An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were saved in the XML dump of the guest domain. This flaw allows ...
Redhat Libvirt>=6.2.0<6.3.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Eus=8.4
Redhat Enterprise Linux For Ibm Z Systems=8.0
Redhat Enterprise Linux For Ibm Z Systems Eus=8.4
Redhat Enterprise Linux For Power Little Endian=8.0
and 13 more
CVE-2019-11135
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
redhat/kernel<0:2.6.32-754.24.2.el6
redhat/kernel<0:2.6.32-431.96.3.el6
redhat/kernel<0:2.6.32-504.81.3.el6
redhat/kernel-rt<0:3.10.0-1062.4.2.rt56.1028.el7
redhat/kernel<0:3.10.0-1062.4.2.el7
redhat/qemu-kvm<10:1.5.3-167.el7_7.4
and 704 more
CVE-2019-3460
A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.
redhat/kernel-rt<0:3.10.0-1062.rt56.1022.el7
redhat/kernel<0:3.10.0-1062.el7
redhat/kernel-alt<0:4.14.0-115.18.1.el7a
redhat/kernel-rt<0:4.18.0-147.rt24.93.el8
redhat/kernel<0:4.18.0-147.el8
Linux Linux kernel<=5.1
and 90 more
CVE-2019-3459
A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.
redhat/kernel-rt<0:3.10.0-1062.rt56.1022.el7
redhat/kernel<0:3.10.0-1062.el7
redhat/kernel-alt<0:4.14.0-115.18.1.el7a
redhat/kernel-rt<0:4.18.0-147.rt24.93.el8
redhat/kernel<0:4.18.0-147.el8
Linux Linux kernel<=5.1
and 93 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203