Latest redhat enterprise linux workstation Vulnerabilities

Fixes in Linux Kernel
F5 F5OS-A=1.7.0>=1.5.0<=1.5.2
F5 F5OS-C>=1.6.0<=1.6.2>=1.5.0<=1.5.1
IBM QRadar SIEM<=7.5 - 7.5.0 UP8 IF01
Linux kernel
Linux Linux kernel>=3.15<5.15.149
Linux Linux kernel>=6.1<6.1.76
and 154 more
Xorg-x11-server: selinux context corruption
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<2:1.20.13-1ubuntu1~20.04.14
ubuntu/xorg-server<2:21.1.4-2ubuntu1.7~22.04.7
ubuntu/xorg-server<2:21.1.7-1ubuntu3.6
ubuntu/xorg-server<2:21.1.7-3ubuntu2.6
ubuntu/xorg-server<2:21.1.11-1ubuntu1
and 25 more
Xorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointer
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<2:1.20.13-1ubuntu1~20.04.14
ubuntu/xorg-server<2:21.1.4-2ubuntu1.7~22.04.7
ubuntu/xorg-server<2:21.1.7-1ubuntu3.6
ubuntu/xorg-server<2:21.1.7-3ubuntu2.6
ubuntu/xorg-server<2:21.1.11-1ubuntu1
and 18 more
Xorg-x11-server: selinux unlabeled glx pbuffer
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<2:1.20.13-1ubuntu1~20.04.14
ubuntu/xorg-server<2:21.1.4-2ubuntu1.7~22.04.7
ubuntu/xorg-server<2:21.1.7-1ubuntu3.6
ubuntu/xorg-server<2:21.1.7-3ubuntu2.6
ubuntu/xorg-server<2:21.1.11-1ubuntu1
and 26 more
Postgresql: buffer overrun from integer overflow in array modification
PostgreSQL PostgreSQL>=11.0<11.22
PostgreSQL PostgreSQL>=12.0<12.17
PostgreSQL PostgreSQL>=13.0<13.13
PostgreSQL PostgreSQL>=14.0<14.10
PostgreSQL PostgreSQL>=15.0<15.5
PostgreSQL PostgreSQL=16.0
and 66 more
Squid: denial of service in http digest authentication
Squid-Cache Squid>=3.2.0.1<6.4
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Redhat Enterprise Linux Eus=8.6
Redhat Enterprise Linux Eus=8.8
Redhat Enterprise Linux Eus=9.0
and 24 more
Xorg-x11-server: out-of-bounds write in xichangedeviceproperty/rrchangeoutputproperty
debian/xorg-server<=2:1.20.4-1+deb10u4<=2:1.20.11-1+deb11u6
debian/xwayland<=2:22.1.9-1
ubuntu/xorg-server<2:1.15.1-0ubuntu2.11+
ubuntu/xorg-server<2:1.18.4-0ubuntu0.12+
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<21.1.9
and 31 more
Ipa: invalid csrf protection
Freeipa Freeipa<4.6.10
Freeipa Freeipa>=4.7.0<4.9.14
Freeipa Freeipa>=4.10.0<4.10.3
Freeipa Freeipa=4.11.0
Freeipa Freeipa=4.11.0-beta1
Fedoraproject Fedora=38
and 54 more
Subscription-manager: inadequate authorization of com.redhat.rhsm1 d-bus interface allows local users to modify configuration
Redhat Subscription-manager<1.28.39
Redhat Subscription-manager>=1.29.0<1.29.37
Fedoraproject Fedora=37
Fedoraproject Fedora=38
Redhat Enterprise Linux Update Services For Sap Solutions=8.1
Redhat Enterprise Linux Update Services For Sap Solutions=8.2
and 60 more
sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
Fedoraproject Sssd>=1.15.3<2.3.1
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Desktop=7.0
Redhat Enterprise Linux For Ibm Z Systems=7.0
Redhat Enterprise Linux For Power Big Endian=7.0
Redhat Enterprise Linux For Power Little Endian=7.0
and 9 more
IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores pla...
Ibm Java Sdk>=5.0.0.0<5.0.16.13
Ibm Java Sdk>=6.0.0.0<6.0.16.7
Ibm Java Sdk>=6.1.0.0<6.1.8.7
Ibm Java Sdk>=7.0.0.0<7.0.9.10
Ibm Java Sdk>=7.1.0.0<7.1.3.10
Ibm Java Sdk>=8.0.0.0<8.0.1.10
and 24 more
The podman packages version podman-1.6.4-32.el7_9 as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 (<a href="https://access.redhat.com/errata/RHSA-2022:2190">https://access.redhat....
Redhat Enterprise Linux Server=7.0
Redhat Enterprise Linux Workstation=7.0
Podman Project Podman=1.6.4-32.el7_9
The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-8945, which was previously fixe...
redhat/podman<0:1.6.4-36.el7_9
Redhat Enterprise Linux Server=7.0
Redhat Enterprise Linux Workstation=7.0
Podman Project Podman=1.6.4-32.el7_9
The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions...
