Latest redhat enterprise linux eus Vulnerabilities

CVE-2023-6356
Kernel: null pointer dereference in nvmet_tcp_build_iovec
=8.6
=9.2
=8.6_ppc64le
=9.2_ppc64le
=8.6_aarch64
and 21 more
CVE-2023-6535
Kernel: null pointer dereference in nvmet_tcp_execute_request
=8.6
=9.2
=8.6_ppc64le
=9.2_ppc64le
=8.6_aarch64
and 21 more
CVE-2023-6478
Xorg-x11-server: out-of-bounds memory read in rrchangeoutputproperty and rrchangeproviderproperty
redhat/xorg-server<21.1.10
redhat/xwayland<23.2.3
ubuntu/xorg-server<2:1.18.4-0ubuntu0.12+
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<21.1.10
ubuntu/xorg-server<2:1.20.13-1ubuntu1~20.04.12
and 26 more
CVE-2023-6377
Xorg-x11-server: out-of-bounds memory reads/writes in xkb button actions
Redhat Enterprise Linux Eus=9.2
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Debian Debian Linux=12.0
X.Org X Server<21.1.10
Redhat Enterprise Linux=6.0
and 26 more
CVE-2023-5870
Postgresql: role pg_signal_backend can signal certain superuser processes.
ubuntu/postgresql-14<14.10-0ubuntu0.22.04.1
ubuntu/postgresql-14<14.10
ubuntu/postgresql-12<12.17-0ubuntu0.20.04.1
ubuntu/postgresql-12<12.17
ubuntu/postgresql-10<10.23-0ubuntu0.18.04.2+
ubuntu/postgresql-9.5<9.5.25-0ubuntu0.16.04.1+
and 56 more
CVE-2023-5869
Postgresql: buffer overrun from integer overflow in array modification
ubuntu/postgresql-14<14.10
ubuntu/postgresql-14<14.10-0ubuntu0.22.04.1
ubuntu/postgresql-12<12.17-0ubuntu0.20.04.1
ubuntu/postgresql-12<12.17
ubuntu/postgresql-10<10.23-0ubuntu0.18.04.2+
ubuntu/postgresql-9.5<9.5.25-0ubuntu0.16.04.1+
and 63 more
CVE-2023-5868
Postgresql: memory disclosure in aggregate function calls
ubuntu/postgresql-14<14.10-0ubuntu0.22.04.1
ubuntu/postgresql-14<14.10
ubuntu/postgresql-12<12.17-0ubuntu0.20.04.1
ubuntu/postgresql-12<12.17
ubuntu/postgresql-10<10.23-0ubuntu0.18.04.2+
ubuntu/postgresql-15<15.5
and 55 more
CVE-2023-46848
Squid: denial of service in ftp
Squid-Cache Squid>=5.0.3<6.4
Redhat Enterprise Linux=9.0
Redhat Enterprise Linux Eus=9.2
Redhat Enterprise Linux Server Aus=9.2
Redhat Enterprise Linux Server Tus=9.2
redhat/squid<6.4
and 5 more
CVE-2023-46847
Squid: denial of service in http digest authentication
Squid-Cache Squid>=3.2.0.1<6.4
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Redhat Enterprise Linux Eus=8.6
Redhat Enterprise Linux Eus=8.8
Redhat Enterprise Linux Eus=9.0
and 24 more
CVE-2023-46846
Squid: request/response smuggling in http/1.1 and icap
Squid-Cache Squid>=2.6<6.4
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Redhat Enterprise Linux Eus=8.6
Redhat Enterprise Linux Eus=8.8
Redhat Enterprise Linux Eus=9.0
and 20 more
CVE-2023-5455
Ipa: invalid csrf protection
Freeipa Freeipa<4.6.10
Freeipa Freeipa>=4.7.0<4.9.14
Freeipa Freeipa>=4.10.0<4.10.3
Freeipa Freeipa=4.11.0
Freeipa Freeipa=4.11.0-beta1
Fedoraproject Fedora=38
and 54 more
CVE-2023-42669
Samba: "rpcecho" development server allows denial of service via sleep() call on ad dc
Samba Samba>=4.0.0<4.17.12
Samba Samba>=4.18.0<4.18.8
Samba Samba>=4.19.0<4.19.1
Redhat Storage=3.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
and 13 more
CVE-2023-3961
