Lucene search
K
RedhatRecent

114953 matches found

RedHat Linux
RedHat Linux
•added 2026/05/28 9:38 a.m.•12 views

xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access

A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could send a specially crafted request to the X server, leading to an out-of-bounds memory access vulnerability. This could result in the disclosure of sensitive information or cause the server to crash,...

7.8CVSS5.7AI score0.0025EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/05/28 9:38 a.m.•10 views

xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling

A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB X Keyboard Extension modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory...

9.1CVSS5.7AI score0.00489EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/05/28 9:38 a.m.•10 views

xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption

A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server crash and potentially...

7.8CVSS5.8AI score0.00264EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/05/28 9:38 a.m.•13 views

xwayland: xorg: X.Org X server: Information disclosure and denial of service via out-of-bounds read in XKB geometry processing.

A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the CheckSetGeom and XkbAddGeomKeyAlias functions, allows an attacker to read uninitialized or out-of-bounds memory. An attacker with a connection to the X11 server,...

9.1CVSS5.7AI score0.00489EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/05/28 9:38 a.m.•17 views

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of servi...

7.8CVSS6AI score0.0038EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/05/28 8:47 a.m.•20 views

kernel: netfilter: xt_tcpmss: check remaining length before reading optlen

A flaw was found in the Linux kernel, specifically within the netfilter: xttcpmss module. A remote attacker could exploit this vulnerability by sending a specially crafted TCP packet. The TCP option parser does not properly validate the remaining option length, which results in an out-of-bounds...

8.2CVSS5.8AI score0.00463EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 8:47 a.m.•32 views

kernel: netfilter: nf_conntrack_helper: pass helper to expect cleanup

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackhelper. When a connection tracking helper is unregistered, its associated expectations are not properly cleaned up. This oversight can lead to a use-after-free vulnerability, where the system attempts t...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 8:47 a.m.•11 views

kernel: Bluetooth: MGMT: validate LTK enc_size on load

A flaw was found in the Linux kernel's Bluetooth management MGMT component. An attacker could exploit a vulnerability in how Long Term Keys LTK are loaded. By providing an oversized encryption size, a stack buffer overflow can occur, potentially leading to a denial of service...

7.8CVSS6AI score0.00129EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 8:47 a.m.•11 views

kernel: smb: client: validate the whole DACL before rewriting it in cifsacl

A flaw was found in the Linux kernel's Server Message Block SMB client, specifically within the cifsacl functionality. A malicious SMB server could provide a malformed Discretionary Access Control List DACL that claims to contain more Access Control Entries ACEs than are actually present. This...

8.8CVSS5.8AI score0.00259EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 8:47 a.m.•16 views

kernel: net: sched: act_csum: validate nested VLAN headers

A flaw was found in the Linux kernel's network scheduler component. A remote attacker could send specially crafted network packets containing nested Virtual Local Area Network VLAN headers. This could cause the kernel to read beyond allocated memory, leading to a system crash and a denial of...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 8:47 a.m.•67 views

kernel: can: raw: fix ro->uniq use-after-free in raw_rcv()

A flaw was found in the Linux kernel's Controller Area Network CAN raw socket implementation. A use-after-free vulnerability can occur due to a timing window during the unregistration of CAN receive filters, allowing a freed memory region to be accessed. This could lead to system instability or a...

7.8CVSS5.8AI score0.00124EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 8:47 a.m.•13 views

kernel: Linux kernel: Denial of service and memory corruption in RDMA umad

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA umad User Mode Access Device component. A local user can exploit this vulnerability by manipulating input, causing an integer underflow that leads to an out-of-bounds memory write. This memory corruption can result in a denia...

7.8CVSS5.7AI score0.00125EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 8:47 a.m.•27 views

kernel: libceph: make decode_pool() more resilient against corrupted osdmaps

In the Linux kernel, the following vulnerability has been resolved: libceph: make decodepool more resilient against corrupted osdmaps If the osdmap is maliciously corrupted such that the encoded length of cephpgpool envelope is less than what is expected for a particular encoding version,...

7.1CVSS6.1AI score0.00126EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 8:47 a.m.•16 views

kernel: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr

In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then...

5.8AI score0.00168EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 8:47 a.m.•12 views

kernel: Bluetooth: MGMT: Fix possible UAFs

A flaw was found in the Linux kernel’s Bluetooth management subsystem net/bluetooth/mgmt.c. The mgmtpending structure may be freed while still being processed, or remain on the pending command list, which allows a use-after-free or double-free scenario. An attacker with local access to the system...

