Latest redhat enterprise linux for power little endian Vulnerabilities

Openssh: regresshion - race condition in ssh allows rce/dos
Microsoft CBL Mariner 2.0 x64
Microsoft CBL Mariner 2.0 ARM
Openbsd Openssh<4.4
Openbsd Openssh>=8.6<9.8
Openbsd Openssh=4.4
Openbsd Openssh=8.5-p1
and 55 more
Fixes in Linux Kernel
F5 F5OS-A=1.7.0>=1.5.0<=1.5.2
F5 F5OS-C>=1.6.0<=1.6.2>=1.5.0<=1.5.1
IBM QRadar SIEM<=7.5 - 7.5.0 UP8 IF01
Linux kernel
Linux Linux kernel>=3.15<5.15.149
Linux Linux kernel>=6.1<6.1.76
and 154 more
Xorg-x11-server: selinux context corruption
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<2:1.20.13-1ubuntu1~20.04.14
ubuntu/xorg-server<2:21.1.4-2ubuntu1.7~22.04.7
ubuntu/xorg-server<2:21.1.7-1ubuntu3.6
ubuntu/xorg-server<2:21.1.7-3ubuntu2.6
ubuntu/xorg-server<2:21.1.11-1ubuntu1
and 25 more
Xorg-x11-server: selinux unlabeled glx pbuffer
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<2:1.20.13-1ubuntu1~20.04.14
ubuntu/xorg-server<2:21.1.4-2ubuntu1.7~22.04.7
ubuntu/xorg-server<2:21.1.7-1ubuntu3.6
ubuntu/xorg-server<2:21.1.7-3ubuntu2.6
ubuntu/xorg-server<2:21.1.11-1ubuntu1
and 26 more
Postgresql: role pg_signal_backend can signal certain superuser processes.
PostgreSQL PostgreSQL>=11.0<11.22
PostgreSQL PostgreSQL>=12.0<12.17
PostgreSQL PostgreSQL>=13.0<13.13
PostgreSQL PostgreSQL>=14.0<14.10
PostgreSQL PostgreSQL>=15.0<15.5
PostgreSQL PostgreSQL=16.0
and 59 more
Postgresql: buffer overrun from integer overflow in array modification
PostgreSQL PostgreSQL>=11.0<11.22
PostgreSQL PostgreSQL>=12.0<12.17
PostgreSQL PostgreSQL>=13.0<13.13
PostgreSQL PostgreSQL>=14.0<14.10
PostgreSQL PostgreSQL>=15.0<15.5
PostgreSQL PostgreSQL=16.0
and 66 more
Postgresql: memory disclosure in aggregate function calls
PostgreSQL PostgreSQL>=11.0<11.22
PostgreSQL PostgreSQL>=12.0<12.17
PostgreSQL PostgreSQL>=13.0<13.13
PostgreSQL PostgreSQL>=14.0<14.10
PostgreSQL PostgreSQL>=15.0<15.5
PostgreSQL PostgreSQL=16.0
and 54 more
Squid: denial of service in http digest authentication
Squid-Cache Squid>=3.2.0.1<6.4
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Redhat Enterprise Linux Eus=8.6
Redhat Enterprise Linux Eus=8.8
Redhat Enterprise Linux Eus=9.0
and 24 more
Squid: request/response smuggling in http/1.1 and icap
Squid-Cache Squid>=2.6<6.4
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Redhat Enterprise Linux Eus=8.6
Redhat Enterprise Linux Eus=8.8
Redhat Enterprise Linux Eus=9.0
and 21 more
Xorg-x11-server: out-of-bounds write in xichangedeviceproperty/rrchangeoutputproperty
debian/xorg-server<=2:1.20.4-1+deb10u4<=2:1.20.11-1+deb11u6
debian/xwayland<=2:22.1.9-1
ubuntu/xorg-server<2:1.15.1-0ubuntu2.11+
ubuntu/xorg-server<2:1.18.4-0ubuntu0.12+
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<21.1.9
and 31 more
Ipa: invalid csrf protection
Freeipa Freeipa<4.6.10
Freeipa Freeipa>=4.7.0<4.9.14
Freeipa Freeipa>=4.10.0<4.10.3
Freeipa Freeipa=4.11.0
Freeipa Freeipa=4.11.0-beta1
Fedoraproject Fedora=38
and 54 more
Samba: "rpcecho" development server allows denial of service via sleep() call on ad dc
Samba Samba>=4.0.0<4.17.12
Samba Samba>=4.18.0<4.18.8
Samba Samba>=4.19.0<4.19.1
Redhat Storage=3.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
