Lucene search
K
RedhatRecent

115618 matches found

RedHat Linux
RedHat Linux
•added 2026/05/28 7:7 a.m.•11 views

libsoup: libsoup: Information disclosure via cleartext transmission of cookies during HTTPS tunnel establishment

A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in cleartext within the initial HTTP CONNECT request. A network-positioned attacker or a malicious HTTP proxy can intercept these cookies, leading to potential...

8.2CVSS5.8AI score0.00254EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/05/28 7:7 a.m.•13 views

Moderate: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.2CVSS5.8AI score0.00254EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/05/28 6:58 a.m.•9 views

Important: Red Hat Security Advisory: cockpit security update

An update for cockpit is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

8CVSS7.2AI score0.01016EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/05/28 6:58 a.m.•12 views

cockpit: Cockpit: Arbitrary command execution via crafted links in system logs UI

A flaw was found in Cockpit. This vulnerability allows a remote attacker to achieve arbitrary command execution on the host by exploiting unsanitized user-controlled parameters within crafted links in the system logs user interface UI. An attacker can inject shell metacharacters and command...

8CVSS7.3AI score0.01016EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 4:47 a.m.•11 views

Important: Red Hat Security Advisory: cockpit security update

An update for cockpit is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8CVSS7.2AI score0.01016EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/05/28 4:47 a.m.•14 views

cockpit: Cockpit: Arbitrary command execution via crafted links in system logs UI

A flaw was found in Cockpit. This vulnerability allows a remote attacker to achieve arbitrary command execution on the host by exploiting unsanitized user-controlled parameters within crafted links in the system logs user interface UI. An attacker can inject shell metacharacters and command...

8CVSS7.3AI score0.01016EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•65 views

kernel: netfilter: xt_tcpmss: check remaining length before reading optlen

A flaw was found in the Linux kernel, specifically within the netfilter: xttcpmss module. A remote attacker could exploit this vulnerability by sending a specially crafted TCP packet. The TCP option parser does not properly validate the remaining option length, which results in an out-of-bounds...

8.2CVSS5.8AI score0.00463EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•11 views

kernel: xfs: fix freemap adjustments when adding xattrs to leaf blocks

A flaw was found in the Linux kernel's XFS filesystem. When adding extended attributes xattrs, which are metadata associated with files, to leaf blocks, incorrect adjustments to the freemap can occur. This inconsistency allows the entries array and free space to overlap, leading to an assertion...

8.8CVSS5.8AI score0.00469EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•14 views

kernel: nbd: defer config unlock in nbd_genl_connect

In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...

5.9AI score0.00165EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•11 views

kernel: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr

In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then...

5.8AI score0.00168EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•7 views

kernel: smb: client: validate dacloffset before building DACL pointers

A flaw was found in the Linux kernel's Server Message Block SMB client. A malicious server can exploit this vulnerability on 32-bit systems by providing a crafted dacloffset value. This can cause a pointer wrap, leading to the dereferencing of invalid Discretionary Access Control List DACL fields...

9.8CVSS5.5AI score0.00675EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•20 views

kernel: wifi: brcmfmac: validate bsscfg indices in IF events

A flaw was found in the Linux kernel's brcmfmac Wi-Fi driver. This vulnerability occurs because the driver fails to properly validate bsscfg indices in interface IF events. An attacker could exploit this by sending a specially crafted IF event with an invalid bsscfg index, which could lead to an...

8.8CVSS5.8AI score0.00244EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•33 views

kernel: HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq

A flaw was found in the Linux kernel's Wacom Human Interface Device HID driver. This vulnerability allows a remote attacker to trigger an out-of-bounds read by sending a specially crafted, short Bluetooth HID report. This can lead to the disclosure of sensitive information from the system's memor...

8.1CVSS5.8AI score0.00255EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•10 views

kernel: netfilter: nf_conntrack_helper: pass helper to expect cleanup

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackhelper. When a connection tracking helper is unregistered, its associated expectations are not properly cleaned up. This oversight can lead to a use-after-free vulnerability, where the system attempts t...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•13 views

kernel: Bluetooth: MGMT: validate LTK enc_size on load

A flaw was found in the Linux kernel's Bluetooth management MGMT component. An attacker could exploit a vulnerability in how Long Term Keys LTK are loaded. By providing an oversized encryption size, a stack buffer overflow can occur, potentially leading to a denial of service...

7.8CVSS6AI score0.00129EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•10 views

kernel: netfilter: ip6t_eui64: reject invalid MAC header for all packets

A flaw was found in the Linux kernel's netfilter component. This vulnerability occurs because the eui64mt6 function, which processes IPv6 packets, does not properly validate the MAC header for all packets. Specifically, packets with a zero fragment offset could bypass an existing guard, allowing...

9.4CVSS5.8AI score0.00337EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•40 views

kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackh323 module. This vulnerability occurs in the DecodeQ931 function when processing a zero-length value from a packet. An integer underflow during a length calculation results in a large, incorrect value...

9.1CVSS5.7AI score0.00514EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•18 views

kernel: iommu: disable SVA when CONFIG_X86 is set

A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...

7.8CVSS6.2AI score0.00145EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•9 views

kernel: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id

In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys - prevent overflow in asymmetrickeygenerateid Use checkaddoverflow to guard against potential integer overflows when adding the binary blob lengths and the size of an asymmetrickeyid structure and return...

6.1AI score0.00154EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•10 views

kernel: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al

In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proclseek as ones for procreaditer et.al Check pde-procops-proclseek directly may cause UAF in rmmod scenario. It's a gap in procregopen after commit 654b33ada4ab"proc: fix UAF in...

7.8CVSS6.6AI score0.00153EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•9 views

kernel: smb: client: validate the whole DACL before rewriting it in cifsacl

A flaw was found in the Linux kernel's Server Message Block SMB client, specifically within the cifsacl functionality. A malicious SMB server could provide a malformed Discretionary Access Control List DACL that claims to contain more Access Control Entries ACEs than are actually present. This...

8.8CVSS5.8AI score0.00259EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•11 views

kernel: net: sched: act_csum: validate nested VLAN headers

A flaw was found in the Linux kernel's network scheduler component. A remote attacker could send specially crafted network packets containing nested Virtual Local Area Network VLAN headers. This could cause the kernel to read beyond allocated memory, leading to a system crash and a denial of...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•12 views

kernel: Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold

A flaw was found in the Linux kernel's Bluetooth SCO Synchronous Connection-Oriented protocol implementation. The scorecvframe function fails to properly hold a reference to a socket after releasing a lock. This oversight allows a concurrent operation to free the socket while it is still being...

8.8CVSS5.8AI score0.003EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•27 views

kernel: mm/page_alloc: clear page->private in free_pages_prepare()

A flaw was found in the Linux kernel's memory management subsystem. When pages are freed, the page-private field is not properly cleared. If these pages are later reallocated as high-order pages and split, the tail pages can retain stale page-private values. This can lead to a use-after-free...

7.8CVSS5.8AI score0.0013EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•10 views

kernel: Bluetooth: SCO: fix race conditions in sco_sock_connect()

A flaw was found in the Linux kernel, specifically within its Bluetooth Synchronous Connection-Oriented SCO component. This vulnerability occurs due to race conditions when multiple connection attempts are made simultaneously on the same Bluetooth socket. This can lead to a use-after-free error,...

7.8CVSS5.8AI score0.00097EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•32 views

kernel: netfilter: nf_tables: release flowtable after rcu grace period on error

A flaw was found in the Linux kernel's netfilter component, specifically within the nftables subsystem. An error in releasing a flowtable after an RCU Read-Copy-Update grace period could lead to a use-after-free vulnerability. This issue could expose the flowtable to the packet path and...

7.8CVSS6.1AI score0.00119EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:41 a.m.•22 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

9.8CVSS6.4AI score0.00675EPSS
Exploits0References20
RedHat Linux
RedHat Linux
•added 2026/05/28 2:21 a.m.•13 views

kernel: Linux kernel dpaa2-switch: Kernel memory corruption via out-of-bounds write

A flaw was found in the Linux kernel dpaa2-switch driver. This out-of-bounds write vulnerability occurs because the driver does not validate the numifs value reported by the firmware against the DPSWMAXIF limit. A highly privileged attacker, capable of influencing the DPAA2 firmware or management...

7.8CVSS5.8AI score0.00139EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:21 a.m.•17 views

kernel: xfs: fix freemap adjustments when adding xattrs to leaf blocks

A flaw was found in the Linux kernel's XFS filesystem. When adding extended attributes xattrs, which are metadata associated with files, to leaf blocks, incorrect adjustments to the freemap can occur. This inconsistency allows the entries array and free space to overlap, leading to an assertion...

8.8CVSS5.8AI score0.00469EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:21 a.m.•16 views

kernel: Bluetooth: MGMT: validate LTK enc_size on load

A flaw was found in the Linux kernel's Bluetooth management MGMT component. An attacker could exploit a vulnerability in how Long Term Keys LTK are loaded. By providing an oversized encryption size, a stack buffer overflow can occur, potentially leading to a denial of service...

7.8CVSS6AI score0.00129EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:21 a.m.•17 views

kernel: io_uring/rsrc: reject zero-length fixed buffer import

A flaw was found in the Linux kernel's iouring subsystem. A local attacker can exploit a vulnerability in the ioimportfixed function by importing a zero-length fixed buffer. This can lead to an out-of-bounds read from slab memory, potentially resulting in information disclosure or a denial of...

7.1CVSS5.8AI score0.00124EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:21 a.m.•23 views

kernel: net: sched: act_csum: validate nested VLAN headers

A flaw was found in the Linux kernel's network scheduler component. A remote attacker could send specially crafted network packets containing nested Virtual Local Area Network VLAN headers. This could cause the kernel to read beyond allocated memory, leading to a system crash and a denial of...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:21 a.m.•13 views

kernel: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr

In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then...

5.8AI score0.00168EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:21 a.m.•17 views

kernel: netfilter: xt_tcpmss: check remaining length before reading optlen

A flaw was found in the Linux kernel, specifically within the netfilter: xttcpmss module. A remote attacker could exploit this vulnerability by sending a specially crafted TCP packet. The TCP option parser does not properly validate the remaining option length, which results in an out-of-bounds...

8.2CVSS5.8AI score0.00463EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:21 a.m.•12 views

kernel: netfilter: ctnetlink: ensure safe access to master conntrack

A flaw was found in the netfilter: ctnetlink component of the Linux kernel. This vulnerability occurs due to insufficient locking when accessing the master conntrack object, allowing it to become invalid while still being referenced. A local attacker could potentially exploit this race condition,...

7.8CVSS5.8AI score0.00096EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:21 a.m.•22 views

kernel: HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq

A flaw was found in the Linux kernel's Wacom Human Interface Device HID driver. This vulnerability allows a remote attacker to trigger an out-of-bounds read by sending a specially crafted, short Bluetooth HID report. This can lead to the disclosure of sensitive information from the system's memor...

8.1CVSS5.8AI score0.00255EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:21 a.m.•15 views

kernel: netfilter: nf_conntrack_helper: pass helper to expect cleanup

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackhelper. When a connection tracking helper is unregistered, its associated expectations are not properly cleaned up. This oversight can lead to a use-after-free vulnerability, where the system attempts t...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:21 a.m.•18 views

kernel: netfilter: ip6t_eui64: reject invalid MAC header for all packets

A flaw was found in the Linux kernel's netfilter component. This vulnerability occurs because the eui64mt6 function, which processes IPv6 packets, does not properly validate the MAC header for all packets. Specifically, packets with a zero fragment offset could bypass an existing guard, allowing...

