Enterprise Linux Security Vulnerabilities and Issues — Enterprise Linux CVE List

Lucene search

RedhatEnterprise Linux

8 matches found

CVE•added 2020/04/17 4:15 a.m.•624 views

CVE-2020-11868

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.

7.5CVSS7.3AI score0.00597EPSS

CVE•added 2020/04/08 10:15 p.m.•419 views

CVE-2020-2732

A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest.

6.8CVSS7AI score0.00438EPSS

CVE•added 2020/04/27 9:15 p.m.•327 views

CVE-2020-1722

A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending a very long password (>= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unresponsive. The highest threat from this vulner...

5.4CVSS5.4AI score0.00368EPSS

CVE•added 2020/04/13 7:15 p.m.•316 views

CVE-2020-1730

A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The bigges...

5.3CVSS5.2AI score0.00087EPSS

CVE•added 2020/04/10 3:15 p.m.•266 views

CVE-2020-11669

An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR, aka CID-53a712bae5dd.

5.5CVSS5.9AI score0.0003EPSS

CVE•added 2020/04/17 7:15 p.m.•261 views

CVE-2020-1751

An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest thr...

7CVSS7AI score0.00181EPSS

CVE•added 2020/04/28 8:15 p.m.•226 views

CVE-2020-12430

An issue was discovered in qemuDomainGetStatsIOThread in qemu/qemu_driver.c in libvirt 4.10.0 though 6.x before 6.1.0. A memory leak was found in the virDomainListGetStats libvirt API that is responsible for retrieving domain statistics when managing QEMU guests. This flaw allows unprivileged users...

6.5CVSS6AI score0.00717EPSS

CVE•added 2020/04/29 4:15 p.m.•150 views

CVE-2020-12458

An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposure of sensitive information (e.g., cleartext or encrypted datasource passwords).

5.5CVSS5.5AI score0.00067EPSS