5.8AI score0.00183EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 8:47 a.m.•22 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

9.8CVSS6.5AI score0.00675EPSS
Exploits0References19
RedHat Linux
RedHat Linux
•added 2026/05/28 8:47 a.m.•4 views

kernel: smb: client: validate dacloffset before building DACL pointers

A flaw was found in the Linux kernel's Server Message Block SMB client. A malicious server can exploit this vulnerability on 32-bit systems by providing a crafted dacloffset value. This can cause a pointer wrap, leading to the dereferencing of invalid Discretionary Access Control List DACL fields...

9.8CVSS5.5AI score0.00675EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 8:47 a.m.•11 views

kernel: md/bitmap: fix GPF in write_page caused by resize race

A flaw was found in the Linux kernel's md/bitmap component. This vulnerability involves a use-after-free race condition that occurs during array resize operations. When the bitmapdaemonwork and bitmapresize functions execute concurrently, they can access memory pages that have already been freed...

4.7CVSS5.9AI score0.00091EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 8:47 a.m.•11 views

kernel: xfs: fix freemap adjustments when adding xattrs to leaf blocks

A flaw was found in the Linux kernel's XFS filesystem. When adding extended attributes xattrs, which are metadata associated with files, to leaf blocks, incorrect adjustments to the freemap can occur. This inconsistency allows the entries array and free space to overlap, leading to an assertion...

8.8CVSS5.8AI score0.00469EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 8:47 a.m.•11 views

kernel: HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq

A flaw was found in the Linux kernel's Wacom Human Interface Device HID driver. This vulnerability allows a remote attacker to trigger an out-of-bounds read by sending a specially crafted, short Bluetooth HID report. This can lead to the disclosure of sensitive information from the system's memor...

8.1CVSS5.8AI score0.00255EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 8:47 a.m.•12 views

kernel: netfilter: ip6t_eui64: reject invalid MAC header for all packets

A flaw was found in the Linux kernel's netfilter component. This vulnerability occurs because the eui64mt6 function, which processes IPv6 packets, does not properly validate the MAC header for all packets. Specifically, packets with a zero fragment offset could bypass an existing guard, allowing...

9.4CVSS5.8AI score0.00337EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 8:47 a.m.•12 views

kernel: Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold

A flaw was found in the Linux kernel's Bluetooth SCO Synchronous Connection-Oriented protocol implementation. The scorecvframe function fails to properly hold a reference to a socket after releasing a lock. This oversight allows a concurrent operation to free the socket while it is still being...

8.8CVSS5.8AI score0.003EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 8:47 a.m.•21 views

kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackh323 module. This vulnerability occurs in the DecodeQ931 function when processing a zero-length value from a packet. An integer underflow during a length calculation results in a large, incorrect value...

9.1CVSS5.7AI score0.00514EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 8:47 a.m.•12 views

kernel: Linux kernel: Use-after-free in traffic control (act_ct) may lead to denial of service or privilege escalation

A flaw was found in the Linux kernel. A use-after-free vulnerability exists in the traffic control actct path when it is incorrectly configured with non-ingress egress qdiscs queueing disciplines. This can allow a local user with specific privileges to trigger a kernel crash, leading to a denial ...

7.8CVSS5.8AI score0.00123EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 8:47 a.m.•40 views

kernel: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events The DSP event handling code in hwdepread could write more bytes to the user buffer than requested, when a user provides a buffer smaller than the event header...

6.1AI score0.00195EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 8:19 a.m.•40 views

Important: Red Hat Security Advisory: cockpit security update

An update for cockpit is now available for Red Hat Enterprise Linux 8.10 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

8CVSS7.2AI score0.01016EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/05/28 8:19 a.m.•13 views

cockpit: Cockpit: Arbitrary command execution via crafted links in system logs UI

A flaw was found in Cockpit. This vulnerability allows a remote attacker to achieve arbitrary command execution on the host by exploiting unsanitized user-controlled parameters within crafted links in the system logs user interface UI. An attacker can inject shell metacharacters and command...

8CVSS7.3AI score0.01016EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 7:53 a.m.•9 views

xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access

A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could send a specially crafted request to the X server, leading to an out-of-bounds memory access vulnerability. This could result in the disclosure of sensitive information or cause the server to crash,...

7.8CVSS5.7AI score0.0025EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/05/28 7:53 a.m.•10 views

xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling

A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB X Keyboard Extension modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory...

9.1CVSS5.7AI score0.00489EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/05/28 7:53 a.m.•16 views

xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption

A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server crash and potentially...

7.8CVSS5.8AI score0.00264EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/05/28 7:53 a.m.•11 views

xwayland: xorg: X.Org X server: Information disclosure and denial of service via out-of-bounds read in XKB geometry processing.

