Codeready Linux Builder Eus@9.2 Security Vulnerabilities and Issues — Codeready Linux Builder Eus@9.2 CVE List

Lucene search

RedhatCodeready Linux Builder Eus9.2

7 matches found

CVE•added 2023/10/03 6:15 p.m.•1174 views

CVE-2023-4911

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code...

7.8CVSS8.2AI score0.74608EPSS

CVE•added 2023/12/10 6:15 p.m.•972 views

CVE-2023-5869

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing spe...

8.8CVSS9.2AI score0.01608EPSS

CVE•added 2023/09/18 5:15 p.m.•749 views

CVE-2023-4527

A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data,...

6.5CVSS7.2AI score0.00105EPSS

CVE•added 2023/12/10 6:15 p.m.•612 views

CVE-2023-5868

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes, potential...

4.3CVSS6.8AI score0.02718EPSS

CVE•added 2023/09/18 5:15 p.m.•573 views

CVE-2023-4806

A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the nss _gethostbyname2_r and nss _getcanonname_r hooks without implementing...

5.9CVSS6.8AI score0.01106EPSS

CVE•added 2023/12/10 6:15 p.m.•471 views

CVE-2023-5870

A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would a...

4.4CVSS6.4AI score0.00645EPSS

CVE•added 2023/10/23 10:15 p.m.•223 views

CVE-2023-5633

The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user coul...

7.8CVSS6.8AI score0.00015EPSS