and 14 more
Mariadb: node crashes with transport endpoint is not connected mysqld got signal 6
redhat/mariadb<10.3.36
redhat/mariadb<10.4.26
redhat/mariadb<10.5.17
redhat/mariadb<10.6.9
redhat/mariadb<10.7.5
redhat/mariadb<10.8.4
and 40 more
Glibc: potential use-after-free in getaddrinfo()
redhat/glibc<0:2.28-225.el8_8.6
redhat/glibc<0:2.34-60.el9_2.7
GNU glibc=2.33
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
and 33 more
Kernel: race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode bug in include/linux/swapops.h
Linux Linux kernel<=5.13.19
Redhat Enterprise Linux=8.0
Redhat Codeready Linux Builder=8.0
Redhat Codeready Linux Builder For Arm64=8.0_aarch64
Redhat Codeready Linux Builder For Power Little Endian=8.0_ppc64le
Redhat Enterprise Linux For Arm 64=8.0_aarch64
and 6 more
Glibc: stack read overflow in getaddrinfo in no-aaaa mode
debian/glibc<=2.36-9+deb12u2
GNU glibc<2.39
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
ubuntu/glibc<2.37-0ubuntu2.1
ubuntu/glibc<2.38-1ubuntu5
and 35 more
Ghostscript: incomplete fix for cve-2020-16305
Artifex Ghostscript<9.51
Redhat Enterprise Linux=8.0
redhat/ghostscript<9.51
Redhat Codeready Linux Builder=8.0
Redhat Codeready Linux Builder For Arm64=8.0_aarch64
Redhat Codeready Linux Builder For Ibm Z Systems=8.0_s390x
and 4 more
Insights-client: unsafe handling of temporary files and directories
redhat/insights-client<3.2.2
<3.2.2
=7.0
=8.0
=9.0
=8.6
and 46 more
Subscription-manager: inadequate authorization of com.redhat.rhsm1 d-bus interface allows local users to modify configuration
Redhat Subscription-manager<1.28.39
Redhat Subscription-manager>=1.29.0<1.29.37
Fedoraproject Fedora=37
Fedoraproject Fedora=38
Redhat Enterprise Linux Update Services For Sap Solutions=8.1
Redhat Enterprise Linux Update Services For Sap Solutions=8.2
and 60 more
Keylime: challenge-response protocol bypass during agent registration
pip/keylime<7.5.0
Keylime Keylime<7.5.0
Redhat Enterprise Linux=9.0
Redhat Enterprise Linux Eus=9.2
Redhat Enterprise Linux For Ibm Z Systems=9.0_s390x
Redhat Enterprise Linux For Ibm Z Systems Eus=9.2_s390x
and 5 more
Keylime: registrar is subject to a dos against ssl connections
redhat/keylime<7.5.0
Keylime Keylime
Redhat Enterprise Linux=9.0
Fedoraproject Fedora
=9.0
and 8 more
Shadow-utils: possible password leak during passwd(1) change
debian/shadow<=1:4.5-1.1<=1:4.8.1-1<=1:4.13+dfsg1-1
redhat/shadow-utils<4.14.0
ubuntu/shadow<1:4.5-1ubuntu2.5+
ubuntu/shadow<1:4.8.1-1ubuntu5.20.04.5
ubuntu/shadow<1:4.8.1-2ubuntu2.2
ubuntu/shadow<1:4.13+dfsg1-1ubuntu1.1
and 20 more
Kpatch: mm/mremap.c: incomplete fix for cve-2022-41222
redhat/Kernel<5.14
Linux Linux kernel<5.14
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Eus=8.8
Redhat Enterprise Linux For Power Little Endian=8.0_ppc64le
Redhat Enterprise Linux For Power Little Endian Eus=8.8_ppc64le
and 1 more
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write i...
redhat/xorg-server<21.1.7
X.Org X Server<21.1.7
Fedoraproject Fedora=36
Fedoraproject Fedora=37
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=8.1
and 30 more
A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Esc...
Linux Linux kernel>=5.5.0<5.10.164
Linux Linux kernel>=5.11<5.15.89
Linux Linux kernel>=5.16<6.1.7
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=20.04
and 157 more
sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
Fedoraproject Sssd>=1.15.3<2.3.1
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Desktop=7.0
Redhat Enterprise Linux For Ibm Z Systems=7.0
Redhat Enterprise Linux For Power Big Endian=7.0
Redhat Enterprise Linux For Power Little Endian=7.0
and 9 more
A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other a...
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el8
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el9
Redhat Keycloak<20.0.5
Redhat Single Sign-on
Redhat Single Sign-on>=7.6<7.6.2
and 32 more
A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby (Docker Engine), where containers were started incorrectly w...
Podman Project Podman<4.0.3
Redhat Developer Tools=1.0
Redhat Openshift Container Platform=4.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=8.6
Redhat Enterprise Linux Eus=8.4
and 18 more
A flaw in the Linux Kernel found. If unprivileged users can mount FUSE filesystems, then can trigger use after free (UAF) that reads of write() buffers, allowing theft of (partial) /etc/shadow hashes ...
redhat/kernel-rt<0:4.18.0-372.9.1.rt7.166.el8
redhat/kernel<0:4.18.0-372.9.1.el8
redhat/Linux kernel<5.16
Linux Linux kernel<5.17
Linux Linux kernel=5.17
Linux Linux kernel=5.17-rc1
and 209 more
Linux Kernel Privilege Escalation Vulnerability
redhat/kernel-rt<0:4.18.0-348.20.1.rt7.150.el8_5
redhat/kernel<0:4.18.0-348.20.1.el8_5
redhat/kernel<0:4.18.0-147.64.1.el8_1
redhat/kernel-rt<0:4.18.0-193.79.1.rt13.129.el8_2
redhat/kernel<0:4.18.0-193.79.1.el8_2
redhat/kernel-rt<0:4.18.0-305.40.2.rt7.113.el8_4
and 206 more
Glibc: potential use-after-free in gaih_inet()
redhat/glibc<0:2.28-225.el8_8.6
redhat/glibc<0:2.34-60.el9_2.7
GNU glibc<2.36
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Redhat Enterprise Linux Eus=8.8
and 26 more
The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions...
Samba Samba<4.13.17
Samba Samba>=4.14.0<4.14.12
Samba Samba>=4.15.0<4.15.5
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Canonical Ubuntu Linux=14.04
and 36 more
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly,...
Port389 389-ds-base<1.3.10.2
Redhat Enterprise Linux Desktop=7
Redhat Enterprise Linux For Ibm Z Systems=7.0
Redhat Enterprise Linux For Power Big Endian=7.0
Redhat Enterprise Linux For Power Little Endian=7.0
Redhat Enterprise Linux For Scientific Computing=7.0
and 2 more
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file t...
Dogtagpki Dogtagpki>=10.10.0<10.10.6
Fedoraproject Fedora=33
Fedoraproject Fedora=34
Oracle Linux=8
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Eus=8.4
and 7 more
A vulnerability was found in cgroup_release_agent_write in kernel/cgroup/cgroup-v1.c in the Linux kernel. In this flaw, under certain circumstances, the cgroups v1 release_agent feature can be used t...
redhat/kernel<0:2.6.32-754.47.1.el6
redhat/kernel-rt<0:3.10.0-1160.66.1.rt56.1207.el7
redhat/kernel<0:3.10.0-1160.66.1.el7
redhat/kernel<0:3.10.0-514.101.1.el7
redhat/kernel<0:3.10.0-693.103.1.el7
redhat/kernel<0:3.10.0-957.94.1.el7
and 232 more
A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obta...
redhat/kernel<0:4.18.0-348.20.1.el8_5
redhat/kernel<0:4.18.0-305.40.1.el8_4
redhat/kernel<5.17
Linux Linux kernel<5.17
Linux Linux kernel=5.17-rc1
Linux Linux kernel=5.17-rc2
and 195 more
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 ...
redhat/kernel-rt<0:4.18.0-348.20.1.rt7.150.el8_5
redhat/kernel<0:4.18.0-348.20.1.el8_5
redhat/kernel<0:4.18.0-147.65.1.el8_1
redhat/kernel-rt<0:4.18.0-193.80.1.rt13.130.el8_2
redhat/kernel<0:4.18.0-193.80.1.el8_2
redhat/kernel-rt<0:4.18.0-305.40.1.rt7.112.el8_4
and 231 more
A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system ...
