Enterprise Linux Security Vulnerabilities and Issues — Enterprise Linux CVE List

Lucene search

RedhatEnterprise Linux

9 matches found

CVE•added 2022/09/09 2:15 p.m.•689 views

CVE-2020-10735

A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int("text"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 ...

7.5CVSS7.5AI score0.00337EPSS

CVE•added 2022/09/13 2:15 p.m.•338 views

CVE-2022-2990

An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to ...

7.1CVSS7.1AI score0.00107EPSS

CVE•added 2022/09/13 2:15 p.m.•284 views

CVE-2022-2989

An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to e...

7.1CVSS7.1AI score0.00034EPSS

CVE•added 2022/09/01 9:15 p.m.•234 views

CVE-2022-2639

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write...

7.8CVSS7.8AI score0.00747EPSS

CVE•added 2022/09/09 3:15 p.m.•234 views

CVE-2022-2964

A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.

7.8CVSS7.6AI score0.00041EPSS

CVE•added 2022/09/06 6:15 p.m.•164 views

CVE-2022-25310

A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bidi_marks() function of the lib/fribidi.c file. This flaw allows an attacker to pass a specially crafted file to Fribidi, leading to a crash and causing a denial of service.

5.5CVSS6.1AI score0.00017EPSS

CVE•added 2022/09/06 6:15 p.m.•153 views

CVE-2022-25309

A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_to_unicode() function of the fribidi-char-sets-cap-rtl.c file. This flaw allows an attacker to pass a specially crafted file to the Fribidi application with the '--caprtl' option, leading to a crash a...

5.5CVSS6.4AI score0.0002EPSS

CVE•added 2022/09/06 6:15 p.m.•145 views

CVE-2022-25308

A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service.

7.8CVSS7.6AI score0.00029EPSS

CVE•added 2022/09/09 3:15 p.m.•103 views

CVE-2022-2905

An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.

5.5CVSS5.9AI score0.00018EPSS