Codeready Linux Builder@8.0 Security Vulnerabilities and Issues — Codeready Linux Builder@8.0 CVE List

Lucene search

RedhatCodeready Linux Builder8.0

7 matches found

cve•added 2022/03/04 7:15 p.m.•939 views

CVE-2021-3737

A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.

7.5CVSS7.6AI score0.00121EPSS

cve•added 2022/03/10 5:42 p.m.•776 views

CVE-2021-3733

There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is s...

6.5CVSS7.1AI score0.00512EPSS

cve•added 2022/03/03 7:15 p.m.•555 views

CVE-2022-0492

A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.

7.8CVSS8AI score0.06994EPSS

cve•added 2022/03/25 7:15 p.m.•452 views

CVE-2022-0435

A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges i...

9CVSS9AI score0.60408EPSS

cve•added 2022/03/25 7:15 p.m.•398 views

CVE-2022-0330

A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system.

7.8CVSS7.7AI score0.00046EPSS

cve•added 2022/02/18 6:15 p.m.•219 views

CVE-2021-3930

An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service co...

6.5CVSS6.6AI score0.00033EPSS

cve•added 2022/03/04 4:15 p.m.•216 views

CVE-2021-3744

A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.

5.5CVSS6AI score0.00019EPSS