Redhat Enterprise Linux vulnerabilities

CVE-2022-4144 [MEDIUM] CWE-125 CVE-2022-4144: An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt( An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address, potentially reading past the end of the bar space into adjacent pages. A malicious guest user could use this flaw to crash the QEMU process on the host causing

CVE-2022-3500 [MEDIUM] CWE-248 CVE-2022-3500: A vulnerability was found in keylime. This security issue happens in some circumstances, due to some A vulnerability was found in keylime. This security issue happens in some circumstances, due to some improperly handled exceptions, there exists the possibility that a rogue agent could create errors on the verifier that stopped attestation attempts for that host leaving it in an attested state but not verifying that anymore.

CVE-2022-3821 [MEDIUM] CWE-193 CVE-2022-3821: An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.

CVE-2022-2963 [HIGH] CWE-401 CVE-2022-2963: A vulnerability found in jasper. This security vulnerability happens because of a memory leak bug in A vulnerability found in jasper. This security vulnerability happens because of a memory leak bug in function cmdopts_parse that can cause a crash or segmentation fault.

CVE-2022-2850 [MEDIUM] CVE-2022-2850: A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticate A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix of CVE-2021-3514.

CVE-2022-2989 [HIGH] CWE-842 CVE-2022-2989: An incorrect handling of the supplementary groups in the Podman container engine might lead to the s An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.

CVE-2022-2990 [HIGH] CWE-842 CVE-2022-2990: An incorrect handling of the supplementary groups in the Buildah container engine might lead to the An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.

CVE-2020-10735 [HIGH] CWE-704 CVE-2020-10735: A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, whe A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int("text"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulner

CVE-2022-2964 [HIGH] CWE-119 CVE-2022-2964: A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Et A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.

CVE-2022-2905 [MEDIUM] CWE-125 CVE-2022-2905: An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.

CVE-2022-25308 [HIGH] CWE-121 CVE-2022-25308: A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service.

CVE-2022-25310 [MEDIUM] CWE-119 CVE-2022-25310: A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bid A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bidi_marks() function of the lib/fribidi.c file. This flaw allows an attacker to pass a specially crafted file to Fribidi, leading to a crash and causing a denial of service.

CVE-2022-25309 [MEDIUM] CWE-122 CVE-2022-25309: A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_t A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_to_unicode() function of the fribidi-char-sets-cap-rtl.c file. This flaw allows an attacker to pass a specially crafted file to the Fribidi application with the '--caprtl' option, leading to a crash and causing a denial of service.

CVE-2022-2639 [HIGH] CWE-192 CVE-2022-2639: An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large num An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or poten

CVE-2022-1247 [HIGH] CWE-362 CVE-2022-1247: An issue found in linux-kernel that leads to a race condition in rose_connect(). The rose driver use An issue found in linux-kernel that leads to a race condition in rose_connect(). The rose driver uses rose_neigh->use to represent how many objects are using the rose_neigh. When a user wants to delete a rose_route via rose_ioctl(), the rose driver calls rose_del_node() and removes neighbours only if their “count” and “use” are zero.

CVE-2022-2132 [HIGH] CWE-791 CVE-2022-2132: A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to c A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.

CVE-2022-1355 [MEDIUM] CWE-121 CVE-2022-1355: A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service.

CVE-2022-1263 [MEDIUM] CWE-476 CVE-2022-1263: A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enab A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.

CVE-2022-2153 [MEDIUM] CWE-476 CVE-2022-2153: A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it p A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of servi

CVE-2022-1354 [MEDIUM] CWE-125 CVE-2022-1354: A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service.