Enterprise Linux Security Vulnerabilities and Issues — Enterprise Linux CVE List

Lucene search

RedhatEnterprise Linux

8 matches found

CVE•added 2013/02/22 12:55 a.m.•102 views

CVE-2012-5536

A certain Red Hat build of the pam_ssh_agent_auth module on Red Hat Enterprise Linux (RHEL) 6 and Fedora Rawhide calls the glibc error function instead of the error function in the OpenSSH codebase, which allows local users to obtain sensitive information from process memory or possibly gain privil...

6.2CVSS6.1AI score0.00049EPSS

CVE•added 2013/02/28 7:55 p.m.•102 views

CVE-2013-1774

The chase_port function in drivers/usb/serial/io_ti.c in the Linux kernel before 3.7.4 allows local users to cause a denial of service (NULL pointer dereference and system crash) via an attempted /dev/ttyUSB read or write operation on a disconnected Edgeport USB serial converter.

4CVSS5.8AI score0.00086EPSS

CVE•added 2013/02/22 12:55 a.m.•89 views

CVE-2013-0311

The translate_desc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging KVM guest OS privileges.

6.5CVSS5.8AI score0.00216EPSS

CVE•added 2013/02/28 7:55 p.m.•79 views

CVE-2013-1773

Buffer overflow in the VFAT filesystem implementation in the Linux kernel before 3.3 allows local users to gain privileges or cause a denial of service (system crash) via a VFAT write operation on a filesystem with the utf8 mount option, which is not properly handled during UTF-8 to UTF-16 conversi...

6.2CVSS5.9AI score0.00185EPSS

CVE•added 2013/02/24 9:55 p.m.•75 views

CVE-2012-2697

Unspecified vulnerability in autofs, as used in Red Hat Enterprise Linux (RHEL) 5, allows local users to cause a denial of service (autofs crash and delayed mounts) or prevent "mount expiration" via unspecified vectors related to "using an LDAP-based automount map."

4.9CVSS6.1AI score0.00045EPSS

CVE•added 2013/02/22 12:55 a.m.•74 views

CVE-2013-0310

The cipso_v4_validate function in net/ipv4/cipso_ipv4.c in the Linux kernel before 3.4.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an IPOPT_CIPSO IP_OPTIONS setsockopt system call.

6.6CVSS5.9AI score0.00044EPSS

CVE•added 2013/02/24 7:55 p.m.•71 views

CVE-2013-0219

System Security Services Daemon (SSSD) before 1.9.4, when (1) creating, (2) copying, or (3) removing a user home directory tree, allows local users to create, modify, or delete arbitrary files via a symlink attack on another user's files.

3.7CVSS6.1AI score0.00064EPSS

CVE•added 2013/02/22 12:55 a.m.•68 views

CVE-2013-0309

arch/x86/include/asm/pgtable.h in the Linux kernel before 3.6.2, when transparent huge pages are used, does not properly support PROT_NONE memory regions, which allows local users to cause a denial of service (system crash) via a crafted application.

4.7CVSS5.6AI score0.00048EPSS