Filtered by vendor Redhat
Subscriptions
Filtered by product Rhel Extras Rt
Subscriptions
Total
482 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-19537 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Extras Rt | 2024-08-05 | 4.2 Medium |
| In the Linux kernel before 5.2.10, there is a race condition bug that can be caused by a malicious USB device in the USB character device driver layer, aka CID-303911cfc5b9. This affects drivers/usb/core/file.c. | ||||
| CVE-2019-19527 | 4 Debian, Linux, Opensuse and 1 more | 6 Debian Linux, Linux Kernel, Leap and 3 more | 2024-08-05 | 6.8 Medium |
| In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e. | ||||
| CVE-2019-19530 | 4 Debian, Linux, Opensuse and 1 more | 5 Debian Linux, Linux Kernel, Leap and 2 more | 2024-08-05 | 4.6 Medium |
| In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef. | ||||
| CVE-2019-19523 | 4 Debian, Linux, Opensuse and 1 more | 5 Debian Linux, Linux Kernel, Leap and 2 more | 2024-08-05 | 4.6 Medium |
| In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79. | ||||
| CVE-2019-19447 | 3 Linux, Netapp, Redhat | 13 Linux Kernel, Active Iq Unified Manager, Cloud Backup and 10 more | 2024-08-05 | 7.8 High |
| In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c. | ||||
| CVE-2019-19332 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Extras Rt | 2024-08-05 | 6.1 Medium |
| An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulting in a denial of service. | ||||
| CVE-2019-19338 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2024-08-05 | 5.5 Medium |
| A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a host CPU affected by the TAA flaw (TAA_NO=0), but is not affected by the MDS issue (MDS_NO=1), the guest was to clear the affected buffers by using a VERW instruction mechanism. But when the MDS_NO=1 bit was exported to the guests, the guests did not use the VERW mechanism to clear the affected buffers. This issue affects guests running on Cascade Lake CPUs and requires that host has 'TSX' enabled. Confidentiality of data is the highest threat associated with this vulnerability. | ||||
| CVE-2019-19055 | 4 Canonical, Fedoraproject, Linux and 1 more | 5 Ubuntu Linux, Fedora, Linux Kernel and 2 more | 2024-08-05 | 5.5 Medium |
| A memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering nl80211hdr_put() failures, aka CID-1399c59fa929. NOTE: third parties dispute the relevance of this because it occurs on a code path where a successful allocation has already occurred | ||||
| CVE-2019-19046 | 4 Fedoraproject, Linux, Opensuse and 1 more | 6 Fedora, Linux Kernel, Leap and 3 more | 2024-08-05 | 6.5 Medium |
| A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering ida_simple_get() failure, aka CID-4aa7afb0ee20. NOTE: third parties dispute the relevance of this because an attacker cannot realistically control this failure at probe time | ||||
| CVE-2019-19063 | 8 Broadcom, Canonical, Fedoraproject and 5 more | 22 Brocade Fabric Operating System Firmware, Ubuntu Linux, Fedora and 19 more | 2024-08-05 | 4.6 Medium |
| Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113. | ||||
| CVE-2019-19062 | 6 Canonical, Debian, Fedoraproject and 3 more | 7 Ubuntu Linux, Debian Linux, Fedora and 4 more | 2024-08-05 | 4.7 Medium |
| A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042. | ||||
| CVE-2019-19059 | 4 Canonical, Fedoraproject, Linux and 1 more | 5 Ubuntu Linux, Fedora, Linux Kernel and 2 more | 2024-08-05 | 4.7 Medium |
| Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering iwl_pcie_init_fw_sec() or dma_alloc_coherent() failures, aka CID-0f4f199443fa. | ||||
| CVE-2019-19058 | 5 Canonical, Fedoraproject, Linux and 2 more | 6 Ubuntu Linux, Fedora, Linux Kernel and 3 more | 2024-08-05 | 4.7 Medium |
| A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures, aka CID-b4b814fec1a5. | ||||
| CVE-2019-18808 | 5 Canonical, Fedoraproject, Linux and 2 more | 6 Ubuntu Linux, Fedora, Linux Kernel and 3 more | 2024-08-05 | 5.5 Medium |
| A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247. | ||||
| CVE-2019-18282 | 4 Debian, Linux, Netapp and 1 more | 21 Debian Linux, Linux Kernel, 8300 and 18 more | 2024-08-05 | 5.3 Medium |
| The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash (instead of siphash) is used. The hashrnd value remains the same starting from boot time, and can be inferred by an attacker. This affects net/core/flow_dissector.c and related code. | ||||
| CVE-2019-17666 | 4 Canonical, Debian, Linux and 1 more | 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more | 2024-08-05 | 8.8 High |
| rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow. | ||||
| CVE-2019-17133 | 5 Canonical, Debian, Linux and 2 more | 11 Ubuntu Linux, Debian Linux, Linux Kernel and 8 more | 2024-08-05 | 9.8 Critical |
| In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow. | ||||
| CVE-2019-17055 | 6 Canonical, Debian, Fedoraproject and 3 more | 10 Ubuntu Linux, Debian Linux, Fedora and 7 more | 2024-08-05 | 3.3 Low |
| base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21. | ||||
| CVE-2019-17053 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Extras Rt | 2024-08-05 | 3.3 Low |
| ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7. | ||||
| CVE-2019-16994 | 3 Linux, Opensuse, Redhat | 4 Linux Kernel, Leap, Enterprise Linux and 1 more | 2024-08-05 | 4.7 Medium |
| In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b26e21a. | ||||