9.4CVSS5.8AI score0.00337EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:21 a.m.•18 views

kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackh323 module. This vulnerability occurs in the DecodeQ931 function when processing a zero-length value from a packet. An integer underflow during a length calculation results in a large, incorrect value...

9.1CVSS5.8AI score0.00514EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:21 a.m.•15 views

kernel: mm: thp: deny THP for files on anonymous inodes

A flaw was found in the Linux kernel's Transparent Huge Pages THP mechanism. This vulnerability occurs because the filethpenabled function incorrectly allows THP for files on anonymous inodes, which are not designed for this feature. An attacker could potentially exploit this by manipulating...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:21 a.m.•14 views

kernel: can: j1939: j1939_session_new(): fix skb reference counting

In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sessionnew: fix skb reference counting Since j1939sessionskbqueue does an extra skbget for each new skb, do the same for the initial one in j1939sessionnew to avoid refcount underflow. mkl: clean up commit messag...

5.5CVSS5.7AI score0.00224EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:21 a.m.•21 views

kernel: wifi: brcmfmac: validate bsscfg indices in IF events

A flaw was found in the Linux kernel's brcmfmac Wi-Fi driver. This vulnerability occurs because the driver fails to properly validate bsscfg indices in interface IF events. An attacker could exploit this by sending a specially crafted IF event with an invalid bsscfg index, which could lead to an...

8.8CVSS5.8AI score0.00244EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:21 a.m.•18 views

kernel: Bluetooth: SCO: fix race conditions in sco_sock_connect()

A flaw was found in the Linux kernel, specifically within its Bluetooth Synchronous Connection-Oriented SCO component. This vulnerability occurs due to race conditions when multiple connection attempts are made simultaneously on the same Bluetooth socket. This can lead to a use-after-free error,...

7.8CVSS5.8AI score0.00097EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:21 a.m.•19 views

kernel: mm/page_alloc: clear page->private in free_pages_prepare()

A flaw was found in the Linux kernel's memory management subsystem. When pages are freed, the page-private field is not properly cleared. If these pages are later reallocated as high-order pages and split, the tail pages can retain stale page-private values. This can lead to a use-after-free...

7.8CVSS5.8AI score0.0013EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 2:21 a.m.•29 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.4CVSS6AI score0.00514EPSS
Exploits0References19
RedHat Linux
RedHat Linux
•added 2026/05/28 2:21 a.m.•11 views

kernel: netfilter: nf_tables: release flowtable after rcu grace period on error

A flaw was found in the Linux kernel's netfilter component, specifically within the nftables subsystem. An error in releasing a flowtable after an RCU Read-Copy-Update grace period could lead to a use-after-free vulnerability. This issue could expose the flowtable to the packet path and...

7.8CVSS6.1AI score0.00119EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/05/28 12:15 a.m.•34 views

google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation

A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 :path pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed :path that omits the mandato...

9.1CVSS6.4AI score0.01557EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/05/28 12:15 a.m.•13 views

Important: Red Hat Security Advisory: Red Hat build of MicroShift 4.16.63 security update

Red Hat build of MicroShift release 4.16.63 is now available with updates to packages and images that include a security update. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

9.1CVSS6.4AI score0.01557EPSS
Exploits1References2
RedHat Linux
RedHat Linux
•added 2026/05/28 12:6 a.m.•17 views

cryptography: cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves

A validation flaw has been discovered in the python cryptography package. This missing validation allows an attacker to provide a public key point P from a small-order subgroup. This can lead to security issues in various situations, such as the most commonly used signature verification ECDSA and...

8.2CVSS5.7AI score0.00341EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/05/28 12:6 a.m.•16 views

Important: Red Hat Security Advisory: fence-agents security update

An update for fence-agents is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

8.2CVSS5.8AI score0.00341EPSS
Exploits1References3
Total number of security vulnerabilities115618