114961 matches found
freerdp: FreeRDP: Denial of Service via endless blocking loop in Stream_EnsureCapacity
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. The StreamEnsureCapacity function can create an endless blocking loop, leading to a Denial of Service DoS. This vulnerability can be exploited on 32-bit systems where the available physical memory is greater than o...
Moderate: Red Hat Security Advisory: freerdp security update
An update for freerdp is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
freerdp: FreeRDP: Denial of service due to use-after-free vulnerability
A flaw was found in FreeRDP. A remote attacker could exploit a use-after-free vulnerability in the xfSetWindowMinMaxInfo function. This occurs when a freed window pointer is dereferenced because the main thread concurrently deletes a window while the Remote Desktop Protocol RAIL channel thread is...
FreeRDP: FreeRDP: Information disclosure via heap memory out of bounds read
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a vulnerability where pixel data from adjacent heap memory is rendered to the screen. This can lead to the disclosure of sensitive data to the attacker...
freerdp: FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0
A division by zero flaw has been discovered in FreeRDP. This division by zero exists in the MS-ADPCM and IMA-ADPCM decoders when nBlockAlign is 0, leading to a crash. In libfreerdp/codec/dsp.c, both ADPCM decoders use size % blocksize where blocksize = context-common.format.nBlockAlign. The...
freerdp: FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks
An out of bounds read flaw has been discovered in FreeRDP. This out-of-bounds read exists in the MS-ADPCM and IMA-ADPCM decoders due to unchecked predictor and stepindex values from input data. An attacker may be able to leverage this weakness to leak global data...
freerdp: FreeRDP has a heap-buffer-overflow in bitmap_cache_put via OOB cacheId
A heap based buffer overflow flaw has been discovered in FreeRDP. This client-side heap out-of-bounds read/write occurs in FreeRDP's bitmap cache subsystem due to an off-by-one boundary check in bitmapcacheput. A malicious server can send a CACHEBITMAPORDER Rev1 with cacheId equal to maxCells,...
freerdp: FreeRDP: Denial of Service via double free vulnerability during disconnect
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. This double free vulnerability occurs during the cleanup process when a remote desktop session disconnects. Specifically, if a title allocation fails, a pointer to an application window is freed but not removed fro...
freerdp: FreeRDP: Denial of Service via crafted audio data in RDP
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A remote attacker can exploit a sizet underflow vulnerability in the IMA-ADPCM and MS-ADPCM audio decoders by sending specially crafted audio data over the RDPSND audio channel. This underflow leads to a...
xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access
A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could send a specially crafted request to the X server, leading to an out-of-bounds memory access vulnerability. This could result in the disclosure of sensitive information or cause the server to crash,...
xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling
A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB X Keyboard Extension modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory...
xwayland: xorg: X.Org X server: Information disclosure and denial of service via out-of-bounds read in XKB geometry processing.
A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the CheckSetGeom and XkbAddGeomKeyAlias functions, allows an attacker to read uninitialized or out-of-bounds memory. An attacker with a connection to the X11 server,...
Important: Red Hat Security Advisory: xorg-x11-server-Xwayland security update
An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...
xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption
A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server crash and potentially...
xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling
A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of servi...
Important: Red Hat Security Advisory: jmc security update
An update for jmc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
org.eclipse.jetty/jetty-http: HTTP request smuggling via chunked extension quoted-string parsing
A flaw was found in Eclipse Jetty. The HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used. An attacker can inject crafted requests to manipulate and trick the parser. This issue can lead to security controls bypass, cache poisoning or unauthorized endpoint access...
lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing
A flaw was found in lz4-java. This vulnerability allows disclosure of sensitive data via crafted compressed input due to insufficient clearing of the output buffer in Java-based decompressor implementations...
Moderate: Red Hat Security Advisory: Kiali 2.22.4 for Red Hat OpenShift Service Mesh 3.3
Kiali 2.22.4 for Red Hat OpenShift Service Mesh 3.3 is now available. An update is now available for Red Hat OpenShift Service Mesh 3.3. This advisory contains the RPM packages for the Kiali component. Red Hat Product Security has rated this update as having a security impact of Moderate. A Commo...
Moderate: Red Hat Security Advisory: Kiali 2.4.17 for Red Hat OpenShift Service Mesh 3.0
Kiali 2.4.17 for Red Hat OpenShift Service Mesh 3.0 is now available. An update is now available for Red Hat OpenShift Service Mesh 3.0. This advisory contains the RPM packages for the Kiali component. Red Hat Product Security has rated this update as having a security impact of Moderate. A Commo...
Moderate: Red Hat Security Advisory: Kiali 2.11.11 for Red Hat OpenShift Service Mesh 3.1
Kiali 2.11.11 for Red Hat OpenShift Service Mesh 3.1 is now available. An update is now available for Red Hat OpenShift Service Mesh 3.1. This advisory contains the RPM packages for the Kiali component. Red Hat Product Security has rated this update as having a security impact of Moderate. A Comm...
