Latest Redhat Vulnerabilities

Qemu-kvm: virtio-net: queue index out-of-bounds access in software rss
QEMU qemu
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Openssh: possible remote code execution due to a race condition in signal handling
ubuntu/openssh<1:8.9
ubuntu/openssh<1:9.3
ubuntu/openssh<1:9.6
debian/openssh<=1:9.2p1-2+deb12u2
Openbsd Openssh<4.4
Openbsd Openssh>=8.6<9.8
and 54 more
Poppler: pdfinfo: crash in broken documents when using -dests parameter
redhat/poppler<24.06.0
freedesktop poppler<24.06.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
389-ds-base: unauthenticated user can trigger a dos by sending a specific extended search request
Redhat Directory Server=12.0
Redhat 389 Directory Server
Redhat Enterprise Linux=9.0
Katello: potential cross-site scripting exploit in ui
Katello Project Katello Foreman
Redhat Satellite=6.0
Foreman-installer: candlepin database password being leaked to local users via the process list
Redhat Satellite=6.0
Qemu: net: assertion failure in update_sctp_checksum()
QEMU qemu>=8.1.0<8.2.3
QEMU qemu=9.0.0-rc0
QEMU qemu=9.0.0-rc1
QEMU qemu=9.0.0-rc2
Redhat Enterprise Linux=9.0
Openshift/telemeter: iss check during jwt authentication can be bypassed
=4.0
=2.0
Booth: specially crafted hash can lead to invalid hmac being accepted by booth server
redhat/booth<1.1
Clusterlabs Booth<1.1
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Redhat Enterprise Linux Eus=8.4
and 16 more
In wpa_supplicant, a flaw was discovered in the implementation of PEAP, which allows an attacker to skip the second phase of authentication when the target device has not been properly configured to v...
W1.fi Wpa Supplicant<2.10
Google Android
Google Chrome OS
Linux Linux kernel
Debian Debian Linux=10.0
Fedoraproject Fedora=39
and 2 more
Unbound: disclosure of CVE-2023-50387 and CVE-2023-50868 DNSSEC validation vulnerabilities
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2022
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2022, 23H2 Edition
Microsoft Windows Server 2022
and 60 more
Fixes in Linux Kernel
F5 F5OS-A=1.7.0>=1.5.0<=1.5.2
F5 F5OS-C>=1.6.0<=1.6.2>=1.5.0<=1.5.1
IBM QRadar SIEM<=7.5 - 7.5.0 UP8 IF01
Linux kernel
Linux Linux kernel>=3.15<5.15.149
Linux Linux kernel>=6.1<6.1.76
and 154 more
Opencryptoki: timing side-channel in handling of rsa pkcs#1 v1.5 padded ciphertexts (marvin)
<3.23.0
=8.0
=9.0
Shim: out of bounds read when parsing mz binaries
redhat/shim<15.8
<15.8
=39
=8.0
=9.0
Shim: out-of-bound read in verify_buffer_sbat()
<15.8
=39
=8.0
=9.0
Undertow: directory traversal vulnerability
maven/io.undertow:undertow-core>=2.3.0.Alpha1<2.3.12.Final
maven/io.undertow:undertow-core<2.2.31.Final
Redhat Undertow
Kernel: use-after-free while changing the mount option in __ext4_remount leading
Linux Linux kernel<6.4
Linux Linux kernel=6.4-rc1
Redhat Enterprise Linux=9.0
redhat/Kernel<6.4
ubuntu/linux<4.15.0-223.235
ubuntu/linux<5.4.0-162.179
and 118 more
Ansible-core: possible information leak in tasks that ignore ansible_no_log configuration
pip/ansible-core>=2.15.0<2.15.9
pip/ansible-core>=2.16.0<2.16.3
pip/ansible-core<2.14.14
Redhat Ansible<2.14.4
Redhat Ansible>=2.15.0<2.15.9
Redhat Ansible>=2.16.0<2.16.3
and 13 more
Kernel: potential deadlock on &net->sctp.addr_wq_lock leading to dos
Linux Linux kernel<=6.4.16
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
redhat/Kernel<6.5
ubuntu/linux<4.15.0-224.236
ubuntu/linux<5.4.0-166.183
and 113 more
Kernel: deadlock leading to denial of service in tipc_crypto_key_revoke
Linux Linux kernel<6.6
Linux Linux kernel=6.6-rc1
Linux Linux kernel=6.6-rc2
Linux Linux kernel=6.6-rc3
Linux Linux kernel=6.6-rc4
Redhat Enterprise Linux=8.0
and 109 more
Kernel: nf_tables: pointer math issue in nft_byteorder_eval()
redhat/kernel<6.7
Linux Linux kernel<6.7
Linux Linux kernel=6.7-rc1
Fedoraproject Fedora=39
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
and 130 more
Kernel: max page sharing of kernel samepage merging (ksm) may cause memory deduplication
Linux Linux kernel>=4.4.0-96.119<=5.15.0-58
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Kernel: use-after-free after removing device in wb_inode_writeback_end in mm/page-writeback.c
redhat/kernel<6.0
Linux Linux kernel<6.0
Linux Linux kernel=6.0-rc1
Linux Linux kernel=6.0-rc2
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Gnutls: incomplete fix for cve-2023-5981
redhat/gnutls<3.8.3
debian/gnutls28<=3.6.7-4+deb10u8<=3.7.1-5+deb11u4<=3.7.1-5+deb11u3
ubuntu/gnutls28<3.6.13-2ubuntu1.10
ubuntu/gnutls28<3.7.3-4ubuntu1.4
ubuntu/gnutls28<3.7.8-5ubuntu1.2
ubuntu/gnutls28<3.8.1-4ubuntu1.2
and 18 more
Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root.
