Lucene search
K
RedhatRecent

114833 matches found

RedHat Linux
RedHat Linux
•added 2026/06/17 12:5 p.m.•7 views

kernel: libceph: replace overzealous BUG_ON in osdmap_apply_incremental()

In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUGON in osdmapapplyincremental If the osdmap is maliciously corrupted such that the incremental osdmap epoch is different from what is expected, there is no need to BUG. Instead, just declare the...

7.5CVSS5.4AI score0.00341EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 12:5 p.m.•6 views

kernel: libceph: make decode_pool() more resilient against corrupted osdmaps

In the Linux kernel, the following vulnerability has been resolved: libceph: make decodepool more resilient against corrupted osdmaps If the osdmap is maliciously corrupted such that the encoded length of cephpgpool envelope is less than what is expected for a particular encoding version,...

7.1CVSS5.4AI score0.00126EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 12:5 p.m.•9 views

kernel: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrummr: Fix use-after-free when updating multicast route stats Cited commit added a dedicated mutex instead of RTNL to protect the multicast route list, so that it will not change while the driver periodically traverse...

5.6AI score0.00173EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 12:5 p.m.•15 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Syst...

9.8CVSS5.6AI score0.00469EPSS
Exploits4References19
RedHat Linux
RedHat Linux
•added 2026/06/17 12:5 p.m.•7 views

kernel: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. A race condition exists in the SCTPSENDALL path where a cached list entry is not properly revalidated after the socket lock is temporarily released. This allows a local attacker or a remote attacker v...

7.8CVSS5.9AI score0.00104EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 12:5 p.m.•5 views

kernel: wifi: mac80211: remove station if connection prep fails

A flaw was found in the Linux kernel's mac80211 Wi-Fi subsystem. When Multi-Link Operation MLO connection preparation fails, the system may not correctly remove the associated station. This can lead to a use-after-free or double-free vulnerability in the debugfs component, potentially causing...

8.8CVSS5.4AI score0.00302EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 12:5 p.m.•8 views

kernel: md/bitmap: fix GPF in write_page caused by resize race

A flaw was found in the Linux kernel's md/bitmap component. This vulnerability involves a use-after-free race condition that occurs during array resize operations. When the bitmapdaemonwork and bitmapresize functions execute concurrently, they can access memory pages that have already been freed...

4.7CVSS5.5AI score0.00091EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 12:5 p.m.•5 views

kernel: xfs: fix freemap adjustments when adding xattrs to leaf blocks

A flaw was found in the Linux kernel's XFS filesystem. When adding extended attributes xattrs, which are metadata associated with files, to leaf blocks, incorrect adjustments to the freemap can occur. This inconsistency allows the entries array and free space to overlap, leading to an assertion...

8.8CVSS5.4AI score0.00469EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 12:5 p.m.•6 views

kernel: netfilter: ip6t_eui64: reject invalid MAC header for all packets

A flaw was found in the Linux kernel's netfilter component. This vulnerability occurs because the eui64mt6 function, which processes IPv6 packets, does not properly validate the MAC header for all packets. Specifically, packets with a zero fragment offset could bypass an existing guard, allowing...

9.4CVSS5.5AI score0.00337EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 12:5 p.m.•6 views

kernel: netfilter: nf_tables: release flowtable after rcu grace period on error

A flaw was found in the Linux kernel's netfilter component, specifically within the nftables subsystem. An error in releasing a flowtable after an RCU Read-Copy-Update grace period could lead to a use-after-free vulnerability. This issue could expose the flowtable to the packet path and...

7.8CVSS5.9AI score0.00119EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 12:5 p.m.•11 views

kernel: libceph: prevent potential out-of-bounds reads in handle_auth_done()

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handleauthdone Perform an explicit bounds check on payloadlen to avoid a possible out-of-bounds access in the callout. idryomov: changelog...

9.8CVSS5.5AI score0.00351EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 12:5 p.m.•7 views

kernel: iommu: disable SVA when CONFIG_X86 is set

A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...

7.8CVSS5.5AI score0.00145EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 12:5 p.m.•5 views

kernel: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id

In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys - prevent overflow in asymmetrickeygenerateid Use checkaddoverflow to guard against potential integer overflows when adding the binary blob lengths and the size of an asymmetrickeyid structure and return...

5.8AI score0.00154EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 12:5 p.m.•6 views

kernel: nbd: defer config unlock in nbd_genl_connect

In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...

5.5AI score0.00165EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 12:5 p.m.•7 views

kernel: geneve: Fix use-after-free in geneve_find_dev().

A use-after-free vulnerability exists in the Linux kernel. When devnet is dismantled, the geneveexitbatchrtnl function calls unregisternetdevicequeue for each device in the network namespace. Later, when the device is freed, it is still linked to the backend UDP socket in the network namespace...

7.8CVSS5.4AI score0.00227EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 11:59 a.m.•5 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.5AI score0.00558EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 11:59 a.m.•5 views

postgresql: PostgreSQL libpq: Buffer overflow allows server superuser to overwrite client stack memory

A flaw was found in PostgreSQL libpq. A server superuser can exploit a buffer overflow vulnerability in the PQfn function, which is used by client functions such as loexport, loread, lolseek64, and lotell64. This allows the superuser to send an arbitrarily large response, overwriting the client's...

8.8CVSS6.5AI score0.00464EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 11:59 a.m.•5 views

postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

8.8CVSS6AI score0.00668EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 11:59 a.m.•7 views

postgresql: PostgreSQL: Operating system account hijack via symlink following in pg_basebackup and pg_rewind

A flaw was found in PostgreSQL. This vulnerability, related to symlink following in pgbasebackup plain format and pgrewind, allows an origin superuser to overwrite local files. By exploiting this, an attacker could potentially hijack the operating system account. This attack has practical...

8.8CVSS5.7AI score0.00324EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 11:59 a.m.•6 views

Important: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

8.8CVSS5.6AI score0.00668EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 11:38 a.m.•10 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.64 security and extras update

Red Hat OpenShift Container Platform release 4.16.64 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a security impact of...

8.7CVSS5.5AI score0.00656EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/17 11:2 a.m.•8 views

firefox: thunderbird: Sandbox escape in the Profile Backup component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape in the Profile Backup component...

9.8CVSS5.2AI score0.00313EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 11:2 a.m.•5 views

firefox: thunderbird: Incorrect boundary conditions in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript Engine: JIT component...

6.5CVSS5.2AI score0.00244EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 11:2 a.m.•6 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

9.8CVSS5.6AI score0.00605EPSS
Exploits0References19
RedHat Linux
RedHat Linux
•added 2026/06/17 11:2 a.m.•5 views

firefox: Privilege escalation in the Security component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Security component...

8.8CVSS5.2AI score0.00307EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 11:2 a.m.•5 views

firefox: thunderbird: Use-after-free in the DOM: Bindings (WebIDL) component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the DOM: Bindings WebIDL component...

7.3CVSS5.2AI score0.00413EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 11:2 a.m.•4 views

firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video: Web Codecs component...

7.5CVSS5.2AI score0.0056EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 11:2 a.m.•6 views

firefox: Privilege escalation in the Enterprise Policies component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Enterprise Policies component...

8.8CVSS5.2AI score0.00386EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 11:2 a.m.•5 views

firefox: Memory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these...

8.8CVSS5.8AI score0.00429EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 11:2 a.m.•5 views

firefox: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

8.1CVSS5.2AI score0.00372EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 11:2 a.m.•5 views

firefox: Information disclosure, sandbox escape in the Security: Process Sandboxing component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure, sandbox escape in the Security: Process Sandboxing component...

8.6CVSS5.2AI score0.00344EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 11:2 a.m.•6 views

firefox: Integer overflow in the Networking: JAR component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the Networking: JAR component...

9.8CVSS5.3AI score0.00605EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 11:2 a.m.•4 views

firefox: thunderbird: Privilege escalation in the DOM: Workers component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the DOM: Workers component...

8.8CVSS5.2AI score0.00386EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 11:2 a.m.•6 views

firefox: Same-origin policy bypass in the Networking: HTTP component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: HTTP component...

9.3CVSS5.2AI score0.00194EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 11:2 a.m.•5 views

firefox: thunderbird: Other issue in the JavaScript Engine component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Other issue in the JavaScript Engine component...

5.3CVSS5.2AI score0.00298EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 11:2 a.m.•6 views

firefox: Memory safety bugs fixed in Firefox ESR 140.11 and Firefox 151

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...

8.8CVSS5.8AI score0.00332EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 11:2 a.m.•5 views

firefox: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component...

7.5CVSS5.2AI score0.00413EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 11:2 a.m.•5 views

firefox: Sandbox escape due to use-after-free in the Disability Access APIs component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to use-after-free in the Disability Access APIs component...

9.6CVSS5.2AI score0.00532EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 11:2 a.m.•6 views

firefox: Spoofing issue in the Form Autofill component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in the Form Autofill component...

6.5CVSS5.2AI score0.00322EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 11:2 a.m.•6 views

firefox: Incorrect boundary conditions, integer overflow in the Audio/Video component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Audio/Video component...

7.5CVSS5.3AI score0.00425EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 10:54 a.m.•12 views

Important: Red Hat Security Advisory: dracut security update

An update for dracut is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS5.9AI score0.01131EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/17 10:54 a.m.•6 views

dracut: dracut: Root code execution via DHCP options command injection

A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP Dynamic Host Configuration Protocol options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are improperly handled and...

7.5CVSS6AI score0.01131EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/17 10:41 a.m.•7 views

redis: RESTORE invalid memory access may allow remote code execution

A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...

8.8CVSS6AI score0.02995EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 10:41 a.m.•7 views

redis: Remote code execution via use-after-free in Lua scripting

A flaw was found in Redis, an in-memory data structure store. An authenticated attacker can exploit a use-after-free vulnerability in redis-server with Lua scripting. This occurs through the master-replica synchronization mechanism on replicas where replica-read-only is disabled or can be disable...

8.8CVSS5.5AI score0.01782EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 10:41 a.m.•6 views

redis: use-after-free in unblock client flow may allow remote code execution

A flaw was found in Redis. The unblock client flow does not handle an error return from the processCommandAndResetClient when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated attacker can cause a use-after-free issue. This potentially leads to...

8.8CVSS6.1AI score0.01286EPSS
Exploits4References6
RedHat Linux
RedHat Linux
•added 2026/06/17 10:41 a.m.•11 views

Important: Red Hat Security Advisory: valkey security update

An update for valkey is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.8CVSS6.8AI score0.02995EPSS
Exploits4References4
RedHat Linux
RedHat Linux
•added 2026/06/17 10:31 a.m.•6 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

9.8CVSS5.6AI score0.00605EPSS
Exploits0References20
RedHat Linux
RedHat Linux
•added 2026/06/17 10:31 a.m.•5 views

firefox: thunderbird: Incorrect boundary conditions in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript Engine: JIT component...

6.5CVSS5.2AI score0.00244EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 10:31 a.m.•5 views

firefox: thunderbird: Sandbox escape in the Profile Backup component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape in the Profile Backup component...

9.8CVSS5.2AI score0.00313EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 10:31 a.m.•7 views

firefox: Memory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these...

8.8CVSS5.8AI score0.00429EPSS
Exploits0References6
Total number of security vulnerabilities114833