redhat/kernel-rt<0:3.10.0-1160.59.1.rt56.1200.el7
redhat/kernel<0:3.10.0-1160.59.1.el7
redhat/kernel<0:3.10.0-514.99.1.el7
redhat/kernel<0:3.10.0-693.99.1.el7
redhat/kernel<0:3.10.0-957.92.1.el7
redhat/kernel<0:3.10.0-1062.63.1.el7
and 269 more
Red Hat Polkit Out-of-Bounds Read and Write Vulnerability
redhat/polkit<0:0.96-11.el6_10.2
redhat/polkit<0:0.112-26.el7_9.1
redhat/polkit<0:0.112-12.el7_3.1
redhat/polkit<0:0.112-12.el7_4.2
redhat/polkit<0:0.112-18.el7_6.3
redhat/polkit<0:0.112-22.el7_7.2
and 64 more
A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. T...
Redhat Libvirt<7.1.0
Canonical Ubuntu Linux=21.10
Fedoraproject Fedora=35
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Eus=8.6
Redhat Enterprise Linux For Ibm Z Systems=8.0
and 32 more
An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user,...
Libarchive Libarchive<3.5.2
Fedoraproject Fedora=35
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Eus=8.6
Redhat Enterprise Linux For Ibm Z Systems=8.0
Redhat Enterprise Linux For Ibm Z Systems Eus=8.6
and 14 more
An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a mal...
redhat/libarchive<3.5.2
Libarchive Libarchive<3.5.2
Fedoraproject Fedora=35
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Eus=8.6
Redhat Enterprise Linux For Ibm Z Systems=8.0
and 24 more
PostgreSQL is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements when the server is configured to use trust authentication with a clientcert requirement or to u...
IBM QRadar SIEM<=7.5.0 GA
IBM QRadar SIEM<=7.4.3 GA - 7.4.3 FP4
IBM QRadar SIEM<=7.3.3 GA - 7.3.3 FP10
redhat/postgresql<9.6.24
redhat/postgresql<10.19
redhat/postgresql<11.14
and 15 more
An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A...
redhat/qemu-kvm<6.2.0
ubuntu/qemu<1:2.11+dfsg-1ubuntu7.39
ubuntu/qemu<1:4.2-3ubuntu6.21
ubuntu/qemu<1:6.0+dfsg-2
ubuntu/qemu<1:6.2+dfsg-2ubuntu5
ubuntu/qemu<1:6.2+dfsg-2ubuntu5
and 15 more
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents i...
Samba Samba>=4.0.0<4.13.14
Samba Samba>=4.14.0<4.14.10
Samba Samba>=4.15.0<4.15.2
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=33
and 38 more
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.
Samba Samba>=3.0.0<4.13.14
Samba Samba>=4.14.0<4.14.10
Samba Samba>=4.15.0<4.15.2
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=33
and 59 more
A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.
Samba Samba>=3.0.0<4.13.14
Samba Samba>=4.14.0<4.14.10
Samba Samba>=4.15.0<4.15.2
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=33
and 57 more
A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The a...
redhat/postgresql<13.4
redhat/postgresql<12.8
redhat/postgresql<11.13
PostgreSQL PostgreSQL>=11.0<11.13
PostgreSQL PostgreSQL>=12.0<12.8
PostgreSQL PostgreSQL>=13.0<13.4
and 7 more
Python is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the AbstractBasicAuthHandler class in urllib. By persuading a victim to visit a specially-...
redhat/python3<0:3.6.8-39.el8_4
redhat/rh-python38-babel<0:2.7.0-12.el7
redhat/rh-python38-python<0:3.8.11-2.el7
redhat/rh-python38-python-cryptography<0:2.8-5.el7
redhat/rh-python38-python-jinja2<0:2.10.3-6.el7
redhat/rh-python38-python-lxml<0:4.4.1-7.el7
and 49 more
A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some tri...
debian/grub2
redhat/grub2<1:2.02-123.el8_6.8
redhat/grub2<1:2.02-87.el8_1.10
redhat/grub2<1:2.02-87.el8_2.10
redhat/grub2<1:2.02-99.el8_4.9
redhat/grub2<1:2.06-27.el9_0.7
and 39 more

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203