Redhat Enterprise Linux vulnerabilities

CVE-2022-0358 [HIGH] CVE-2022-0358: A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation. This fl A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation. This flaw is strictly related to CVE-2018-13405. A local guest user can create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of the gr

CVE-2022-0934 [HIGH] CWE-416 CVE-2022-0934: A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an att A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service.

CVE-2022-1199 [HIGH] CWE-416 CVE-2022-1199: A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simu A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.

CVE-2022-1184 [MEDIUM] CWE-416 CVE-2022-1184: A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesyste A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.

CVE-2022-0852 [MEDIUM] CWE-359 CVE-2022-0852: There is a flaw in convert2rhel. convert2rhel passes the Red Hat account password to subscription-ma There is a flaw in convert2rhel. convert2rhel passes the Red Hat account password to subscription-manager via the command line, which could allow unauthorized users locally on the machine to view the password via the process command line via e.g. htop or ps. The specific impact varies upon the privileges of the Red Hat account in question, but it coul

CVE-2022-0485 [MEDIUM] CWE-252 CVE-2022-0485: A flaw was found in the copying tool `nbdcopy` of libnbd. When performing multi-threaded copies usin A flaw was found in the copying tool `nbdcopy` of libnbd. When performing multi-threaded copies using asynchronous nbd calls, nbdcopy was blindly treating the completion of an asynchronous command as successful, rather than checking the *error parameter. This could result in the silent creation of a corrupted destination image.

CVE-2022-0480 [MEDIUM] CWE-770 CVE-2022-0480: A flaw was found in the filelock_init in fs/locks.c function in the Linux kernel. This issue can lea A flaw was found in the filelock_init in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface (POSIX) file locks.

CVE-2022-0851 [MEDIUM] CWE-200 CVE-2022-0851: There is a flaw in convert2rhel. When the --activationkey option is used with convert2rhel, the acti There is a flaw in convert2rhel. When the --activationkey option is used with convert2rhel, the activation key is subsequently passed to subscription-manager via the command line, which could allow unauthorized users locally on the machine to view the activation key via the process command line via e.g. htop or ps. The specific impact varies upon the

CVE-2022-1198 [MEDIUM] CWE-416 CVE-2022-1198: A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.

CVE-2022-1016 [MEDIUM] CWE-824 CVE-2022-1016: A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.

CVE-2021-3864 [HIGH] CWE-284 CVE-2021-3864: A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries execute A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value set to 1. As a result, if the descendant process crashes and core_pattern i

CVE-2021-35939 [MEDIUM] CVE-2021-35939: It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only imp It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integ

CVE-2022-34301 [MEDIUM] CVE-2022-34301: A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bo A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Pa

CVE-2022-0175 [MEDIUM] CWE-909 CVE-2022-0175: A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly in A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading to information disclosure.

CVE-2022-0168 [MEDIUM] CWE-476 CVE-2022-0168: A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in th A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to crash the system.

CVE-2022-34303 [MEDIUM] CVE-2022-34303: A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to b A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is re

CVE-2022-34302 [MEDIUM] CVE-2022-34302: A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this boot A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Part

CVE-2021-3669 [MEDIUM] CWE-400 CVE-2021-3669: A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.

CVE-2022-0171 [MEDIUM] CWE-459 CVE-2022-0171: A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).

CVE-2022-0135 [HIGH] CWE-787 CVE-2022-0135: An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This fl An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution.