Filtered by vendor Redhat Subscriptions
Filtered by product Enterprise Linux For Ibm Z Systems Subscriptions
Total 90 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-8945 3 Fedoraproject, Gpgme Project, Redhat 12 Fedora, Gpgme, Enterprise Linux and 9 more 2024-08-04 7.5 High
The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification.
CVE-2021-31566 5 Debian, Fedoraproject, Libarchive and 2 more 14 Debian Linux, Fedora, Libarchive and 11 more 2024-08-03 7.8 High
An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to gain more privileges in a system.
CVE-2021-23177 4 Debian, Fedoraproject, Libarchive and 1 more 13 Debian Linux, Fedora, Libarchive and 10 more 2024-08-03 7.8 High
An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to change the ACL of a file on the system and gain more privileges.
CVE-2021-23214 3 Fedoraproject, Postgresql, Redhat 7 Fedora, Postgresql, Enterprise Linux and 4 more 2024-08-03 8.1 High
When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption.
CVE-2021-20257 4 Debian, Fedoraproject, Qemu and 1 more 9 Debian Linux, Fedora, Qemu and 6 more 2024-08-03 6.5 Medium
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits (tx) descriptors in process_tx_desc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
CVE-2021-4091 2 Port389, Redhat 11 389-ds-base, Directory Server, Enterprise Linux and 8 more 2024-08-03 7.5 High
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash.
CVE-2021-3975 5 Canonical, Debian, Fedoraproject and 2 more 15 Ubuntu Linux, Debian Linux, Fedora and 12 more 2024-08-03 6.5 Medium
A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash.
CVE-2021-3930 3 Debian, Qemu, Redhat 11 Debian Linux, Qemu, Advanced Virtualization and 8 more 2024-08-03 6.5 Medium
An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition.
CVE-2021-3659 3 Fedoraproject, Linux, Redhat 17 Fedora, Linux Kernel, Codeready Linux Builder and 14 more 2024-08-03 5.5 Medium
A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.
CVE-2021-3737 6 Canonical, Fedoraproject, Netapp and 3 more 18 Ubuntu Linux, Fedora, Hci and 15 more 2024-08-03 7.5 High
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.
CVE-2021-3733 4 Fedoraproject, Netapp, Python and 1 more 21 Extra Packages For Enterprise Linux, Fedora, Hci Compute Node Firmware and 18 more 2024-08-03 6.5 Medium
There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability.
CVE-2021-3602 2 Buildah Project, Redhat 4 Buildah, Enterprise Linux, Enterprise Linux For Ibm Z Systems and 1 more 2024-08-03 5.5 Medium
An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile RUN commands) can access environment variables from parent and grandparent processes. When run in a container in a CI/CD environment, environment variables may include sensitive information that was shared with the container in order to be used only by Buildah itself (e.g. container registry credentials).
CVE-2021-3677 3 Fedoraproject, Postgresql, Redhat 9 Fedora, Postgresql, Enterprise Linux and 6 more 2024-08-03 6.5 Medium
A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include max_worker_processes=0, the known versions of this attack are infeasible. However, undiscovered variants of the attack may be independent of that setting.
CVE-2021-3669 5 Debian, Fedoraproject, Ibm and 2 more 24 Debian Linux, Fedora, Spectrum Copy Data Management and 21 more 2024-08-03 5.5 Medium
A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.
CVE-2021-3656 3 Fedoraproject, Linux, Redhat 31 Fedora, Linux Kernel, 3scale Api Management and 28 more 2024-08-03 8.8 High
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.
CVE-2021-3551 4 Dogtagpki, Fedoraproject, Oracle and 1 more 12 Dogtagpki, Fedora, Linux and 9 more 2024-08-03 7.8 High
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threat from this vulnerability is to confidentiality.
CVE-2022-27649 3 Fedoraproject, Podman Project, Redhat 15 Fedora, Podman, Developer Tools and 12 more 2024-08-03 7.5 High
A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby (Docker Engine), where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs.
CVE-2022-4254 2 Fedoraproject, Redhat 16 Sssd, Enterprise Linux, Enterprise Linux Desktop and 13 more 2024-08-03 8.8 High
sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
CVE-2022-3962 2 Kiali, Redhat 6 Kiali, Enterprise Linux, Enterprise Linux For Ibm Z Systems and 3 more 2024-08-03 4.3 Medium
A content spoofing vulnerability was found in Kiali. It was discovered that Kiali does not implement error handling when the page or endpoint being accessed cannot be found. This issue allows an attacker to perform arbitrary text injection when an error response is retrieved from the URL being accessed.
CVE-2022-1227 4 Fedoraproject, Podman Project, Psgo Project and 1 more 19 Fedora, Podman, Psgo and 16 more 2024-08-02 8.8 High
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service.