Samba: smbd allows client access to unix domain sockets on the file system as root
redhat/samba<4.19.1
redhat/samba<4.18.8
redhat/samba<4.17.12
<4.17.12
>=4.18.0<4.18.8
>=4.19.0<4.19.1
and 4 more
CVE-2023-4091
Samba: smb clients can truncate files with read-only permissions
Samba Samba<4.17.12
Samba Samba>=4.18.0<4.18.8
Samba Samba>=4.19.0<4.19.1
Fedoraproject Fedora=39
Redhat Storage=3.0
Redhat Enterprise Linux=8.0
and 9 more
CVE-2023-5157
Mariadb: node crashes with transport endpoint is not connected mysqld got signal 6
Mariadb Mariadb<10.4.26
Mariadb Mariadb>=10.5.0<10.5.17
Mariadb Mariadb>=10.6.0<10.6.9
Mariadb Mariadb>=10.7.0<10.7.5
Mariadb Mariadb>=10.8.0<10.8.4
Fedoraproject Fedora=38
and 32 more
CVE-2023-4911
GNU C Library Buffer Overflow Vulnerability
GNU glibc
Fedoraproject Fedora=37
Fedoraproject Fedora=38
Fedoraproject Fedora=39
Redhat Virtualization=4.0
Redhat Enterprise Linux=8.0
and 21 more
CVE-2023-4806
Glibc: potential use-after-free in getaddrinfo()
redhat/glibc<0:2.28-225.el8_8.6
redhat/glibc<0:2.34-60.el9_2.7
GNU glibc=2.33
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
and 32 more
CVE-2023-4527
Glibc: stack read overflow in getaddrinfo in no-aaaa mode
ubuntu/glibc<2.37-0ubuntu2.1
ubuntu/glibc<2.38-1ubuntu5
<2.39
=9.2
=9.0_ppc64le
=9.2_ppc64le
and 63 more
CVE-2023-3972
Insights-client: unsafe handling of temporary files and directories
redhat/insights-client<3.2.2
Redhat Insights-client<3.2.2
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Redhat Enterprise Linux Aus=8.6
and 46 more
CVE-2023-3899
Subscription-manager: inadequate authorization of com.redhat.rhsm1 d-bus interface allows local users to modify configuration
IBM QRadar SIEM<=7.5 - 7.5.0 UP7
Redhat Subscription-manager<1.28.39
Redhat Subscription-manager>=1.29.0<1.29.37
Fedoraproject Fedora=37
Fedoraproject Fedora=38
Redhat Enterprise Linux=8.0
and 58 more
CVE-2023-4147
Kernel: netfilter: nf_tables_newrule when adding a rule with nfta_rule_chain_id leads to use-after-free
redhat/Kernel<6.5
Linux Linux kernel<6.5
Linux Linux kernel=6.5-rc1
Linux Linux kernel=6.5-rc2
Linux Linux kernel=6.5-rc3
Fedoraproject Fedora=38
and 10 more
CVE-2023-38201
Challenge-response protocol bypass during agent registration
pip/keylime<7.5.0
Keylime Keylime<7.5.0
Redhat Enterprise Linux=9.0
Redhat Enterprise Linux Eus=9.2
Redhat Enterprise Linux For Ibm Z Systems=9.0_s390x
Redhat Enterprise Linux For Ibm Z Systems Eus=9.2_s390x
and 5 more
CVE-2023-38200
Registrar is subject to a dos against ssl connections
redhat/keylime<7.5.0
Keylime Keylime
Redhat Enterprise Linux=9.0
Fedoraproject Fedora
=9.0
and 8 more
CVE-2023-2491
A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the "org-babel-execute:latex" function in ob-latex.el can result in arbitrary command execution. This CVE e...
GNU Emacs=26.1-9.el8
GNU Emacs=27.2-8.el9
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Redhat Enterprise Linux Eus=8.8
Redhat Enterprise Linux Eus=9.2
and 3 more
CVE-2023-2203
The WebKitGTK flaw <a href="https://access.redhat.com/security/cve/CVE-2023-28205">CVE-2023-28205</a> (<a class="bz_bug_link bz_status_CLOSED bz_closed ...