Samba Samba<4.13.17
Samba Samba>=4.14.0<4.14.12
Samba Samba>=4.15.0<4.15.5
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Canonical Ubuntu Linux=14.04
and 36 more
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly,...
Port389 389-ds-base<1.3.10.2
Redhat Enterprise Linux Desktop=7
Redhat Enterprise Linux For Ibm Z Systems=7.0
Redhat Enterprise Linux For Power Big Endian=7.0
Redhat Enterprise Linux For Power Little Endian=7.0
Redhat Enterprise Linux For Scientific Computing=7.0
and 2 more
A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system ...
redhat/kernel-rt<0:3.10.0-1160.59.1.rt56.1200.el7
redhat/kernel<0:3.10.0-1160.59.1.el7
redhat/kernel<0:3.10.0-514.99.1.el7
redhat/kernel<0:3.10.0-693.99.1.el7
redhat/kernel<0:3.10.0-957.92.1.el7
redhat/kernel<0:3.10.0-1062.63.1.el7
and 269 more
Red Hat Polkit Out-of-Bounds Read and Write Vulnerability
redhat/polkit<0:0.96-11.el6_10.2
redhat/polkit<0:0.112-26.el7_9.1
redhat/polkit<0:0.112-12.el7_3.1
redhat/polkit<0:0.112-12.el7_4.2
redhat/polkit<0:0.112-18.el7_6.3
redhat/polkit<0:0.112-22.el7_7.2
and 64 more
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents i...
Samba Samba>=4.0.0<4.13.14
Samba Samba>=4.14.0<4.14.10
Samba Samba>=4.15.0<4.15.2
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=33
and 38 more
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.
Samba Samba>=3.0.0<4.13.14
Samba Samba>=4.14.0<4.14.10
Samba Samba>=4.15.0<4.15.2
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=33
and 59 more
A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.
Samba Samba>=3.0.0<4.13.14
Samba Samba>=4.14.0<4.14.10
Samba Samba>=4.15.0<4.15.2
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=33
and 57 more
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Dom...
redhat/c-ares<1.17.2
redhat/c-ares<0:1.13.0-6.el8
redhat/rh-nodejs14-nodejs<0:14.17.5-1.el7
redhat/rh-nodejs12-nodejs<0:12.22.5-1.el7
redhat/rh-nodejs12-nodejs-nodemon<0:2.0.3-5.el7
>=1.0.0<1.17.2
and 69 more
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nes...
redhat/kernel-rt<0:3.10.0-1160.45.1.rt56.1185.el7
redhat/kernel<0:3.10.0-1160.45.1.el7
redhat/kernel<0:3.10.0-957.84.1.el7
redhat/kernel<0:3.10.0-1062.59.1.el7
redhat/kernel-rt<0:4.18.0-305.25.1.rt7.97.el8_4
redhat/kernel<0:4.18.0-305.25.1.el8_4
and 241 more
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability ...
go/github.com/containers/podman/v3<3.4
go/github.com/containers/psgo/internal/proc<1.7.2
go/github.com/containers/psgo<1.7.2
redhat/podman<0:1.6.4-32.el7_9
redhat/podman<0:1.9.3-5.rhaos4.6.el8
Podman Project Podman<4.0.0
and 41 more
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry (hive) file, which would cause hivex to recursively call the _get_children() function,...
Redhat Hivex<1.3.21
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Workstation=7.0
and 2 more
A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 c...
redhat/grub<2.06
Gnu Grub2<2.06
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Server Aus=7.2
Redhat Enterprise Linux Server Aus=7.3
and 15 more
A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific s...
redhat/grub<2.06
Gnu Grub2<2.06
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Server Aus=7.2
Redhat Enterprise Linux Server Aus=7.3
and 15 more
A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity ...
redhat/grub<2.06
Gnu Grub2<2.06
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Server Aus=7.2
Redhat Enterprise Linux Server Aus=7.3
and 15 more
A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary...
redhat/grub<2.06
Gnu Grub2<2.06
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Server Aus=7.2
Redhat Enterprise Linux Server Aus=7.3
and 15 more
A flaw was found in grub2 in versions prior to 2.06. During USB device initialization, descriptors are read with very little bounds checking and assumes the USB device is providing sane values. If pro...
redhat/grub<2.06
Gnu Grub2<2.06
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Server Aus=7.2
Redhat Enterprise Linux Server Aus=7.3
and 15 more
A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leadi...
redhat/grub<2.06
Gnu Grub2<2.06
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Server Aus=7.2
Redhat Enterprise Linux Server Aus=7.3
and 15 more
WebKitGTK Memory Corruption Vulnerability
redhat/webkitgtk<2.26.0
WebKitGTK WebKitGTK<2.26.0
Wpewebkit Wpe Webkit<2.26.0
Redhat Codeready Linux Builder=8.0
Redhat Codeready Linux Builder Eus=8.4
and 37 more
A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craf...
redhat/grub<2.06
Gnu Grub2<2.06
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Server Aus=7.2
Redhat Enterprise Linux Server Aus=7.3
and 16 more
An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() func...
redhat/chromium-browser<80.0.3987.122
redhat/node<14.3.0
redhat/node<12.17.0
redhat/node<10.21.0
ubuntu/chromium-browser<80.0.3987.149-0ubuntu0.18.04.1
ubuntu/chromium-browser<80.0.3987.122
and 50 more
Google Chromium V8 Type Confusion Vulnerability
redhat/chromium-browser<0:80.0.3987.122-1.el6_10
debian/chromium
Google Chrome<80.0.3987.122
Fedoraproject Fedora=30
Fedoraproject Fedora=31
Redhat Enterprise Linux Desktop=6.0
and 7 more
Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Google Chrome<80.0.3987.116
Fedoraproject Fedora=30
Fedoraproject Fedora=31
Redhat Enterprise Linux Desktop=6.0
Redhat Enterprise Linux Server=6.0
Redhat Enterprise Linux Workstation=6.0
and 4 more
Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
redhat/chromium-browser<0:80.0.3987.122-1.el6_10
Google Chrome<80.0.3987.116
Fedoraproject Fedora=30
Fedoraproject Fedora=31
Redhat Enterprise Linux Desktop=6.0
Redhat Enterprise Linux Server=6.0
and 4 more
Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
<80.0.3987.116
redhat/chromium-browser<0:80.0.3987.122-1.el6_10
redhat/chromium-browser<80.0.3987.116
Google Chrome<80.0.3987.116
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 6 more
Adobe Flash Player versions 32.0.0.321 and earlier, 32.0.0.314 and earlier, 32.0.0.321 and earlier, and 32.0.0.255 and earlier have a type confusion vulnerability. Successful exploitation could lead t...
redhat/flash-plugin<32.0.0.330
Adobe Flash Player<32.0.0.321
Apple macOS
Microsoft Windows
Adobe Flash Player<32.0.0.314
Linux Linux kernel
and 9 more
Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
redhat/chromium-browser<80.0.3987.87
Google Chrome<80.0.3987.87
Fedoraproject Fedora=30
Fedoraproject Fedora=31
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 7 more
Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
redhat/chromium-browser<80.0.3987.87
Google Chrome<80.0.3987.87
Fedoraproject Fedora=30
Fedoraproject Fedora=31
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 7 more
Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
redhat/chromium-browser<80.0.3987.87
Google Chrome<80.0.3987.87
Fedoraproject Fedora=30
Fedoraproject Fedora=31
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 6 more
Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
redhat/chromium-browser<80.0.3987.87
Google Chrome<80.0.3987.87
openSUSE Backports SLE=15.0-sp1
Fedoraproject Fedora=30
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 6 more
Insufficient policy enforcement in CORS in Google Chrome prior to 80.0.3987.87 allowed a local attacker to obtain potentially sensitive information via a crafted HTML page.
redhat/chromium-browser<80.0.3987.87
Google Chrome<80.0.3987.87
openSUSE Backports SLE=15.0-sp1
Fedoraproject Fedora=30
Fedoraproject Fedora=31
Debian Debian Linux=9.0
and 7 more
Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
redhat/chromium-browser<80.0.3987.87
Google Chrome<80.0.3987.87
openSUSE Backports SLE=15.0-sp1
Fedoraproject Fedora=30
Fedoraproject Fedora=31
Debian Debian Linux=9.0
and 7 more
Inappropriate implementation in sharing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security UI via a crafted HTML page.
redhat/chromium-browser<80.0.3987.87
Google Chrome<80.0.3987.87
openSUSE Backports SLE=15.0-sp1
Fedoraproject Fedora=30
Fedoraproject Fedora=31
Debian Debian Linux=9.0
and 7 more
Incorrect implementation in Omnibox in Google Chrome on iOS prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
redhat/chromium-browser<80.0.3987.87
Google Chrome<80.0.3987.87
Apple iPhone OS
openSUSE Backports SLE=15.0-sp1
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 8 more
Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
redhat/chromium-browser<80.0.3987.87
Google Chrome<80.0.3987.87
openSUSE Backports SLE=15.0-sp1
Fedoraproject Fedora=30
Fedoraproject Fedora=31
Debian Debian Linux=9.0
and 7 more
Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a cr...
redhat/chromium-browser<80.0.3987.87
Google Chrome<80.0.3987.87
Apple macOS
openSUSE Backports SLE=15.0-sp1
Fedoraproject Fedora=30
Debian Debian Linux=9.0
and 7 more
Insufficient validation of untrusted input in Blink in Google Chrome prior to 80.0.3987.87 allowed a local attacker to bypass content security policy via a crafted HTML page.
redhat/chromium-browser<80.0.3987.87
Google Chrome<80.0.3987.87
openSUSE Backports SLE=15.0-sp1
Fedoraproject Fedora=30
Fedoraproject Fedora=31
Debian Debian Linux=9.0
and 7 more
Inappropriate implementation in Skia in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
redhat/chromium-browser<80.0.3987.87
Google Chrome<80.0.3987.87
openSUSE Backports SLE=15.0-sp1
Fedoraproject Fedora=30
Fedoraproject Fedora=31
Debian Debian Linux=9.0
and 7 more

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203