Redhat Enterprise Linux vulnerabilities
1,783 known vulnerabilities affecting redhat/enterprise_linux.
Total CVEs
1,783
CISA KEV
22
actively exploited
Public exploits
91
Exploited in wild
26
Severity breakdown
CRITICAL162HIGH609MEDIUM858LOW154
Vulnerabilities
Page 20 of 90
CVE-2023-0778MEDIUMCVSS 6.8v8.0v9.02023-03-27
CVE-2023-0778 [MEDIUM] CWE-367 CVE-2023-0778: A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user
A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user to replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file system.
nvd
CVE-2023-1073MEDIUMCVSS 6.6v7.0v8.0+1 more2023-03-27
CVE-2023-1073 [MEDIUM] CWE-119 CVE-2023-1073: A memory corruption flaw was found in the Linux kernel’s human interface device (HID) subsystem in h
A memory corruption flaw was found in the Linux kernel’s human interface device (HID) subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system.
nvd
CVE-2021-3923LOWCVSS 2.3v6.0v7.0+1 more2023-03-27
CVE-2021-3923 [LOW] CWE-200 CVE-2021-3923: A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a pr
A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechani
nvd
CVE-2023-1289MEDIUMCVSS 5.5v8.0v9.02023-03-23
CVE-2023-1289 [MEDIUM] CWE-20 CVE-2023-1289: A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and ca
A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial of service. When ImageMagick crashes, it generates a lot o
nvd
CVE-2023-1513LOWCVSS 3.3v7.0v8.0+1 more2023-03-23
CVE-2023-1513 [LOW] CWE-665 CVE-2023-1513: A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be
A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak.
nvd
CVE-2022-4904HIGHCVSS 8.6v8.0v9.02023-03-06
CVE-2022-4904 [HIGH] CWE-20 CVE-2022-4904: A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity o
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.
nvd
CVE-2022-3424HIGHCVSS 7.8v9.02023-03-06
CVE-2022-3424 [HIGH] CWE-416 CVE-2022-3424: A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_u
A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate their privileges on the system.
nvd
CVE-2019-8720HIGHCVSS 8.8KEVv8.02023-03-06
CVE-2019-8720 [HIGH] CWE-119 CVE-2019-8720: A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web c
A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues.
nvd
CVE-2022-3707MEDIUMCVSS 5.5v8.0v9.02023-03-06
CVE-2022-3707 [MEDIUM] CWE-460 CVE-2022-3707: A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VG
A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in the intel_gvt_dma_map_guest_page function. This issue could allow a local user to crash the system.
nvd
CVE-2023-27561HIGHCVSS 7.0v8.0v9.02023-03-03
CVE-2023-27561 [HIGH] CVE-2023-27561: runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libc
runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.
nvd
CVE-2022-41862LOWCVSS 3.7v8.02023-03-03
CVE-2022-41862 [LOW] CWE-200 CVE-2022-41862: In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establi
In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.
nvd
CVE-2023-1095MEDIUMCVSS 5.5v8.0v9.02023-02-28
CVE-2023-1095 [MEDIUM] CWE-476 CVE-2023-1095: In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to fr
In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference.
nvd
CVE-2023-0361HIGHCVSS 7.4v8.0v9.02023-02-15
CVE-2023-0361 [HIGH] CWE-203 CVE-2023-0361: A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. Th
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the
nvd
CVE-2022-3560MEDIUMCVSS 5.5v7.0v8.0+1 more2023-02-02
CVE-2022-3560 [MEDIUM] CWE-22 CVE-2022-3560: A flaw was found in pesign. The pesign package provides a systemd service used to start the pesign d
A flaw was found in pesign. The pesign package provides a systemd service used to start the pesign daemon. This service unit runs a script to set ACLs for /etc/pki/pesign and /run/pesign directories to grant access privileges to users in the 'pesign' group. However, the script doesn't check for symbolic links. This could allow an attacker to gain acces
nvd
CVE-2022-4254HIGHCVSS 8.8v8.02023-02-01
CVE-2022-4254 [HIGH] CWE-90 CVE-2022-4254: sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
nvd
CVE-2022-4285MEDIUMCVSS 5.5v6.0v7.0+2 more2023-01-27
CVE-2022-4285 [MEDIUM] CVE-2022-4285: An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corr
An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.
nvd
CVE-2022-4743HIGHCVSS 7.5v9.02023-01-12
CVE-2022-4743 [HIGH] CWE-401 CVE-2022-4743: A potential memory leak issue was discovered in SDL2 in GLES_CreateTexture() function in SDL_render_
A potential memory leak issue was discovered in SDL2 in GLES_CreateTexture() function in SDL_render_gles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x are not affected.
nvd
CVE-2022-3715HIGHCVSS 7.8v9.02023-01-05
CVE-2022-3715 [HIGH] CWE-119 CVE-2022-3715: A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_tran
A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.
nvd
CVE-2022-3775HIGHCVSS 7.1v8.02022-12-19
CVE-2022-3775 [HIGH] CWE-787 CVE-2022-3775: When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed
When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code exe
nvd
CVE-2022-4283HIGHCVSS 7.8v6.0v7.0+2 more2022-12-14
CVE-2022-4283 [HIGH] CWE-416 CVE-2022-4283: A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left
A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh
nvd