Filtered by vendor Redhat Subscriptions
Filtered by product Rhel Tus Subscriptions
Total 913 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-42896 2 Linux, Redhat 8 Linux Kernel, Enterprise Linux, Rhel Aus and 5 more 2024-11-21 8 High
There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit  https://www.google.com/url https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 https://www.google.com/url
CVE-2022-41903 2 Git-scm, Redhat 8 Git, Enterprise Linux, Rhel Aus and 5 more 2024-11-21 9.8 Critical
Git is distributed revision control system. `git log` can display commits in an arbitrary format using its `--format` specifiers. This functionality is also exposed to `git archive` via the `export-subst` gitattribute. When processing the padding operators, there is a integer overflow in `pretty.c::format_and_pad_commit()` where a `size_t` is stored improperly as an `int`, and then added as an offset to a `memcpy()`. This overflow can be triggered directly by a user running a command which invokes the commit formatting machinery (e.g., `git log --format=...`). It may also be triggered indirectly through git archive via the export-subst mechanism, which expands format specifiers inside of files within the repository during a git archive. This integer overflow can result in arbitrary heap writes, which may result in arbitrary code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. Users who are unable to upgrade should disable `git archive` in untrusted repositories. If you expose git archive via `git daemon`, disable it by running `git config --global daemon.uploadArch false`.
CVE-2022-41862 3 Fedoraproject, Postgresql, Redhat 11 Fedora, Postgresql, Enterprise Linux and 8 more 2024-11-21 3.7 Low
In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.
CVE-2022-41858 3 Linux, Netapp, Redhat 8 Linux Kernel, Hci Baseboard Management Controller, Enterprise Linux and 5 more 2024-11-21 7.1 High
A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.
CVE-2022-41715 2 Golang, Redhat 24 Go, Acm, Ceph Storage and 21 more 2024-11-21 7.5 High
Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected.
CVE-2022-40982 5 Debian, Intel, Netapp and 2 more 1058 Debian Linux, Celeron 5205u, Celeron 5205u Firmware and 1055 more 2024-11-21 6.5 Medium
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2022-40897 2 Python, Redhat 7 Setuptools, Enterprise Linux, Rhel Aus and 4 more 2024-11-21 5.9 Medium
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
CVE-2022-40284 4 Debian, Fedoraproject, Redhat and 1 more 9 Debian Linux, Fedora, Advanced Virtualization and 6 more 2024-11-21 7.8 High
A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon attachment of an external storage device.
CVE-2022-3775 2 Gnu, Redhat 6 Grub2, Enterprise Linux, Rhel Aus and 3 more 2024-11-21 7.1 High
When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded.
CVE-2022-3564 4 Debian, Linux, Netapp and 1 more 17 Debian Linux, Linux Kernel, H300s and 14 more 2024-11-21 5.5 Medium
A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.
CVE-2022-3560 3 Fedoraproject, Pesign Project, Redhat 7 Fedora, Pesign, Enterprise Linux and 4 more 2024-11-21 5.5 Medium
A flaw was found in pesign. The pesign package provides a systemd service used to start the pesign daemon. This service unit runs a script to set ACLs for /etc/pki/pesign and /run/pesign directories to grant access privileges to users in the 'pesign' group. However, the script doesn't check for symbolic links. This could allow an attacker to gain access to privileged files and directories via a path traversal attack.
CVE-2022-3545 4 Debian, Linux, Netapp and 1 more 18 Debian Linux, Linux Kernel, H300s and 15 more 2024-11-21 5.5 Medium
A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.
CVE-2022-3515 3 Gnupg, Gpg4win, Redhat 10 Gnupg, Libksba, Vs-desktop and 7 more 2024-11-21 9.8 Critical
A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.
CVE-2022-38096 2 Linux, Redhat 8 Linux Kernel, Enterprise Linux, Logging and 5 more 2024-11-21 6.3 Medium
A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).
CVE-2022-38023 5 Fedoraproject, Microsoft, Netapp and 2 more 18 Fedora, Windows Server 2008, Windows Server 2008 R2 and 15 more 2024-11-21 8.1 High
Netlogon RPC Elevation of Privilege Vulnerability
CVE-2022-32885 2 Apple, Redhat 9 Ipados, Iphone Os, Macos and 6 more 2024-11-21 8.8 High
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution
CVE-2022-32250 5 Debian, Fedoraproject, Linux and 2 more 20 Debian Linux, Fedora, Linux Kernel and 17 more 2024-11-21 7.8 High
net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.
CVE-2022-32206 7 Debian, Fedoraproject, Haxx and 4 more 35 Debian Linux, Fedora, Curl and 32 more 2024-11-21 6.5 Medium
curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.
CVE-2022-2964 3 Linux, Netapp, Redhat 18 Linux Kernel, H300s, H300s Firmware and 15 more 2024-11-21 7.8 High
A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.
CVE-2022-2639 2 Linux, Redhat 7 Linux Kernel, Enterprise Linux, Rhel Aus and 4 more 2024-11-21 7.8 High
An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.