Redhat Developer Tools vulnerabilities

CVE-2021-3669 [MEDIUM] CWE-400 CVE-2021-3669: A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.

CVE-2021-3697 [HIGH] CWE-787 CVE-2021-3697: A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlle A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload. This vulnerability can lead to data corruption and eventual code execution

CVE-2021-3695 [MEDIUM] CWE-787 CVE-2021-3695: A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. This issue has a high complexity to be exploited as an attacker needs to perform some triage over the heap layout to

CVE-2021-3696 [MEDIUM] CWE-787 CVE-2021-3696: A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may be considered Low as it's very complex to an attacker control the encoding and positioning of corrupted Huffman entries to achieve results such as arbitr

CVE-2022-1227 [HIGH] CWE-281 CVE-2022-1227: A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or

CVE-2022-27649 [HIGH] CWE-276 CVE-2022-27649: A flaw was found in Podman, where containers were started incorrectly with non-empty default permiss A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby (Docker Engine), where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate

CVE-2022-0330 [HIGH] CWE-281 CVE-2022-0330: A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system.

CVE-2022-1011 [HIGH] CWE-416 CVE-2022-1011: A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers wri A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.

CVE-2021-3744 [MEDIUM] CVE-2021-3744: A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/cr A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.

CVE-2019-17596 [HIGH] CWE-436 CVE-2019-17596: Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic conta Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.

CVE-2019-16276 [HIGH] CWE-444 CVE-2019-16276: Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.

CVE-2019-9514 [HIGH] CWE-400 CVE-2019-9514: Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of serv Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both

CVE-2018-16871 [HIGH] CWE-476 CVE-2018-16871: A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS se

CVE-2019-9741 [MEDIUM] CWE-93 CVE-2019-9741: An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker control An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the second argument to http.NewRequest with \r\n followed by an HTTP header or a Redis command.

CVE-2017-15041 [CRITICAL] CVE-2017-15041: Go before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command execution. Using custom domain Go before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command execution. Using custom domains, it is possible to arrange things so that example.com/pkg1 points to a Subversion repository but example.com/pkg1/pkg2 points to a Git repository. If the Subversion repository includes a Git checkout in its pkg2 directory and some other work is done to en