Redhat Enterprise Linux vulnerabilities

CVE-2021-20197 [MEDIUM] CWE-59 CVE-2021-20197: There is an open race window when writing output in the following utilities in GNU binutils version There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users), an unprivileged user can trick these utilities into getting ownership of arbitrary

CVE-2020-35508 [MEDIUM] CWE-665 CVE-2020-35508: A flaw possibility of race condition and incorrect initialization of the process id was found in the A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process.

CVE-2020-35518 [MEDIUM] CWE-200 CVE-2020-35518: When binding against a DN during authentication, the reply from 389-ds-base will be different whethe When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database.

CVE-2021-3466 [CRITICAL] CWE-120 CVE-2021-3466: A flaw was found in libmicrohttpd. A missing bounds check in the post_process_urlencoded function le A flaw was found in libmicrohttpd. A missing bounds check in the post_process_urlencoded function leads to a buffer overflow, allowing a remote attacker to write arbitrary data in an application that uses libmicrohttpd. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Only version 0.

CVE-2021-3443 [MEDIUM] CWE-476 CVE-2021-3443: A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.

CVE-2021-3446 [MEDIUM] CWE-327 CVE-2021-3446: A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms with A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms with OpenSSL contained a vulnerability related to the returned IV (initialization vector) when certain symmetric ciphers were used. Instead of returning the last IV it returned the initial IV to the caller, thus weakening the subsequent encryption and decrypt

CVE-2021-20270 [HIGH] CWE-835 CVE-2021-20270: An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when pe An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword.

CVE-2021-3409 [MEDIUM] CVE-2021-3409: The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. This flaw allows a malicious privileged guest to crash the QEMU process on the host, resulting in a denial of service or potential code execution. QEMU up to

CVE-2019-10196 [CRITICAL] CWE-665 CVE-2019-10196: A flaw was found in http-proxy-agent, prior to version 2.1.0. It was discovered http-proxy-agent pas A flaw was found in http-proxy-agent, prior to version 2.1.0. It was discovered http-proxy-agent passes an auth option to the Buffer constructor without proper sanitization. This could result in a Denial of Service through the usage of all available CPU resources and data exposure through an uninitialized memory leak in setups where an attacker co

CVE-2020-27827 [HIGH] CWE-400 CVE-2020-27827: A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memor A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.

CVE-2021-3416 [MEDIUM] CWE-835 CVE-2021-3416: A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in ver A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario.

CVE-2019-14850 [LOW] CWE-406 CVE-2019-14850: A denial of service vulnerability was discovered in nbdkit 1.12.7, 1.14.1 and 1.15.1. An attacker co A denial of service vulnerability was discovered in nbdkit 1.12.7, 1.14.1 and 1.15.1. An attacker could connect to the nbdkit service and cause it to perform a large amount of work in initializing backend plugins, by simply opening a connection to the service. This vulnerability could cause resource consumption and degradation of service in nbdkit, dep

CVE-2021-20179 [HIGH] CWE-863 CVE-2021-20179: A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity.

CVE-2021-20286 [LOW] CWE-617 CVE-2021-20286: A flaw was found in libnbd 1.7.3. An assertion failure in nbd_unlocked_opt_go in ilb/opt.c may lead A flaw was found in libnbd 1.7.3. An assertion failure in nbd_unlocked_opt_go in ilb/opt.c may lead to denial of service.

CVE-2021-20232 [CRITICAL] CWE-416 CVE-2021-20232: A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.

CVE-2021-20231 [CRITICAL] CWE-416 CVE-2021-20231: A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.

CVE-2021-20261 [MEDIUM] CWE-362 CVE-2021-20261: A race condition was found in the Linux kernels implementation of the floppy disk drive controller d A race condition was found in the Linux kernels implementation of the floppy disk drive controller driver software. The impact of this issue is lessened by the fact that the default permissions on the floppy device (/dev/fd0) are restricted to root. If the permissions on the device have changed the impact changes greatly. In the default configuratio

CVE-2020-35523 [HIGH] CWE-190 CVE-2020-35523: An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allo An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

CVE-2020-35524 [HIGH] CWE-787 CVE-2020-35524: A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's T A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

CVE-2020-35521 [MEDIUM] CWE-119 CVE-2020-35521: A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file c A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, resulting in denial of service.