Redhat Enterprise Linux vulnerabilities

CVE-2022-0485 [MEDIUM] CWE-252 CVE-2022-0485: A flaw was found in the copying tool `nbdcopy` of libnbd. When performing multi-threaded copies usin A flaw was found in the copying tool `nbdcopy` of libnbd. When performing multi-threaded copies using asynchronous nbd calls, nbdcopy was blindly treating the completion of an asynchronous command as successful, rather than checking the *error parameter. This could result in the silent creation of a corrupted destination image.

CVE-2022-0480 [MEDIUM] CWE-770 CVE-2022-0480: A flaw was found in the filelock_init in fs/locks.c function in the Linux kernel. This issue can lea A flaw was found in the filelock_init in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface (POSIX) file locks.

CVE-2022-0851 [MEDIUM] CWE-200 CVE-2022-0851: There is a flaw in convert2rhel. When the --activationkey option is used with convert2rhel, the acti There is a flaw in convert2rhel. When the --activationkey option is used with convert2rhel, the activation key is subsequently passed to subscription-manager via the command line, which could allow unauthorized users locally on the machine to view the activation key via the process command line via e.g. htop or ps. The specific impact varies upon the

CVE-2022-1198 [MEDIUM] CWE-416 CVE-2022-1198: A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.

CVE-2022-1016 [MEDIUM] CWE-824 CVE-2022-1016: A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.

CVE-2021-3864 [HIGH] CWE-284 CVE-2021-3864: A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries execute A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value set to 1. As a result, if the descendant process crashes and core_pattern i

CVE-2021-35939 [MEDIUM] CVE-2021-35939: It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only imp It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integ

CVE-2022-34301 [MEDIUM] CVE-2022-34301: A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bo A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Pa

CVE-2022-0175 [MEDIUM] CWE-909 CVE-2022-0175: A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly in A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading to information disclosure.

CVE-2022-0168 [MEDIUM] CWE-476 CVE-2022-0168: A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in th A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to crash the system.

CVE-2022-34303 [MEDIUM] CVE-2022-34303: A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to b A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is re

CVE-2022-34302 [MEDIUM] CVE-2022-34302: A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this boot A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Part

CVE-2021-3669 [MEDIUM] CWE-400 CVE-2021-3669: A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.

CVE-2022-0171 [MEDIUM] CWE-459 CVE-2022-0171: A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).

CVE-2022-0135 [HIGH] CWE-787 CVE-2022-0135: An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This fl An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution.

CVE-2021-35937 [MEDIUM] CVE-2021-35937: A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to by A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

CVE-2021-35938 [MEDIUM] CWE-59 CVE-2021-35938: A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credenti A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data

CVE-2021-4204 [HIGH] CWE-20 CVE-2021-4204: An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper In An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information.

CVE-2021-4213 [HIGH] CWE-401 CVE-2021-4213: A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service.

CVE-2021-4159 [MEDIUM] CWE-202 CVE-2021-4159: A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel.