Lucene search
K
RedhatRecent

114833 matches found

RedHat Linux
RedHat Linux
•added 2026/06/11 9:38 a.m.•14 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.21.19 bug fix and security update

Red Hat OpenShift Container Platform release 4.21.19 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.21. Red Hat Product Security has rated this update as having a...

8.8CVSS5.9AI score0.03663EPSS
Exploits18References2
RedHat Linux
RedHat Linux
•added 2026/06/11 9:35 a.m.•14 views

Important: Red Hat Security Advisory: bind9.18 security update

An update for bind9.18 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/11 9:35 a.m.•11 views

bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone

A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/11 9:2 a.m.•7 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.21.19 bug fix and security update

Red Hat OpenShift Container Platform release 4.21.19 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.21. Red Hat Product Security has rated this update as having a...

9.1CVSS7.5AI score0.01557EPSS
Exploits1References4
RedHat Linux
RedHat Linux
•added 2026/06/11 8:51 a.m.•11 views

Important: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS8AI score0.01545EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/11 8:51 a.m.•6 views

bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone

A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users...

7.5CVSS7.9AI score0.01545EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/11 7:54 a.m.•10 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.65 bug fix and security update

Red Hat OpenShift Container Platform release 4.15.65 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...

8.8CVSS6.1AI score0.93235EPSS
Exploits50References8
RedHat Linux
RedHat Linux
•added 2026/06/11 7:53 a.m.•10 views

kernel: Linux kernel: Denial of Service in erofs filesystem

A flaw was found in the Linux kernel's erofs filesystem. A remote attacker can exploit this vulnerability without requiring any privileges. This issue occurs when insufficient memory during a memory mapping operation vmmapram in the bio completion path leads to a deadlock, causing a Denial of...

7.5CVSS5.5AI score0.00378EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/11 7:53 a.m.•6 views

kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service

A flaw was found in the Linux kernel's bonding driver. A local attacker with low privileges could exploit a use-after-free vulnerability in the bondxmitbroadcast function. This occurs due to a race condition during concurrent slave enslave/release operations, which can lead to the original socket...

7.8CVSS5.6AI score0.00124EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/11 7:53 a.m.•9 views

kernel: selinux: fix overlayfs mmap() and mprotect() access checks

A flaw was found in the Linux kernel's SELinux security module when handling overlayfs. The existing security model for overlayfs does not properly enforce access controls for mmap and mprotect operations. This oversight could allow a local attacker to bypass intended security policies, potential...

7.1CVSS5.4AI score0.00115EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/11 7:53 a.m.•9 views

kernel: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows

A flaw was found in the Linux kernel. A local attacker can exploit an out-of-bounds write vulnerability when the kernel recomputes an IPv6 Source Routing Header SRH. This issue occurs because insufficient headroom is reserved during the recompression process, leading to memory corruption...

9.8CVSS5.8AI score0.00475EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/11 7:53 a.m.•6 views

kernel: can: raw: fix ro->uniq use-after-free in raw_rcv()

A flaw was found in the Linux kernel's Controller Area Network CAN raw socket implementation. A use-after-free vulnerability can occur due to a timing window during the unregistration of CAN receive filters, allowing a freed memory region to be accessed. This could lead to system instability or a...

7.8CVSS5.4AI score0.00124EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/11 7:53 a.m.•18 views

Critical: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

9.8CVSS5.4AI score0.00563EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/11 7:53 a.m.•8 views

kernel: ALSA: 6fire: fix use-after-free on disconnect

A flaw was found in the Linux kernel's ALSA 6fire USB audio device driver. During the disconnection process of a 6fire USB audio device, a use-after-free vulnerability occurs. This happens when the system attempts to write to memory that has already been deallocated, which can lead to memory...

7.8CVSS5.5AI score0.00128EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/11 7:53 a.m.•5 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

9.8CVSS6.4AI score0.00563EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/11 7:31 a.m.•10 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.65 bug fix and security update

Red Hat OpenShift Container Platform release 4.15.65 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...

9.1CVSS6.5AI score0.01557EPSS
Exploits2References3
RedHat Linux
RedHat Linux
•added 2026/06/11 6:43 a.m.•8 views

libsndfile: integer overflow in ima_reader_init()

A flaw was found in the libsndfile library. An integer overflow in the IMA ADPCM codec can occur when a specially crafted WAV audio file is processed, specifically with malicious samplesperblock and blocks values. This can lead to a heap-based buffer overflow, causing a crash to the application...

7.5CVSS5.6AI score0.00504EPSS
Exploits1References6
RedHat Linux
RedHat Linux
•added 2026/06/11 6:43 a.m.•9 views

Important: Red Hat Security Advisory: libsndfile security update

An update for libsndfile is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

7.5CVSS5.5AI score0.00504EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/06/11 6:43 a.m.•8 views

libsndfile: integer overflow in ima_reader_init()

A flaw was found in the libsndfile library. An integer overflow in the IMA ADPCM codec can occur when a specially crafted WAV audio file is processed, specifically with malicious samplesperblock and blocks values. This can lead to a heap-based buffer overflow, causing a crash to the application...

