Lucene search

K
RedhatVirtualization Host

84 matches found

CVE
CVE
added 2022/03/10 5:44 p.m.2050 views

CVE-2022-0847

A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page c...

7.8CVSS7.7AI score0.84348EPSS
CVE
CVE
added 2023/10/03 6:15 p.m.1170 views

CVE-2023-4911

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code...

7.8CVSS8.2AI score0.74608EPSS
CVE
CVE
added 2022/02/16 7:15 p.m.1018 views

CVE-2021-3560

It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vu...

7.8CVSS6.1AI score0.05351EPSS
CVE
CVE
added 2022/02/21 3:15 p.m.957 views

CVE-2021-44142

The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and w...

9CVSS8.9AI score0.28831EPSS
CVE
CVE
added 2021/12/23 9:15 p.m.920 views

CVE-2021-3621

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threa...

9.3CVSS8.8AI score0.00276EPSS
CVE
CVE
added 2022/02/18 6:15 p.m.836 views

CVE-2020-25717

A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.

8.5CVSS8.1AI score0.00152EPSS
CVE
CVE
added 2019/02/27 11:29 p.m.778 views

CVE-2019-1559

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is receiv...

5.9CVSS6.3AI score0.04426EPSS
CVE
CVE
added 2022/02/18 6:15 p.m.616 views

CVE-2016-2124

A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.

5.9CVSS7.2AI score0.00681EPSS
CVE
CVE
added 2020/05/22 3:15 p.m.616 views

CVE-2020-10711

A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processin...

5.9CVSS6.5AI score0.00671EPSS
CVE
CVE
added 2019/06/19 12:15 a.m.598 views

CVE-2019-11479

Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel ...

7.5CVSS7.3AI score0.12335EPSS
CVE
CVE
added 2019/09/03 6:15 p.m.590 views

CVE-2019-1125

An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries.To exploit this vulnerability, an attacker would have to log on to an a...

5.6CVSS6.8AI score0.15102EPSS
CVE
CVE
added 2018/08/22 5:29 p.m.587 views

CVE-2018-10858

A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.

8.8CVSS7.1AI score0.07048EPSS
CVE
CVE
added 2019/09/19 6:15 p.m.562 views

CVE-2019-14821

An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->...

8.8CVSS9AI score0.00058EPSS
CVE
CVE
added 2022/03/03 7:15 p.m.554 views

CVE-2022-0492

A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.

7.8CVSS8AI score0.06994EPSS
CVE
CVE
added 2019/09/17 4:15 p.m.552 views

CVE-2019-14835

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migratio...

7.8CVSS8.3AI score0.00025EPSS
CVE
CVE
added 2018/04/26 9:29 p.m.519 views

CVE-2018-10237

Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) ...

5.9CVSS5.9AI score0.03259EPSS
CVE
CVE
added 2018/05/21 5:29 p.m.518 views

CVE-2018-1067

In Undertow before versions 7.1.2.CR1, 7.1.2.GA it was found that the fix for CVE-2016-4993 was incomplete and Undertow web server is vulnerable to the injection of arbitrary HTTP headers, and also response splitting, due to insufficient sanitization and validation of user input before the input is...

6.1CVSS6.6AI score0.00622EPSS
CVE
CVE
added 2022/03/18 6:15 p.m.468 views

CVE-2022-1011

A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.

7.8CVSS7.7AI score0.00141EPSS
CVE
CVE
added 2022/03/25 7:15 p.m.452 views

CVE-2022-0435

A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges i...

9CVSS9AI score0.60408EPSS
CVE
CVE
added 2018/12/12 10:29 a.m.432 views

CVE-2018-18397

The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/u...

5.5CVSS5.8AI score0.0007EPSS
CVE
CVE
added 2022/02/16 7:15 p.m.429 views

CVE-2021-3752

A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to con...

7.9CVSS7.2AI score0.0002EPSS
CVE
CVE
added 2018/10/08 3:29 p.m.423 views

CVE-2018-1000805

Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity.

8.8CVSS8.5AI score0.00361EPSS
CVE
CVE
added 2022/01/20 6:15 p.m.408 views

CVE-2021-45417

AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow.

7.8CVSS7.5AI score0.00039EPSS
CVE
CVE
added 2018/02/06 3:29 p.m.400 views

CVE-2017-7525

A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.

9.8CVSS9.2AI score0.77336EPSS
CVE
CVE
added 2022/03/25 7:15 p.m.397 views

CVE-2022-0330

A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system.

7.8CVSS7.7AI score0.00046EPSS
CVE
CVE
added 2019/07/30 11:15 p.m.390 views

CVE-2019-10161

It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use ...