Webkitgtk Webkit2gtk3=2.38.5-1.el8
Webkitgtk Webkit2gtk3=2.38.5-1.el9
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Redhat Enterprise Linux Eus=8.8
Redhat Enterprise Linux Eus=9.2
and 3 more
CVE-2023-1476
Incomplete fix for cve-2022-41222
redhat/Kernel<5.14
Linux Linux kernel<5.14
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Eus=8.8
Redhat Enterprise Linux For Power Little Endian=8.0_ppc64le
Redhat Enterprise Linux For Power Little Endian Eus=8.8_ppc64le
and 1 more
CVE-2023-0494
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write i...
redhat/xorg-server<21.1.7
X.Org X Server<21.1.7
Fedoraproject Fedora=36
Fedoraproject Fedora=37
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=8.1
and 30 more
CVE-2022-3100
A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API.
OpenStack Barbican
Redhat Openstack=13
Redhat Openstack=16.1
Redhat Openstack=16.2
Redhat Openstack=17
Redhat Openstack For Ibm Power=13
and 4 more
CVE-2023-0179
A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Esc...
Linux Linux kernel>=5.5.0<5.10.164
Linux Linux kernel>=5.11<5.15.89
Linux Linux kernel>=5.16<6.1.7
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=20.04
and 131 more
CVE-2015-1931
IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores pla...
Ibm Java Sdk>=5.0.0.0<5.0.16.13
Ibm Java Sdk>=6.0.0.0<6.0.16.7
Ibm Java Sdk>=6.1.0.0<6.1.8.7
Ibm Java Sdk>=7.0.0.0<7.0.9.10
Ibm Java Sdk>=7.1.0.0<7.1.3.10
Ibm Java Sdk>=8.0.0.0<8.0.1.10
and 24 more
CVE-2022-2601
A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for ...
Gnu Grub2<=2.06
Fedoraproject Fedora=37
Redhat Enterprise Linux Eus=9.0
Redhat Enterprise Linux For Power Little Endian Eus=9.0
Redhat Enterprise Linux Server Aus=8.2
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions=8.1
and 7 more
CVE-2022-27649
A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby (Docker Engine), where containers were started incorrectly w...
Podman Project Podman<4.0.3
Redhat Developer Tools=1.0
Redhat Openshift Container Platform=4.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=8.6
Redhat Enterprise Linux Eus=8.4
and 18 more
CVE-2022-1011
A flaw in the Linux Kernel found. If unprivileged users can mount FUSE filesystems, then can trigger use after free (UAF) that reads of write() buffers, allowing theft of (partial) /etc/shadow hashes ...
redhat/kernel-rt<0:4.18.0-372.9.1.rt7.166.el8
redhat/kernel<0:4.18.0-372.9.1.el8
Linux Linux kernel<5.17
Linux Linux kernel=5.17
Linux Linux kernel=5.17-rc1
Linux Linux kernel=5.17-rc2
and 181 more
CVE-2022-0847
Linux Kernel Privilege Escalation Vulnerability
redhat/kernel-rt<0:4.18.0-348.20.1.rt7.150.el8_5
redhat/kernel<0:4.18.0-348.20.1.el8_5
redhat/kernel<0:4.18.0-147.64.1.el8_1
redhat/kernel-rt<0:4.18.0-193.79.1.rt13.129.el8_2
redhat/kernel<0:4.18.0-193.79.1.el8_2
redhat/kernel-rt<0:4.18.0-305.40.2.rt7.113.el8_4
and 183 more
CVE-2023-4813
Glibc: potential use-after-free in gaih_inet()
redhat/glibc<0:2.28-225.el8_8.6
redhat/glibc<0:2.34-60.el9_2.7
GNU glibc<2.36
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Redhat Enterprise Linux Eus=8.8
and 26 more
CVE-2021-44142
The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions...
Samba Samba<4.13.17
Samba Samba>=4.14.0<4.14.12
Samba Samba>=4.15.0<4.15.5
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Canonical Ubuntu Linux=14.04
and 36 more
CVE-2021-3551
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file t...
Dogtagpki Dogtagpki>=10.10.0<10.10.6
Fedoraproject Fedora=33
Fedoraproject Fedora=34
Oracle Linux=8
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Eus=8.4
and 7 more
CVE-2022-0492
A vulnerability was found in cgroup_release_agent_write in kernel/cgroup/cgroup-v1.c in the Linux kernel. In this flaw, under certain circumstances, the cgroups v1 release_agent feature can be used t...
redhat/kernel<0:2.6.32-754.47.1.el6
redhat/kernel-rt<0:3.10.0-1160.66.1.rt56.1207.el7
redhat/kernel<0:3.10.0-1160.66.1.el7
redhat/kernel<0:3.10.0-514.101.1.el7
redhat/kernel<0:3.10.0-693.103.1.el7
redhat/kernel<0:3.10.0-957.94.1.el7
and 214 more
CVE-2022-0516
A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obta...
redhat/kernel<0:4.18.0-348.20.1.el8_5
redhat/kernel<0:4.18.0-305.40.1.el8_4
Linux Linux kernel<5.17
Linux Linux kernel=5.17-rc1
Linux Linux kernel=5.17-rc2
Linux Linux kernel=5.17-rc3
and 172 more
CVE-2022-0435
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 ...
redhat/kernel-rt<0:4.18.0-348.20.1.rt7.150.el8_5
redhat/kernel<0:4.18.0-348.20.1.el8_5
redhat/kernel<0:4.18.0-147.65.1.el8_1
redhat/kernel-rt<0:4.18.0-193.80.1.rt13.130.el8_2
redhat/kernel<0:4.18.0-193.80.1.el8_2
redhat/kernel-rt<0:4.18.0-305.40.1.rt7.112.el8_4
and 208 more
CVE-2022-0330
A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system ...
redhat/kernel-rt<0:3.10.0-1160.59.1.rt56.1200.el7
redhat/kernel<0:3.10.0-1160.59.1.el7
redhat/kernel<0:3.10.0-514.99.1.el7
redhat/kernel<0:3.10.0-693.99.1.el7
redhat/kernel<0:3.10.0-957.92.1.el7
redhat/kernel<0:3.10.0-1062.63.1.el7
and 246 more
CVE-2021-4034
Red Hat Polkit Out-of-Bounds Read and Write Vulnerability
Red Hat Polkit
redhat/polkit<0:0.96-11.el6_10.2
redhat/polkit<0:0.112-26.el7_9.1
redhat/polkit<0:0.112-12.el7_3.1
redhat/polkit<0:0.112-12.el7_4.2
redhat/polkit<0:0.112-18.el7_6.3
and 62 more
CVE-2021-3975
A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. T...
Redhat Libvirt<7.1.0
Canonical Ubuntu Linux=21.10
Fedoraproject Fedora=35
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Eus=8.6
Redhat Enterprise Linux For Ibm Z Systems=8.0
and 31 more
CVE-2021-23177
An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user,...
Libarchive Libarchive<3.5.2
Fedoraproject Fedora=35
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Eus=8.6
Redhat Enterprise Linux For Ibm Z Systems=8.0
Redhat Enterprise Linux For Ibm Z Systems Eus=8.6
and 14 more
CVE-2021-31566
An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a mal...
redhat/libarchive<3.5.2
Libarchive Libarchive<3.5.2
Fedoraproject Fedora=35
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Eus=8.6
Redhat Enterprise Linux For Ibm Z Systems=8.0
and 24 more
CVE-2020-25719
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents i...
Samba Samba>=4.0.0<4.13.14
Samba Samba>=4.14.0<4.14.10
Samba Samba>=4.15.0<4.15.2
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=33
and 38 more
CVE-2020-25717
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.
Samba Samba>=3.0.0<4.13.14
Samba Samba>=4.14.0<4.14.10
Samba Samba>=4.15.0<4.15.2
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=33
and 58 more
CVE-2016-2124
A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.
Samba Samba>=3.0.0<4.13.14
Samba Samba>=4.14.0<4.14.10
Samba Samba>=4.15.0<4.15.2
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=33
and 56 more
CVE-2021-20316
A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of th...
Samba Samba<4.15.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Redhat Virtualization Host=4.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Aus=8.6
and 6 more
CVE-2021-3744
A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This v...
redhat/kernel-rt<0:4.18.0-372.9.1.rt7.166.el8
redhat/kernel<0:4.18.0-372.9.1.el8
Linux Linux kernel<5.15
Linux Linux kernel=5.15
Linux Linux kernel=5.15-rc1
Linux Linux kernel=5.15-rc2
and 157 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203