Redhat Enterprise Linux vulnerabilities

CVE-2022-2625 [HIGH] CWE-915 CVE-2022-2625: A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary obj A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. G

CVE-2020-14394 [LOW] CWE-835 CVE-2020-14394: An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the len An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service.

CVE-2022-1158 [HIGH] CWE-416 CVE-2022-1158: A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as t A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and potentially corrupt the kernel, resulting in a denial of servic

CVE-2022-2509 [HIGH] CWE-415 CVE-2022-2509: A vulnerability found in gnutls. This security flaw happens because of a double free error occurs du A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.

CVE-2022-35651 [MEDIUM] CWE-79 CVE-2022-35651: A stored XSS and blind SSRF vulnerability was found in Moodle, occurs due to insufficient sanitizati A stored XSS and blind SSRF vulnerability was found in Moodle, occurs due to insufficient sanitization of user-supplied data in the SCORM track details. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website to steal potentially sensitive

CVE-2022-35653 [MEDIUM] CWE-79 CVE-2022-35653: A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to in A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website to steal potentiall

CVE-2022-2393 [MEDIUM] CWE-285 CVE-2022-2393: A flaw was found in pki-core, which could allow a user to get a certificate for another user identit A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but they would not be able to decrypt message content.

CVE-2022-2211 [MEDIUM] CWE-120 CVE-2022-2211: A vulnerability was found in libguestfs. This issue occurs while calculating the greatest possible n A vulnerability was found in libguestfs. This issue occurs while calculating the greatest possible number of matching keys in the get_keys() function. This flaw leads to a denial of service, either by mistake or malicious actor.

CVE-2021-3697 [HIGH] CWE-787 CVE-2021-3697: A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlle A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload. This vulnerability can lead to data corruption and eventual code execution

CVE-2021-3695 [MEDIUM] CWE-787 CVE-2021-3695: A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. This issue has a high complexity to be exploited as an attacker needs to perform some triage over the heap layout to

CVE-2021-3696 [MEDIUM] CWE-787 CVE-2021-3696: A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may be considered Low as it's very complex to an attacker control the encoding and positioning of corrupted Huffman entries to achieve results such as arbitr

CVE-2022-1852 [MEDIUM] CWE-476 CVE-2022-1852: A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a deni A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.

CVE-2022-2078 [MEDIUM] CWE-121 CVE-2022-2078: A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allo A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code.

CVE-2022-0987 [LOW] CWE-200 CVE-2022-0987: A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface e A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists.

CVE-2022-1665 [HIGH] CWE-1291 CVE-2022-1665: A set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture can b A set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture can be booted by the grub in Secure Boot mode even though it shouldn't. These kernel builds don't have the secure boot lockdown patches applied to it and can bypass the secure boot validations, allowing the attacker to load another non-trusted code.

CVE-2022-32545 [HIGH] CWE-190 CVE-2022-32545: A vulnerability was found in ImageMagick, causing an outside the range of representable values of ty A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.

CVE-2022-32547 [HIGH] CWE-704 CVE-2022-32547: In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignme In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior

CVE-2022-32546 [HIGH] CWE-190 CVE-2022-32546: A vulnerability was found in ImageMagick, causing an outside the range of representable values of ty A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.

CVE-2022-1998 [HIGH] CWE-416 CVE-2022-1998: A use after free in the Linux kernel File System notify functionality was found in the way user trig A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system.

CVE-2022-1708 [HIGH] CWE-400 CVE-2022-1708: A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyon A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a manner where the entire file corresponding to the output of