Relax-and-recover Relax-and-recover<=2.7
SUSE Linux Enterprise=15.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Fedoraproject Fedora=39
Kernel: blkio memory leakage due to blkcg and some blkgs are not freed after they are made offline.
Linux Linux kernel>=6.2<6.4
Linux Linux kernel=6.4-rc1
Linux Linux kernel=6.4-rc2
Linux Linux kernel=6.4-rc3
Linux Linux kernel=6.4-rc4
Linux Linux kernel=6.4-rc5
and 4 more
Xorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointer
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<2:1.20.13-1ubuntu1~20.04.14
ubuntu/xorg-server<2:21.1.4-2ubuntu1.7~22.04.7
ubuntu/xorg-server<2:21.1.7-1ubuntu3.6
ubuntu/xorg-server<2:21.1.7-3ubuntu2.6
ubuntu/xorg-server<2:21.1.11-1ubuntu1
and 18 more
Xorg-x11-server: selinux context corruption
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<2:1.20.13-1ubuntu1~20.04.14
ubuntu/xorg-server<2:21.1.4-2ubuntu1.7~22.04.7
ubuntu/xorg-server<2:21.1.7-1ubuntu3.6
ubuntu/xorg-server<2:21.1.7-3ubuntu2.6
ubuntu/xorg-server<2:21.1.11-1ubuntu1
and 25 more
Xorg-x11-server: selinux unlabeled glx pbuffer
ubuntu/xorg-server<2:1.19.6-1ubuntu4.15+
ubuntu/xorg-server<2:1.20.13-1ubuntu1~20.04.14
ubuntu/xorg-server<2:21.1.4-2ubuntu1.7~22.04.7
ubuntu/xorg-server<2:21.1.7-1ubuntu3.6
ubuntu/xorg-server<2:21.1.7-3ubuntu2.6
ubuntu/xorg-server<2:21.1.11-1ubuntu1
and 26 more
Grub2: grub2-set-bootflag can be abused by local (pseudo-)users
=8.0
=9.0
=40
Packagekitd: use-after-free in idle function callback
redhat/PackageKit<1.2.7
Packagekit Project Packagekit<1.2.7
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Fedoraproject Fedora=39
Kernel: hugetlbfs: null pointer dereference in hugetlbfs_fill_super function
Linux Linux kernel
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
ubuntu/linux<5.4.0-186.206
ubuntu/linux<5.15.0-112.122
ubuntu/linux<6.5.0-44.44
and 103 more
Kernel: refcount leak in ctnetlink_create_conntrack()
Linux Linux kernel<6.3
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
redhat/Kernel<6.3
IBM QRadar SIEM<=7.5 - 7.5.0 UP8 IF01
ubuntu/linux<4.15.0-222.233
and 123 more
OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist...
Openbsd Openssh
Fedoraproject Fedora=39
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
debian/openssh<=1:7.9p1-10+deb10u2<=1:7.9p1-10+deb10u4<=1:8.4p1-5+deb11u3<=1:9.2p1-2+deb12u2<=1:9.6p1-4<=1:9.7p1-4
F5 Traffix SDC=5.2.0=5.1.0
escription: By exploiting interpretation differences of the SMTP protocol, it is possible to smuggle/send spoofed e-mails - hence SMTP smuggling - while still passing SPF alignment checks. During this...