8.8CVSS8AI score0.00073EPSS
CVE
CVE
added 2022/08/26 4:15 p.m.373 views

CVE-2021-3669

A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.

5.5CVSS6.3AI score0.00008EPSS
CVE
CVE
added 2018/06/12 4:29 p.m.347 views

CVE-2018-5803

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.

5.5CVSS6.3AI score0.0006EPSS
CVE
CVE
added 2018/06/20 1:29 p.m.317 views

CVE-2018-1120

A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which makes a read() call ...

5.3CVSS6.3AI score0.00986EPSS
CVE
CVE
added 2022/08/23 4:15 p.m.317 views

CVE-2021-20316

A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share.

6.8CVSS6.3AI score0.00471EPSS
CVE
CVE
added 2019/06/12 2:29 p.m.315 views

CVE-2019-3888

A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUEST_LOGGER.undertowRequestFailed(t, exchange)

9.8CVSS9.1AI score0.00569EPSS
CVE
CVE
added 2018/01/31 2:29 p.m.314 views

CVE-2018-1000001

In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.

7.8CVSS8.8AI score0.47736EPSS
CVE
CVE
added 2022/03/04 7:15 p.m.308 views

CVE-2021-3656

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malici...

8.8CVSS8.6AI score0.00053EPSS
CVE
CVE
added 2017/12/07 7:29 p.m.305 views

CVE-2017-1000410

The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. By ...

7.5CVSS7.1AI score0.03997EPSS
CVE
CVE
added 2019/01/25 6:29 p.m.302 views

CVE-2018-16881

A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable.

7.5CVSS7.1AI score0.00436EPSS
CVE
CVE
added 2018/03/16 4:29 p.m.301 views

CVE-2018-1068

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.

7.2CVSS6.3AI score0.00053EPSS
CVE
CVE
added 2022/03/10 5:44 p.m.301 views

CVE-2022-0516

A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions prior to 5.17-rc4.

7.8CVSS7.3AI score0.00027EPSS
CVE
CVE
added 2017/12/11 9:29 p.m.298 views

CVE-2017-1000407

The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.

7.4CVSS5.9AI score0.00458EPSS
CVE
CVE
added 2019/04/11 4:29 p.m.281 views

CVE-2019-3460

A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.

6.5CVSS7AI score0.00199EPSS
CVE
CVE
added 2018/02/01 2:29 p.m.274 views

CVE-2018-6485

An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.

9.8CVSS8.4AI score0.00663EPSS
CVE
CVE
added 2018/10/22 4:29 p.m.270 views

CVE-2018-18559

In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code mishandles a certain multi...

8.1CVSS7.6AI score0.01207EPSS
CVE
CVE
added 2018/04/24 6:29 a.m.269 views

CVE-2018-10322

The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_ilock_attr_map_shared invalid pointer dereference) via a crafted xfs image.

5.5CVSS6.5AI score0.00051EPSS
CVE
CVE
added 2018/09/04 4:29 p.m.267 views

CVE-2018-10930

A flaw was found in RPC request using gfs3_rename_req in glusterfs server. An authenticated attacker could use this flaw to write to a destination outside the gluster volume.

6.5CVSS7AI score0.00776EPSS
CVE
CVE
added 2022/03/03 7:15 p.m.267 views

CVE-2021-3609

.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.

7CVSS7.2AI score0.00055EPSS
CVE
CVE
added 2018/02/12 7:29 p.m.259 views

CVE-2018-6927

The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.

7.8CVSS7AI score0.00079EPSS
CVE
CVE
added 2018/09/04 3:29 p.m.251 views

CVE-2018-10926

A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal and execute arbitrary code on a glusterfs server node.

8.8CVSS8.6AI score0.01344EPSS
CVE
CVE
added 2018/07/13 10:29 p.m.248 views

CVE-2018-10875

A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.

7.8CVSS7.7AI score0.00062EPSS
CVE
CVE
added 2018/09/04 4:29 p.m.240 views

CVE-2018-10929

A flaw was found in RPC request using gfs2_create_req in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute arbitrary code on glusterfs server nodes.

8.8CVSS8.6AI score0.01465EPSS
CVE
CVE
added 2018/09/04 3:29 p.m.238 views

CVE-2018-10927

A flaw was found in RPC request using gfs3_lookup_req in glusterfs server. An authenticated attacker could use this flaw to leak information and execute remote denial of service by crashing gluster brick process.

8.1CVSS7.9AI score0.01765EPSS
CVE
CVE
added 2018/09/04 3:29 p.m.237 views

CVE-2018-10928

A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing anywhere on the server and execute arbitrary code on...

8.8CVSS8.6AI score0.01439EPSS
Total number of security vulnerabilities84