Filtered by vendor Redhat
Subscriptions
Filtered by product Rhel Extras Other
Subscriptions
Total
61 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2018-20699 | 2 Docker, Redhat | 3 Engine, Enterprise Linux Server, Rhel Extras Other | 2024-08-05 | N/A |
Docker Engine before 18.09 allows attackers to cause a denial of service (dockerd memory consumption) via a large integer in a --cpuset-mems or --cpuset-cpus value, related to daemon/daemon_unix.go, pkg/parsers/parsers.go, and pkg/sysinfo/sysinfo.go. | ||||
CVE-2018-16886 | 3 Etcd, Fedoraproject, Redhat | 6 Etcd, Fedora, Enterprise Linux Desktop and 3 more | 2024-08-05 | 8.1 High |
etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Name (CN) which matches a valid RBAC username, a remote attacker may authenticate as that user with any valid (trusted) client certificate in a REST API request to the gRPC-gateway. | ||||
CVE-2018-15664 | 2 Docker, Redhat | 2 Docker, Rhel Extras Other | 2024-08-05 | N/A |
In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host filesystem with root privileges, because daemon/archive.go does not do archive operations on a frozen filesystem (or from within a chroot). | ||||
CVE-2018-10933 | 6 Canonical, Debian, Libssh and 3 more | 10 Ubuntu Linux, Debian Linux, Libssh and 7 more | 2024-08-05 | N/A |
A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access. | ||||
CVE-2018-10892 | 4 Docker, Mobyproject, Opensuse and 1 more | 7 Docker, Moby, Leap and 4 more | 2024-08-05 | 5.3 Medium |
The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling bluetooth or turning up/down keyboard brightness. | ||||
CVE-2018-10856 | 2 Libpod Project, Redhat | 2 Libpod, Rhel Extras Other | 2024-08-05 | N/A |
It has been discovered that podman before version 0.6.1 does not drop capabilities when executing a container as a non-root user. This results in unnecessary privileges being granted to the container. | ||||
CVE-2018-7750 | 3 Debian, Paramiko, Redhat | 18 Debian Linux, Paramiko, Ansible Engine and 15 more | 2024-08-05 | 9.8 Critical |
transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step. | ||||
CVE-2019-19921 | 5 Canonical, Debian, Linuxfoundation and 2 more | 8 Ubuntu Linux, Debian Linux, Runc and 5 more | 2024-08-05 | 7.0 High |
runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.) | ||||
CVE-2019-18466 | 2 Libpod Project, Redhat | 3 Libpod, Enterprise Linux, Rhel Extras Other | 2024-08-05 | 5.5 Medium |
An issue was discovered in Podman in libpod before 1.6.0. It resolves a symlink in the host context during a copy operation from the container to the host, because an undesired glob operation occurs. An attacker could create a container image containing particular symlinks that, when copied by a victim user to the host filesystem, may overwrite existing files with others from the host. | ||||
CVE-2019-16884 | 6 Canonical, Docker, Fedoraproject and 3 more | 12 Ubuntu Linux, Docker, Fedora and 9 more | 2024-08-05 | 7.5 High |
runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory. | ||||
CVE-2019-15890 | 3 Libslirp Project, Qemu, Redhat | 5 Libslirp, Qemu, Advanced Virtualization and 2 more | 2024-08-05 | 7.5 High |
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c. | ||||
CVE-2019-14818 | 3 Dpdk, Fedoraproject, Redhat | 7 Data Plane Development Kit, Fedora, Enterprise Linux and 4 more | 2024-08-05 | 7.5 High |
A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a memory leak including file descriptors. This flaw could lead to a denial of service condition. | ||||
CVE-2019-14378 | 2 Libslirp Project, Redhat | 7 Libslirp, Advanced Virtualization, Enterprise Linux and 4 more | 2024-08-05 | N/A |
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment. | ||||
CVE-2019-13139 | 2 Docker, Redhat | 2 Docker, Rhel Extras Other | 2024-08-04 | N/A |
In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the underlying "git clone" command, leading to code execution in the context of the user executing the "docker build" command. This occurs because git ref can be misinterpreted as a flag. | ||||
CVE-2019-10152 | 3 Libpod Project, Opensuse, Redhat | 3 Libpod, Leap, Rhel Extras Other | 2024-08-04 | 7.2 High |
A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator tries to copy a file from/to the container. | ||||
CVE-2019-9946 | 4 Cncf, Kubernetes, Netapp and 1 more | 5 Portmap, Kubernetes, Cloud Insights and 2 more | 2024-08-04 | N/A |
Cloud Native Computing Foundation (CNCF) CNI (Container Networking Interface) 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI 'portmap' plugin, used to setup HostPorts for CNI, inserts rules at the front of the iptables nat chains; which take precedence over the KUBE- SERVICES chain. Because of this, the HostPort/portmap rule could match incoming traffic even if there were better fitting, more specific service definition rules like NodePorts later in the chain. The issue is fixed in CNI 0.7.5 and Kubernetes 1.11.9, 1.12.7, 1.13.5, and 1.14.0. | ||||
CVE-2019-9514 | 13 Apache, Apple, Canonical and 10 more | 44 Traffic Server, Mac Os X, Swiftnio and 41 more | 2024-08-04 | 7.5 High |
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. | ||||
CVE-2019-9512 | 6 Apache, Apple, Canonical and 3 more | 24 Traffic Server, Mac Os X, Swiftnio and 21 more | 2024-08-04 | 7.5 High |
Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. | ||||
CVE-2019-5736 | 13 Apache, Canonical, D2iq and 10 more | 20 Mesos, Ubuntu Linux, Dc\/os and 17 more | 2024-08-04 | 8.6 High |
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe. | ||||
CVE-2019-3817 | 2 Redhat, Rpm | 3 Enterprise Linux, Rhel Extras Other, Libcomps | 2024-08-04 | N/A |
A use-after-free flaw has been discovered in libcomps before version 0.1.10 in the way ObjMRTrees are merged. An attacker, who is able to make an application read a crafted comps XML file, may be able to crash the application or execute malicious code. |