Lucene search
K
RedhatRecent

114833 matches found

RedHat Linux
RedHat Linux
•added 2026/06/17 7:57 a.m.•8 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.67 security and extras update

Red Hat OpenShift Container Platform release 4.14.67 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a security impact of...

9.1CVSS5.6AI score0.01557EPSS
Exploits1References3
RedHat Linux
RedHat Linux
•added 2026/06/17 7:31 a.m.•4 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS5.4AI score0.00728EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/17 7:31 a.m.•5 views

crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

A flaw was found in the Go standard library packages crypto/x509 and crypto/tls. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being...

7.5CVSS5.3AI score0.00615EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/17 7:31 a.m.•8 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.44 packages and security update

Red Hat OpenShift Container Platform release 4.18.44 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...

7.5CVSS5.5AI score0.00728EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/06/17 6:53 a.m.•7 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS5.8AI score0.00514EPSS
Exploits4References21
RedHat Linux
RedHat Linux
•added 2026/06/17 6:53 a.m.•4 views

kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions

A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...

7.8CVSS5.3AI score0.00353EPSS
Exploits4References7
RedHat Linux
RedHat Linux
•added 2026/06/17 6:53 a.m.•4 views

kernel: netfilter: nf_tables: release flowtable after rcu grace period on error

A flaw was found in the Linux kernel's netfilter component, specifically within the nftables subsystem. An error in releasing a flowtable after an RCU Read-Copy-Update grace period could lead to a use-after-free vulnerability. This issue could expose the flowtable to the packet path and...

7.8CVSS5.8AI score0.00119EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 6:53 a.m.•5 views

kernel: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. A race condition exists in the SCTPSENDALL path where a cached list entry is not properly revalidated after the socket lock is temporarily released. This allows a local attacker or a remote attacker v...

7.8CVSS5.8AI score0.00104EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 6:53 a.m.•5 views

kernel: wifi: mac80211: remove station if connection prep fails

A flaw was found in the Linux kernel's mac80211 Wi-Fi subsystem. When Multi-Link Operation MLO connection preparation fails, the system may not correctly remove the associated station. This can lead to a use-after-free or double-free vulnerability in the debugfs component, potentially causing...

8.8CVSS5.3AI score0.00302EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 6:53 a.m.•6 views

kernel: netfilter: xt_tcpmss: check remaining length before reading optlen

A flaw was found in the Linux kernel, specifically within the netfilter: xttcpmss module. A remote attacker could exploit this vulnerability by sending a specially crafted TCP packet. The TCP option parser does not properly validate the remaining option length, which results in an out-of-bounds...

8.2CVSS5.5AI score0.00463EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 6:53 a.m.•6 views

kernel: netfilter: ctnetlink: ensure safe access to master conntrack

A flaw was found in the netfilter: ctnetlink component of the Linux kernel. This vulnerability occurs due to insufficient locking when accessing the master conntrack object, allowing it to become invalid while still being referenced. A local attacker could potentially exploit this race condition,...

7.8CVSS5.3AI score0.00096EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 6:53 a.m.•5 views

kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackh323 module. This vulnerability occurs in the DecodeQ931 function when processing a zero-length value from a packet. An integer underflow during a length calculation results in a large, incorrect value...

9.1CVSS5.2AI score0.00514EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 6:53 a.m.•5 views

kernel: libceph: replace overzealous BUG_ON in osdmap_apply_incremental()

In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUGON in osdmapapplyincremental If the osdmap is maliciously corrupted such that the incremental osdmap epoch is different from what is expected, there is no need to BUG. Instead, just declare the...

7.5CVSS6.3AI score0.00341EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 6:53 a.m.•5 views

kernel: libceph: make decode_pool() more resilient against corrupted osdmaps

In the Linux kernel, the following vulnerability has been resolved: libceph: make decodepool more resilient against corrupted osdmaps If the osdmap is maliciously corrupted such that the encoded length of cephpgpool envelope is less than what is expected for a particular encoding version,...