7.5CVSS5.6AI score0.00504EPSS
Exploits1References6
RedHat Linux
RedHat Linux
•added 2026/06/11 6:43 a.m.•8 views

Important: Red Hat Security Advisory: libsndfile security update

An update for libsndfile is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

7.5CVSS5.5AI score0.00504EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/06/11 6:28 a.m.•10 views

rsync: Rsync: Use-after-free vulnerability in extended attribute handling

A flaw was found in rsync. When rsync is configured to handle extended attributes using the -X or --xattrs option, a remote attacker can exploit a use-after-free vulnerability. This occurs because the receivexattr function incorrectly processes an untrusted length value during a sorting operation...

7.8CVSS5.8AI score0.00393EPSS
Exploits1References7
RedHat Linux
RedHat Linux
•added 2026/06/11 6:28 a.m.•12 views

Important: Red Hat Security Advisory: rsync security update

An update for rsync is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

7.8CVSS5.5AI score0.00393EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/06/11 6:6 a.m.•15 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.65 security and extras update

Red Hat OpenShift Container Platform release 4.15.65 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a security impact of...

9.1CVSS6.7AI score0.01557EPSS
Exploits1References3
RedHat Linux
RedHat Linux
•added 2026/06/11 2:46 a.m.•7 views

rsync: Rsync: Use-after-free vulnerability in extended attribute handling

A flaw was found in rsync. When rsync is configured to handle extended attributes using the -X or --xattrs option, a remote attacker can exploit a use-after-free vulnerability. This occurs because the receivexattr function incorrectly processes an untrusted length value during a sorting operation...

7.8CVSS5.8AI score0.00393EPSS
Exploits1References7
RedHat Linux
RedHat Linux
•added 2026/06/11 2:46 a.m.•9 views

Important: Red Hat Security Advisory: rsync security update

An update for rsync is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.8CVSS5.5AI score0.00393EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/06/11 2:23 a.m.•8 views

rsync: Rsync: Use-after-free vulnerability in extended attribute handling

A flaw was found in rsync. When rsync is configured to handle extended attributes using the -X or --xattrs option, a remote attacker can exploit a use-after-free vulnerability. This occurs because the receivexattr function incorrectly processes an untrusted length value during a sorting operation...

7.8CVSS5.8AI score0.00393EPSS
Exploits1References7
RedHat Linux
RedHat Linux
•added 2026/06/11 2:23 a.m.•7 views

Important: Red Hat Security Advisory: rsync security update

An update for rsync is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.8CVSS5.5AI score0.00393EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/06/11 1:43 a.m.•9 views

Important: Red Hat Security Advisory: bind9.16 security update

An update for bind9.16 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

7.5CVSS8AI score0.01545EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/11 1:43 a.m.•6 views

bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone

A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users...

7.5CVSS7.9AI score0.01545EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/11 1:41 a.m.•6 views

rsync: Rsync: Use-after-free vulnerability in extended attribute handling

A flaw was found in rsync. When rsync is configured to handle extended attributes using the -X or --xattrs option, a remote attacker can exploit a use-after-free vulnerability. This occurs because the receivexattr function incorrectly processes an untrusted length value during a sorting operation...

7.8CVSS5.8AI score0.00393EPSS
Exploits1References7
RedHat Linux
RedHat Linux
•added 2026/06/11 1:41 a.m.•8 views

Important: Red Hat Security Advisory: rsync security update

An update for rsync is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

7.8CVSS5.5AI score0.00393EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/06/11 12:23 a.m.•8 views

Important: Red Hat Security Advisory: rsync security update

An update for rsync is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Syste...

7.8CVSS5.5AI score0.00393EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/06/11 12:23 a.m.•6 views

rsync: Rsync: Use-after-free vulnerability in extended attribute handling

A flaw was found in rsync. When rsync is configured to handle extended attributes using the -X or --xattrs option, a remote attacker can exploit a use-after-free vulnerability. This occurs because the receivexattr function incorrectly processes an untrusted length value during a sorting operation...

7.8CVSS5.8AI score0.00393EPSS
Exploits1References7
RedHat Linux
RedHat Linux
•added 2026/06/10 11:13 p.m.•4 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: mariadb10.11: mariadb10.11-10.11.18-1.hum1 aarch64, x8664 mariadb10.11-backup-10.11.18-1.hum1 aarch64, x8664 mariadb10.11-client-utils-10.11.18-1.hum1 noarch mariadb10.11-common-10.11.18-1.hum1...

10CVSS5.8AI score0.01009EPSS
Exploits0References10
RedHat Linux
RedHat Linux
•added 2026/06/10 10:32 p.m.•7 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: mariadb11.8: mariadb-11.8.8-1.hum1 aarch64, x8664 mariadb-backup-11.8.8-1.hum1 aarch64, x8664 mariadb-client-utils-11.8.8-1.hum1 noarch mariadb-common-11.8.8-1.hum1 noarch...