A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the CheckSetGeom and XkbAddGeomKeyAlias functions, allows an attacker to read uninitialized or out-of-bounds memory. An attacker with a connection to the X11 server,...

9.1CVSS5.7AI score0.00489EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/05/28 7:53 a.m.•19 views

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of servi...

7.8CVSS6AI score0.0038EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/05/28 7:53 a.m.•17 views

Important: Red Hat Security Advisory: xorg-x11-server security update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

9.1CVSS5.8AI score0.00489EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/28 7:32 a.m.•10 views

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

A flaw was found in Python's decompression modules, including lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is...

9.1CVSS6.3AI score0.00579EPSS
Exploits0References10
RedHat Linux
RedHat Linux
•added 2026/05/28 7:32 a.m.•13 views

python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...

7.1CVSS7AI score0.00308EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/05/28 7:32 a.m.•10 views

Important: Red Hat Security Advisory: python3.9 security update

An update for python3.9 is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.1CVSS6.4AI score0.00579EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/05/28 7:7 a.m.•11 views

libsoup: libsoup: Information disclosure via cleartext transmission of cookies during HTTPS tunnel establishment

A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in cleartext within the initial HTTP CONNECT request. A network-positioned attacker or a malicious HTTP proxy can intercept these cookies, leading to potential...

8.2CVSS5.8AI score0.00254EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/05/28 7:7 a.m.•13 views

Moderate: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.2CVSS5.8AI score0.00254EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/05/28 6:58 a.m.•9 views

Important: Red Hat Security Advisory: cockpit security update

An update for cockpit is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

8CVSS7.2AI score0.01016EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/05/28 6:58 a.m.•12 views

cockpit: Cockpit: Arbitrary command execution via crafted links in system logs UI

A flaw was found in Cockpit. This vulnerability allows a remote attacker to achieve arbitrary command execution on the host by exploiting unsanitized user-controlled parameters within crafted links in the system logs user interface UI. An attacker can inject shell metacharacters and command...

8CVSS7.3AI score0.01016EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 4:47 a.m.•13 views

cockpit: Cockpit: Arbitrary command execution via crafted links in system logs UI

A flaw was found in Cockpit. This vulnerability allows a remote attacker to achieve arbitrary command execution on the host by exploiting unsanitized user-controlled parameters within crafted links in the system logs user interface UI. An attacker can inject shell metacharacters and command...

8CVSS7.3AI score0.01016EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 4:47 a.m.•11 views

Important: Red Hat Security Advisory: cockpit security update

An update for cockpit is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8CVSS7.2AI score0.01016EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•7 views

kernel: smb: client: validate dacloffset before building DACL pointers

A flaw was found in the Linux kernel's Server Message Block SMB client. A malicious server can exploit this vulnerability on 32-bit systems by providing a crafted dacloffset value. This can cause a pointer wrap, leading to the dereferencing of invalid Discretionary Access Control List DACL fields...

9.8CVSS5.5AI score0.00675EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•27 views

kernel: mm/page_alloc: clear page->private in free_pages_prepare()

A flaw was found in the Linux kernel's memory management subsystem. When pages are freed, the page-private field is not properly cleared. If these pages are later reallocated as high-order pages and split, the tail pages can retain stale page-private values. This can lead to a use-after-free...

7.8CVSS5.8AI score0.0013EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•10 views

kernel: netfilter: nf_conntrack_helper: pass helper to expect cleanup

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackhelper. When a connection tracking helper is unregistered, its associated expectations are not properly cleaned up. This oversight can lead to a use-after-free vulnerability, where the system attempts t...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•13 views

kernel: Bluetooth: MGMT: validate LTK enc_size on load

A flaw was found in the Linux kernel's Bluetooth management MGMT component. An attacker could exploit a vulnerability in how Long Term Keys LTK are loaded. By providing an oversized encryption size, a stack buffer overflow can occur, potentially leading to a denial of service...

7.8CVSS6AI score0.00129EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•38 views

kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackh323 module. This vulnerability occurs in the DecodeQ931 function when processing a zero-length value from a packet. An integer underflow during a length calculation results in a large, incorrect value...

9.1CVSS5.7AI score0.00514EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•18 views

kernel: iommu: disable SVA when CONFIG_X86 is set

A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...

7.8CVSS6.2AI score0.00145EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•13 views

kernel: nbd: defer config unlock in nbd_genl_connect

In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...

5.9AI score0.00165EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•22 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

9.8CVSS6.4AI score0.00675EPSS
Exploits0References20
Total number of security vulnerabilities114953