Redhat Enterprise Linux vulnerabilities

CVE-2022-2989 [HIGH] CWE-842 CVE-2022-2989: An incorrect handling of the supplementary groups in the Podman container engine might lead to the s An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.

CVE-2022-2990 [HIGH] CWE-842 CVE-2022-2990: An incorrect handling of the supplementary groups in the Buildah container engine might lead to the An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.

CVE-2020-10735 [HIGH] CWE-704 CVE-2020-10735: A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, whe A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int("text"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulner

CVE-2022-2964 [HIGH] CWE-119 CVE-2022-2964: A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Et A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.

CVE-2022-2905 [MEDIUM] CWE-125 CVE-2022-2905: An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.

CVE-2022-25308 [HIGH] CWE-121 CVE-2022-25308: A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service.

CVE-2022-25310 [MEDIUM] CWE-119 CVE-2022-25310: A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bid A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bidi_marks() function of the lib/fribidi.c file. This flaw allows an attacker to pass a specially crafted file to Fribidi, leading to a crash and causing a denial of service.

CVE-2022-25309 [MEDIUM] CWE-122 CVE-2022-25309: A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_t A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_to_unicode() function of the fribidi-char-sets-cap-rtl.c file. This flaw allows an attacker to pass a specially crafted file to the Fribidi application with the '--caprtl' option, leading to a crash and causing a denial of service.

CVE-2022-2639 [HIGH] CWE-192 CVE-2022-2639: An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large num An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or poten

CVE-2022-1247 [HIGH] CWE-362 CVE-2022-1247: An issue found in linux-kernel that leads to a race condition in rose_connect(). The rose driver use An issue found in linux-kernel that leads to a race condition in rose_connect(). The rose driver uses rose_neigh->use to represent how many objects are using the rose_neigh. When a user wants to delete a rose_route via rose_ioctl(), the rose driver calls rose_del_node() and removes neighbours only if their “count” and “use” are zero.

CVE-2022-2132 [HIGH] CWE-791 CVE-2022-2132: A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to c A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.

CVE-2022-1355 [MEDIUM] CWE-121 CVE-2022-1355: A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service.

CVE-2022-1263 [MEDIUM] CWE-476 CVE-2022-1263: A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enab A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.

CVE-2022-2153 [MEDIUM] CWE-476 CVE-2022-2153: A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it p A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of servi

CVE-2022-1354 [MEDIUM] CWE-125 CVE-2022-1354: A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service.

CVE-2022-0358 [HIGH] CVE-2022-0358: A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation. This fl A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation. This flaw is strictly related to CVE-2018-13405. A local guest user can create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of the gr

CVE-2022-0934 [HIGH] CWE-416 CVE-2022-0934: A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an att A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service.

CVE-2022-1199 [HIGH] CWE-416 CVE-2022-1199: A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simu A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.

CVE-2022-1184 [MEDIUM] CWE-416 CVE-2022-1184: A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesyste A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.

CVE-2022-0852 [MEDIUM] CWE-359 CVE-2022-0852: There is a flaw in convert2rhel. convert2rhel passes the Red Hat account password to subscription-ma There is a flaw in convert2rhel. convert2rhel passes the Red Hat account password to subscription-manager via the command line, which could allow unauthorized users locally on the machine to view the password via the process command line via e.g. htop or ps. The specific impact varies upon the privileges of the Red Hat account in question, but it coul