10CVSS5AI score0.01009EPSS
Exploits0References11
RedHat Linux
RedHat Linux
•added 2026/06/10 10:4 p.m.•6 views

dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption

A flaw was found in ASP.NET Core SignalR and Blazor Server. A remote attacker could send a specially crafted MessagePack payload containing deeply nested arrays that trigger excessive recursion and cause a stack overflow. This issue may result in application termination and a denial of service...

7.5CVSS5.9AI score0.0243EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 10:4 p.m.•7 views

dotnet: .NET: Local file tampering via link following vulnerability

A flaw was found in .NET's System.Formats.Tar library. When extracting a specially crafted TAR archive containing symbolic links, the TarFile.ExtractToDirectory method may incorrectly follow those links and write files outside the intended extraction directory. An attacker could exploit this issu...

6.2CVSS5.8AI score0.00388EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 10:4 p.m.•9 views

Important: Red Hat Security Advisory: .NET 9.0 security update

An update for .NET 9.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS5.5AI score0.0243EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/06/10 10:3 p.m.•7 views

dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption

A flaw was found in ASP.NET Core SignalR and Blazor Server. A remote attacker could send a specially crafted MessagePack payload containing deeply nested arrays that trigger excessive recursion and cause a stack overflow. This issue may result in application termination and a denial of service...

7.5CVSS5.9AI score0.0243EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 10:3 p.m.•12 views

Important: Red Hat Security Advisory: .NET 8.0 security update

An update for .NET 8.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS5.5AI score0.0243EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/06/10 10:3 p.m.•10 views

dotnet: .NET: Local file tampering via link following vulnerability

A flaw was found in .NET's System.Formats.Tar library. When extracting a specially crafted TAR archive containing symbolic links, the TarFile.ExtractToDirectory method may incorrectly follow those links and write files outside the intended extraction directory. An attacker could exploit this issu...

6.2CVSS5.8AI score0.00388EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 10:0 p.m.•6 views

kernel: RDMA/rxe: Fix double free in rxe_srq_from_init

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA subsystem, specifically within the rxe driver. An error in the rxesrqfrominit function's memory management can lead to a double free vulnerability. This occurs when an attempt to copy data to user space fails, causing the sam...

7.8CVSS5.4AI score0.00175EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 10:0 p.m.•10 views

kernel: geneve: Fix use-after-free in geneve_find_dev().

A use-after-free vulnerability exists in the Linux kernel. When devnet is dismantled, the geneveexitbatchrtnl function calls unregisternetdevicequeue for each device in the network namespace. Later, when the device is freed, it is still linked to the backend UDP socket in the network namespace...

7.8CVSS7.2AI score0.00227EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 10:0 p.m.•6 views

kernel: libceph: replace overzealous BUG_ON in osdmap_apply_incremental()

In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUGON in osdmapapplyincremental If the osdmap is maliciously corrupted such that the incremental osdmap epoch is different from what is expected, there is no need to BUG. Instead, just declare the...

7.5CVSS6.5AI score0.00341EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 10:0 p.m.•13 views

Critical: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.8CVSS6.4AI score0.00563EPSS
Exploits0References14
RedHat Linux
RedHat Linux
•added 2026/06/10 10:0 p.m.•13 views

kernel: dlm: validate length in dlm_search_rsb_tree

A flaw was found in the Linux kernel's Distributed Lock Manager dlm module. An attacker could send specially crafted network messages with an oversized length parameter to the dlmdumprsbname function. This lack of validation can lead to an out-of-bounds write in the dlmsearchrsbtree function,...

9.8CVSS6.2AI score0.00426EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 10:0 p.m.•8 views

kernel: smb: client: fix OOB reads parsing symlink error response

A flaw was found in the Linux kernel's Server Message Block SMB client. A remote, untrusted server could send a specially crafted symlink error response, leading to an out-of-bounds read vulnerability. This could result in the disclosure of sensitive information from the kernel's memory to a loca...

8.1CVSS6.7AI score0.00378EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 10:0 p.m.•7 views

kernel: ALSA: 6fire: fix use-after-free on disconnect

A flaw was found in the Linux kernel's ALSA 6fire USB audio device driver. During the disconnection process of a 6fire USB audio device, a use-after-free vulnerability occurs. This happens when the system attempts to write to memory that has already been deallocated, which can lead to memory...

7.8CVSS5.5AI score0.00128EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 10:0 p.m.•11 views

kernel: netfilter: nf_tables: release flowtable after rcu grace period on error

A flaw was found in the Linux kernel's netfilter component, specifically within the nftables subsystem. An error in releasing a flowtable after an RCU Read-Copy-Update grace period could lead to a use-after-free vulnerability. This issue could expose the flowtable to the packet path and...

7.8CVSS5.7AI score0.00119EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 10:0 p.m.•7 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

9.8CVSS6.4AI score0.00563EPSS
Exploits0References5
Total number of security vulnerabilities114833