<8.18.0.2
<11.0
=8.0
=9.0
redhat/sendmail<8.18.0.2
Kernel: netfilter: use-after-free in nft_trans_gc_catchall_sync leads to privilege escalation
ubuntu/linux<5.15.0-92.102
ubuntu/linux<6.5.0-15.15
ubuntu/linux<6.7
ubuntu/linux-aws<5.15.0-1052.57
ubuntu/linux-aws<6.5.0-1012.12
ubuntu/linux-aws<6.7
and 106 more
Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in rec...
debian/postfix<=3.8.2-1<=3.4.23-0+deb10u1<=3.7.6-0+deb12u2<=3.5.18-0+deb11u1
ubuntu/postfix<3.3.0-1ubuntu0.4+
ubuntu/postfix<3.4.13-0ubuntu1.4
ubuntu/postfix<3.6.4-1ubuntu1.3
ubuntu/postfix<3.8.1-2ubuntu0.2
ubuntu/postfix<2.11.0-1ubuntu1.2+
and 15 more
Linux Kernel GSM Multiplexing Race Condition Local Privilege Escalation Vulnerability
Linux kernel
redhat/kernel<6.5
Linux Linux kernel<6.5
Linux Linux kernel=6.5-rc1
Linux Linux kernel=6.5-rc2
Linux Linux kernel=6.5-rc3
and 7 more
Rhdh: catalog-import function leaks credentials to frontend
Redhat Red Hat Developer Hub<1.21.0
Linuxfoundation Backstage<1.21.0
redhat/rhdh<1.21.0
npm/@backstage/backend-app-api<0.5.9-next.1
Keycloak: open redirect via "form_post.jwt" jarm response mode
maven/org.keycloak:keycloak-parent<=23.0.3
Redhat Keycloak
Redhat Single Sign-on=7.0
redhat/keycloak<23.0.4
Libssh: missing checks for return values for digests
ubuntu/libssh<0.8.0~20170825.94
ubuntu/libssh<0.9.3-2ubuntu2.5
ubuntu/libssh<0.9.6-2ubuntu0.22.04.3
ubuntu/libssh<0.10.4-2ubuntu0.3
ubuntu/libssh<0.10.5-3ubuntu1.2
ubuntu/libssh<0.10.6-1
and 10 more
Kernel: null pointer dereference vulnerability in ida_free in lib/idr.c
Linux Linux kernel<6.7
Linux Linux kernel=6.7-rc7
Linux Linux kernel=6.7-rc8
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
ubuntu/linux<6.7~
and 63 more
Qemu: vnc: null pointer dereference in qemu_clipboard_request()
redhat/qemu-kvm<9.0.0
QEMU qemu>=6.1.0<9.0.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Qemu: virtio-net: stack buffer overflow in virtio_net_flush_tx()
QEMU qemu<8.2.1
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Fedoraproject Fedora=39
Python-cryptography: bleichenbacher timing oracle attack against rsa decryption - incomplete fix for cve-2020-25659
Redhat Ansible Automation Platform=2.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Redhat Update Infrastructure=4
Python-cryptography Project Python-cryptography<42.0.0
pip/cryptography<42.0.0
and 10 more
M2crypto: bleichenbacher timing attacks in the rsa decryption api - incomplete fix for cve-2020-25657
pip/m2crypto<=0.40.1
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Redhat Update Infrastructure=4
M2crypto Project M2crypto
Prefix Truncation Attacks in SSH Specification (Terrapin Attack)
Openbsd Openssh<9.6
Putty Putty<0.80
Filezilla-project Filezilla Client<3.66.4
Microsoft PowerShell<=11.1.0
Panic Transmit 5<5.10.4
Apple macOS
and 128 more
Mod_cluster/mod_proxy_cluster: stored cross site scripting
Modcluster Mod Proxy Cluster
Redhat Enterprise Linux=9.0
Kernel: null pointer dereference in nvmet_tcp_build_iovec
IBM QRadar SIEM<=7.5 - 7.5.0 UP8 IF01
ubuntu/linux<6.5.0-41.41
ubuntu/linux<6.8~
ubuntu/linux-aws<6.5.0-1021.21
ubuntu/linux-aws<6.8~
ubuntu/linux-aws-5.15<6.8~
and 103 more
Kernel: null pointer dereference in nvmet_tcp_execute_request
IBM QRadar SIEM<=7.5 - 7.5.0 UP8 IF01
ubuntu/linux<6.5.0-41.41
ubuntu/linux<6.8~
ubuntu/linux-aws<6.5.0-1021.21
ubuntu/linux-aws<6.8~
ubuntu/linux-aws-5.15<6.8~
and 103 more

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203