7.1CVSS5.5AI score0.00126EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 6:53 a.m.•5 views

kernel: iommu: disable SVA when CONFIG_X86 is set

A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...

7.8CVSS5.7AI score0.00145EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 6:53 a.m.•5 views

kernel: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id

In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys - prevent overflow in asymmetrickeygenerateid Use checkaddoverflow to guard against potential integer overflows when adding the binary blob lengths and the size of an asymmetrickeyid structure and return...

5.7AI score0.00154EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 6:53 a.m.•4 views

kernel: net: use dst_dev_rcu() in sk_setup_caps()

In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps Use RCU to protect accesses to dst-dev from sksetupcaps and skdstgsomaxsize. Also use dstdevrcu in ip6dstmtumaybeforward, and ipdstmtumaybeforward. ip4dsthoplimit can use dstdevnetrcu...

5.4AI score0.0017EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 6:53 a.m.•5 views

kernel: ipv6: use RCU in ip6_output()

A use-after-free flaw was found in ip6finishoutput2 in net/ipv6/ip6output.c in ipv6 access. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...

5.2AI score0.00193EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 6:53 a.m.•5 views

kernel: ipv6: use RCU in ip6_xmit()

A use-after-free flaw was found in ip6autoflowlabel in the Linux kernel's net/ipv6/ip6output.c code. In this flaw an attacker can cause a denial of service DoS attack...

5.3AI score0.00178EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 6:53 a.m.•5 views

kernel: xfs: fix freemap adjustments when adding xattrs to leaf blocks

A flaw was found in the Linux kernel's XFS filesystem. When adding extended attributes xattrs, which are metadata associated with files, to leaf blocks, incorrect adjustments to the freemap can occur. This inconsistency allows the entries array and free space to overlap, leading to an assertion...

8.8CVSS5.3AI score0.00469EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 6:53 a.m.•7 views

kernel: netfilter: ip6t_eui64: reject invalid MAC header for all packets

A flaw was found in the Linux kernel's netfilter component. This vulnerability occurs because the eui64mt6 function, which processes IPv6 packets, does not properly validate the MAC header for all packets. Specifically, packets with a zero fragment offset could bypass an existing guard, allowing...

9.4CVSS5.4AI score0.00337EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 6:53 a.m.•5 views

kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count()

A use-after-free flaw was found in the Linux kernel's iSCSI target subsystem. In the iscsitdecconnusagecount function, complete is called while still holding the conn-connusagelock spinlock. The waiting thread such as iscsitcloseconnection may wake up immediately and free the iscsitconn structure...

7.8CVSS5.3AI score0.00117EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 6:53 a.m.•5 views

kernel: libceph: prevent potential out-of-bounds reads in handle_auth_done()

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handleauthdone Perform an explicit bounds check on payloadlen to avoid a possible out-of-bounds access in the callout. idryomov: changelog...

9.8CVSS7.3AI score0.00351EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 6:53 a.m.•5 views

kernel: mm/page_alloc: clear page->private in free_pages_prepare()

A flaw was found in the Linux kernel's memory management subsystem. When pages are freed, the page-private field is not properly cleared. If these pages are later reallocated as high-order pages and split, the tail pages can retain stale page-private values. This can lead to a use-after-free...

7.8CVSS5.4AI score0.0013EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 6:53 a.m.•11 views

kernel: nbd: defer config unlock in nbd_genl_connect

In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...

5.5AI score0.00165EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 6:49 a.m.•6 views

Important: Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.21.2

The 1.21.2 GA release of Red Hat OpenShift Pipelines Operator.. For more details see product documentation. The 1.21.2 release of Red Hat OpenShift Pipelines Operator...

9.8CVSS5.2AI score0.01557EPSS
Exploits2References6
RedHat Linux
RedHat Linux
•added 2026/06/17 6:46 a.m.•7 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.44 bug fix and security update

Red Hat OpenShift Container Platform release 4.18.44 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...

