Redhat Enterprise Linux vulnerabilities

CVE-2023-32573 [MEDIUM] CWE-369 CVE-2023-32573: In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.

CVE-2023-2156 [HIGH] CWE-617 CVE-2023-2156: A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL prot A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create a denial of service condition on the system.

CVE-2023-32233 [HIGH] CWE-416 CVE-2023-32233: In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch req In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.

CVE-2023-2513 [MEDIUM] CWE-416 CVE-2023-2513: A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors.

CVE-2023-30549 [HIGH] CWE-416 CVE-2023-30549: Apptainer is an open source container platform for Linux. There is an ext4 use-after-free flaw that Apptainer is an open source container platform for Linux. There is an ext4 use-after-free flaw that is exploitable through versions of Apptainer < 1.1.0 and installations that include apptainer-suid < 1.1.8 on older operating systems where that CVE has not been patched. That includes Red Hat Enterprise Linux 7, Debian 10 buster (unless the linux-5.10 p

CVE-2023-2019 [MEDIUM] CWE-911 CVE-2023-2019: A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. Thi A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on the system.

CVE-2023-2194 [MEDIUM] CWE-787 CVE-2023-2194: An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve cod

CVE-2023-28327 [MEDIUM] CWE-476 CVE-2023-28327: A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unix_diag_get_e A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unix_diag_get_exact in the Linux Kernel. The newly allocated skb does not have sk, leading to a NULL pointer. This flaw allows a local user to crash or potentially cause a denial of service.

CVE-2023-28328 [MEDIUM] CWE-476 CVE-2023-28328: A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially cause a denial of service.

CVE-2022-3787 [HIGH] CWE-285 CVE-2022-3787: A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local u A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This issue occurs because an attacker can repeat a

CVE-2023-0664 [HIGH] CWE-250 CVE-2023-0664: A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their privileges on the system.

CVE-2023-1652 [HIGH] CWE-416 CVE-2023-1652: A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem i A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem.

CVE-2023-0494 [HIGH] CWE-416 CVE-2023-0494: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerCl A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding s

CVE-2023-1380 [HIGH] CWE-125 CVE-2023-1380: A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/b A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.

CVE-2023-0179 [HIGH] CWE-190 CVE-2023-0179: A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution.

CVE-2023-0778 [MEDIUM] CWE-367 CVE-2023-0778: A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user to replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file system.

CVE-2023-1073 [MEDIUM] CWE-119 CVE-2023-1073: A memory corruption flaw was found in the Linux kernel’s human interface device (HID) subsystem in h A memory corruption flaw was found in the Linux kernel’s human interface device (HID) subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system.

CVE-2021-3923 [LOW] CWE-200 CVE-2021-3923: A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a pr A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechani

CVE-2023-1289 [MEDIUM] CWE-20 CVE-2023-1289: A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and ca A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial of service. When ImageMagick crashes, it generates a lot o

CVE-2023-1513 [LOW] CWE-665 CVE-2023-1513: A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak.