Enterprise Linux@7.0 Security Vulnerabilities and Issues — Enterprise Linux@7.0 CVE List

Lucene search

RedhatEnterprise Linux7.0

19 matches found

CVE•added 2017/04/17 9:59 p.m.•517 views

CVE-2017-5645

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.

9.8CVSS9.5AI score0.94013EPSS

CVE•added 2017/10/05 1:29 a.m.•442 views

CVE-2017-1000253

Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10....

7.8CVSS7.3AI score0.55565EPSS

CVE•added 2017/08/19 6:29 p.m.•275 views

CVE-2017-10661

Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.

7.6CVSS7.2AI score0.30004EPSS

CVE•added 2017/06/19 4:29 p.m.•263 views

CVE-2017-1000366

glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap...

7.8CVSS7.4AI score0.07151EPSS

CVE•added 2017/10/05 1:29 a.m.•241 views

CVE-2017-1000111

Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solut...

7.8CVSS7.8AI score0.39139EPSS

CVE•added 2017/09/19 4:29 p.m.•237 views

CVE-2015-7837

The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secure_boot flag across kexec reboot.

5.5CVSS5.9AI score0.00073EPSS

CVE•added 2017/09/14 4:29 p.m.•229 views

CVE-2015-7553

Race condition in the kernel in Red Hat Enterprise Linux 7, kernel-rt and Red Hat Enterprise MRG 2, when the nfnetlink_log module is loaded, allows local users to cause a denial of service (panic) by creating netlink sockets.

4.7CVSS5.1AI score0.00036EPSS

CVE•added 2017/02/13 6:59 p.m.•216 views

CVE-2016-2568

pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.

7.8CVSS7.3AI score0.00293EPSS

CVE•added 2017/06/19 4:29 p.m.•187 views

CVE-2017-1000376

libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi p...

7CVSS7.2AI score0.00732EPSS

CVE•added 2017/12/07 2:29 a.m.•124 views

CVE-2017-15121

A non-privileged user is able to mount a fuse filesystem on RHEL 6 or 7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary.

5.5CVSS6.1AI score0.00069EPSS

CVE•added 2017/11/30 6:29 p.m.•116 views

CVE-2017-15116

The rngapi_reset function in crypto/rng.c in the Linux kernel before 4.2 allows attackers to cause a denial of service (NULL pointer dereference).

5.5CVSS6.3AI score0.00046EPSS

CVE•added 2017/03/03 11:59 a.m.•87 views

CVE-2015-2877

Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection (CAIN) attack. NOTE: the vendor states "Basicall...

3.3CVSS4AI score0.00112EPSS

CVE•added 2017/12/29 3:29 p.m.•84 views

CVE-2016-3695

The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelevel is set.

5.5CVSS5.7AI score0.00025EPSS

CVE•added 2017/04/21 3:59 p.m.•82 views

CVE-2016-0720

Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149.

8.8CVSS8.6AI score0.00196EPSS

CVE•added 2017/04/21 3:59 p.m.•80 views

CVE-2016-0721

Session fixation vulnerability in pcsd in pcs before 0.9.157.

8.1CVSS8.1AI score0.00288EPSS

CVE•added 2017/12/18 7:29 p.m.•75 views

CVE-2017-15104

An access flaw was found in Heketi 5, where the heketi.json configuration file was world readable. An attacker having local access to the Heketi server could read plain-text passwords from the heketi.json file.

7.8CVSS7.2AI score0.00085EPSS

CVE•added 2017/12/18 7:29 p.m.•71 views

CVE-2017-15103

A security-check flaw was found in the way the Heketi 5 server API handled user requests. An authenticated Heketi user could send specially crafted requests to the Heketi server, resulting in remote command execution as the user running Heketi server and possibly privilege escalation.

9CVSS8.1AI score0.01086EPSS

CVE•added 2017/12/29 10:29 p.m.•59 views

CVE-2014-8119

The find_ifcfg_path function in netcf before 0.2.7 might allow attackers to cause a denial of service (application crash) via vectors involving augeas path expressions.

7.5CVSS7AI score0.02408EPSS

CVE•added 2017/06/26 11:29 p.m.•58 views

CVE-2017-9953

There is an invalid free in Image::printIFDStructure that leads to a Segmentation fault in Exiv2 0.26. A crafted input will lead to a remote denial of service attack.

7.5CVSS6.7AI score0.00656EPSS