9.1CVSS5.5AI score0.01557EPSS
Exploits1References4
RedHat Linux
RedHat Linux
•added 2026/06/17 6:9 a.m.•7 views

firefox: thunderbird: Incorrect boundary conditions in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript Engine: JIT component...

6.5CVSS5.2AI score0.00244EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 6:9 a.m.•6 views

firefox: thunderbird: Sandbox escape in the Profile Backup component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape in the Profile Backup component...

9.8CVSS5.2AI score0.00313EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 6:9 a.m.•7 views

firefox: Integer overflow in the Networking: JAR component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the Networking: JAR component...

9.8CVSS5.3AI score0.00605EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 6:9 a.m.•7 views

firefox: Incorrect boundary conditions, integer overflow in the Audio/Video component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Audio/Video component...

7.5CVSS5.3AI score0.00425EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 6:9 a.m.•6 views

firefox: Sandbox escape due to use-after-free in the Disability Access APIs component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to use-after-free in the Disability Access APIs component...

9.6CVSS5.2AI score0.00532EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 6:9 a.m.•6 views

firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video: Web Codecs component...

7.5CVSS5.2AI score0.0056EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 6:9 a.m.•8 views

firefox: Memory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these...

8.8CVSS5.8AI score0.00429EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 6:9 a.m.•7 views

firefox: Memory safety bugs fixed in Firefox ESR 140.11 and Firefox 151

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...

8.8CVSS5.8AI score0.00332EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 6:9 a.m.•8 views

firefox: Privilege escalation in the Enterprise Policies component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Enterprise Policies component...

8.8CVSS5.2AI score0.00386EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 6:9 a.m.•7 views

firefox: Same-origin policy bypass in the Networking: HTTP component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: HTTP component...

9.3CVSS5.2AI score0.00194EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 6:9 a.m.•6 views

firefox: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

8.1CVSS5.2AI score0.00372EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 6:9 a.m.•7 views

firefox: Privilege escalation in the Security component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Security component...

8.8CVSS5.2AI score0.00307EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 6:9 a.m.•5 views

firefox: Spoofing issue in the Form Autofill component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in the Form Autofill component...

6.5CVSS5.2AI score0.00322EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 6:9 a.m.•7 views

firefox: Information disclosure, sandbox escape in the Security: Process Sandboxing component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure, sandbox escape in the Security: Process Sandboxing component...

8.6CVSS5.2AI score0.00344EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 6:9 a.m.•6 views

firefox: thunderbird: Privilege escalation in the DOM: Workers component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the DOM: Workers component...

8.8CVSS5.2AI score0.00386EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 6:9 a.m.•7 views

firefox: thunderbird: Other issue in the JavaScript Engine component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Other issue in the JavaScript Engine component...

5.3CVSS5.2AI score0.00298EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 6:9 a.m.•7 views

firefox: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component...

7.5CVSS5.2AI score0.00413EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 6:9 a.m.•7 views

firefox: thunderbird: Use-after-free in the DOM: Bindings (WebIDL) component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the DOM: Bindings WebIDL component...

7.3CVSS5.2AI score0.00413EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 6:9 a.m.•11 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS5.6AI score0.00605EPSS
Exploits0References19
RedHat Linux
RedHat Linux
•added 2026/06/17 5:59 a.m.•6 views

firefox: thunderbird: Sandbox escape in the Profile Backup component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape in the Profile Backup component...

9.8CVSS5.2AI score0.00313EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 5:59 a.m.•5 views

firefox: thunderbird: Incorrect boundary conditions in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript Engine: JIT component...

6.5CVSS5.2AI score0.00244EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 5:59 a.m.•6 views

firefox: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component...

7.5CVSS5.2AI score0.00413EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/17 5:59 a.m.•6 views

firefox: thunderbird: Privilege escalation in the DOM: Workers component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the DOM: Workers component...

8.8CVSS5.2AI score0.00386EPSS
Exploits0References6
Total number of security vulnerabilities114833