Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
13613 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-12151 | 4 Debian, Hp, Redhat and 1 more | 9 Debian Linux, Cifs Server, Enterprise Linux and 6 more | 2024-08-05 | N/A |
A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack. | ||||
CVE-2017-11671 | 2 Gnu, Redhat | 2 Gcc, Enterprise Linux | 2024-08-05 | N/A |
Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially causing failures of these instructions to go unreported. This could potentially lead to less randomness in random number generation. | ||||
CVE-2017-11600 | 2 Linux, Redhat | 5 Linux Kernel, Enterprise Linux, Enterprise Mrg and 2 more | 2024-08-05 | 7.0 High |
net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message. | ||||
CVE-2017-11542 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2024-08-05 | N/A |
tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c. | ||||
CVE-2017-11543 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2024-08-05 | N/A |
tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c. | ||||
CVE-2017-11541 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2024-08-05 | N/A |
tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c. | ||||
CVE-2017-11473 | 3 Canonical, Linux, Redhat | 3 Ubuntu Linux, Linux Kernel, Enterprise Linux | 2024-08-05 | 7.8 High |
Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table. | ||||
CVE-2017-11334 | 3 Debian, Qemu, Redhat | 4 Debian Linux, Qemu, Enterprise Linux and 1 more | 2024-08-05 | 4.4 Medium |
The address_space_write_continue function in exec.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds access and guest instance crash) by leveraging use of qemu_map_ram_ptr to access guest ram block area. | ||||
CVE-2017-11368 | 3 Fedoraproject, Mit, Redhat | 4 Fedora, Kerberos, Kerberos 5 and 1 more | 2024-08-05 | N/A |
In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests. | ||||
CVE-2017-10983 | 2 Freeradius, Redhat | 2 Freeradius, Enterprise Linux | 2024-08-05 | N/A |
An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "DHCP - Read overflow when decoding option 63" and a denial of service. | ||||
CVE-2017-11176 | 3 Debian, Linux, Redhat | 6 Debian Linux, Linux Kernel, Enterprise Linux and 3 more | 2024-08-05 | 7.8 High |
The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact. | ||||
CVE-2017-11108 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2024-08-05 | N/A |
tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol. | ||||
CVE-2017-10984 | 2 Freeradius, Redhat | 2 Freeradius, Enterprise Linux | 2024-08-05 | N/A |
An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write overflow in data2vp_wimax()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code. | ||||
CVE-2017-10981 | 2 Freeradius, Redhat | 2 Freeradius, Enterprise Linux | 2024-08-05 | N/A |
An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in fr_dhcp_decode()" and a denial of service. | ||||
CVE-2017-10980 | 2 Freeradius, Redhat | 2 Freeradius, Enterprise Linux | 2024-08-05 | N/A |
An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in decode_tlv()" and a denial of service. | ||||
CVE-2017-10986 | 2 Freeradius, Redhat | 2 Freeradius, Enterprise Linux | 2024-08-05 | N/A |
An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Infinite read in dhcp_attr2vp()" and a denial of service. | ||||
CVE-2017-10982 | 2 Freeradius, Redhat | 2 Freeradius, Enterprise Linux | 2024-08-05 | N/A |
An FR-GV-205 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Buffer over-read in fr_dhcp_decode_options()" and a denial of service. | ||||
CVE-2017-10985 | 2 Freeradius, Redhat | 2 Freeradius, Enterprise Linux | 2024-08-05 | N/A |
An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite loop and memory exhaustion with 'concat' attributes" and a denial of service. | ||||
CVE-2017-10987 | 2 Freeradius, Redhat | 2 Freeradius, Enterprise Linux | 2024-08-05 | N/A |
An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Buffer over-read in fr_dhcp_decode_suboptions()" and a denial of service. | ||||
CVE-2017-10978 | 3 Debian, Freeradius, Redhat | 9 Debian Linux, Freeradius, Enterprise Linux and 6 more | 2024-08-05 | N/A |
An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in make_secret()" and a denial of service. |