Moderate: Red Hat Security Advisory: Kiali 2.17.8 for Red Hat OpenShift Service Mesh 3.2
Kiali 2.17.8 for Red Hat OpenShift Service Mesh 3.2 is now available. An update is now available for Red Hat OpenShift Service Mesh 3.2. This advisory contains the RPM packages for the Kiali component. Red Hat Product Security has rated this update as having a security impact of Moderate. A Commo...
Important: Red Hat Security Advisory: Kiali 1.73.31 for Red Hat OpenShift Service Mesh 2.6
Kiali 1.73.31 for Red Hat OpenShift Service Mesh 2.6 is now available. An update is now available for Red Hat OpenShift Service Mesh 2.6. This advisory contains the RPM packages for the Kiali component. Red Hat Product Security has rated this update as having a security impact of Moderate. A Comm...
Critical: Red Hat Security Advisory: General availability of the satellite/iop-gateway-rhel9 container image
A new satellite/iop-gateway-rhel9 container image is now generally available in the Red Hat container registry. Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services, and...
Critical: Red Hat Security Advisory: General availability of the satellite/iop-gateway-rhel9 container image
A new satellite/iop-gateway-rhel9 container image is now generally available in the Red Hat container registry. Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services, and...
Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: unbound: python3-unbound-1.25.1-1.hum1 aarch64, x8664 unbound-1.25.1-1.hum1 aarch64, x8664 unbound-anchor-1.25.1-1.hum1 aarch64, x8664 unbound-devel-1.25.1-1.hum1 aarch64, x8664...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: nginx: nginx-1.30.2-1.hum1 aarch64, x8664 nginx-all-modules-1.30.2-1.hum1 noarch nginx-core-1.30.2-1.hum1 aarch64, x8664 nginx-filesystem-1.30.2-1.hum1 noarch nginx-mod-devel-1.30.2-1.hum1 aarch6...
Important: Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage
A Subscription Management tool for finding and reporting Red Hat product usage Red Hat Discovery, also known as Discovery, is an inspection and reporting tool that finds, identifies, and reports environment data, or facts, such as the number of physical and virtual systems on a network, their...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: bind: bind-9.18.49-1.hum1 aarch64, x8664 bind-chroot-9.18.49-1.hum1 aarch64, x8664 bind-devel-9.18.49-1.hum1 aarch64, x8664 bind-dnssec-utils-9.18.49-1.hum1 aarch64, x8664 bind-doc-9.18.49-1.hum1...
kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers
A flaw was found in the Linux kernel's networking skbuff component. When skbtrycoalesce attaches paged fragments, it can lose the SKBFLSHAREDFRAG marker. This can lead to the Encapsulating Security Payload ESP input decrypting data in place over page-cache backed fragments, potentially resulting ...
kernel: Read root-owned files as an unprivileged user
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...
kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel
A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers
A flaw was found in the Linux kernel's networking skbuff component. When skbtrycoalesce attaches paged fragments, it can lose the SKBFLSHAREDFRAG marker. This can lead to the Encapsulating Security Payload ESP input decrypting data in place over page-cache backed fragments, potentially resulting ...
kernel: Read root-owned files as an unprivileged user
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...
kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel
A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers
A flaw was found in the Linux kernel's networking skbuff component. When skbtrycoalesce attaches paged fragments, it can lose the SKBFLSHAREDFRAG marker. This can lead to the Encapsulating Security Payload ESP input decrypting data in place over page-cache backed fragments, potentially resulting ...
kernel: Read root-owned files as an unprivileged user
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...
kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel
A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers
A flaw was found in the Linux kernel's networking skbuff component. When skbtrycoalesce attaches paged fragments, it can lose the SKBFLSHAREDFRAG marker. This can lead to the Encapsulating Security Payload ESP input decrypting data in place over page-cache backed fragments, potentially resulting ...
kernel: Read root-owned files as an unprivileged user
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...
kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel
A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...
kernel: can: raw: fix ro->uniq use-after-free in raw_rcv()
A flaw was found in the Linux kernel's Controller Area Network CAN raw socket implementation. A use-after-free vulnerability can occur due to a timing window during the unregistration of CAN receive filters, allowing a freed memory region to be accessed. This could lead to system instability or a...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabilit...
Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: python-pip: python-pip-wheel-26.1.1-3.hum1 noarch python3-pip-26.1.1-3.hum1 noarch python-pip-26.1.1-3.hum1.src src...
kernel: Read root-owned files as an unprivileged user
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...
kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers
A flaw was found in the Linux kernel's networking skbuff component. When skbtrycoalesce attaches paged fragments, it can lose the SKBFLSHAREDFRAG marker. This can lead to the Encapsulating Security Payload ESP input decrypting data in place over page-cache backed fragments, potentially resulting ...
kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel
A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...