Filtered by vendor Redhat
Subscriptions
Filtered by product Virtualization
Subscriptions
Total
128 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-2805 | 1 Redhat | 2 Rhev Manager, Virtualization | 2024-08-03 | 6.5 Medium |
A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. This flaw allows an attacker with sufficient privileges to read the log file, leading to confidentiality loss. | ||||
CVE-2022-2132 | 4 Debian, Dpdk, Fedoraproject and 1 more | 15 Debian Linux, Data Plane Development Kit, Fedora and 12 more | 2024-08-03 | 8.6 High |
A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK. | ||||
CVE-2022-2078 | 3 Debian, Linux, Redhat | 6 Debian Linux, Linux Kernel, Enterprise Linux and 3 more | 2024-08-03 | 5.5 Medium |
A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code. | ||||
CVE-2022-0435 | 5 Fedoraproject, Linux, Netapp and 2 more | 40 Fedora, Linux Kernel, H300e and 37 more | 2024-08-02 | 8.8 High |
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network. | ||||
CVE-2022-0330 | 4 Fedoraproject, Linux, Netapp and 1 more | 52 Fedora, Linux Kernel, H300e and 49 more | 2024-08-02 | 7.8 High |
A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system. | ||||
CVE-2022-0207 | 2 Ovirt, Redhat | 6 Vdsm, Enterprise Linux, Rhev Hypervisor and 3 more | 2024-08-02 | 4.7 Medium |
A race condition was found in vdsm. Functionality to obfuscate sensitive values in log files that may lead to values being stored in clear text. | ||||
CVE-2023-5366 | 2 Openvswitch, Redhat | 7 Openvswitch, Enterprise Linux, Fast Datapath and 4 more | 2024-08-02 | 7.1 High |
A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses. | ||||
CVE-2023-1668 | 3 Cloudbase, Debian, Redhat | 8 Open Vswitch, Debian Linux, Enterprise Linux and 5 more | 2024-08-02 | 8.2 High |
A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow. |