Redhat Enterprise Linux vulnerabilities

CVE-2021-20246 [MEDIUM] CWE-369 CVE-2021-20246: A flaw was found in ImageMagick in MagickCore/resample.c. An attacker who submits a crafted file tha A flaw was found in ImageMagick in MagickCore/resample.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.

CVE-2021-20245 [MEDIUM] CWE-369 CVE-2021-20245: A flaw was found in ImageMagick in coders/webp.c. An attacker who submits a crafted file that is pro A flaw was found in ImageMagick in coders/webp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.

CVE-2021-3411 [MEDIUM] CWE-94 CVE-2021-3411: A flaw was found in the Linux kernel in versions prior to 5.10. A violation of memory access was fou A flaw was found in the Linux kernel in versions prior to 5.10. A violation of memory access was found while detecting a padding of int3 in the linking state. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

CVE-2021-20244 [MEDIUM] CWE-369 CVE-2021-20244: A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted fi A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.

CVE-2020-35522 [MEDIUM] CWE-119 CVE-2020-35522: In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack.

CVE-2021-3403 [HIGH] CWE-416 CVE-2021-3403: In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a de In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a double free which can be triggered via a crafted file.

CVE-2021-3404 [HIGH] CWE-119 CVE-2021-3404: In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-se In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap buffer overflow which can be triggered via a crafted file.

CVE-2020-25639 [MEDIUM] CWE-476 CVE-2020-25639: A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system.

CVE-2020-25647 [HIGH] CWE-787 CVE-2020-25647: A flaw was found in grub2 in versions prior to 2.06. During USB device initialization, descriptors a A flaw was found in grub2 in versions prior to 2.06. During USB device initialization, descriptors are read with very little bounds checking and assumes the USB device is providing sane values. If properly exploited, an attacker could trigger memory corruption leading to arbitrary code execution allowing a bypass of the Secure Boot mechanism. The high

CVE-2020-14372 [HIGH] CWE-184 CVE-2020-14372: A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the A A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is

CVE-2021-20233 [HIGH] CWE-787 CVE-2021-20233: A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code pe A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters, while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat

CVE-2020-27779 [HIGH] CWE-285 CVE-2020-27779: A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot l A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub's memory layout. The highest threat from this vulnerability is to data confidentialit

CVE-2020-25632 [HIGH] CWE-416 CVE-2020-25632: A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading o A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The highest threat from this vuln

CVE-2021-20225 [MEDIUM] CWE-787 CVE-2021-20225: A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write p A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

CVE-2020-27749 [MEDIUM] CWE-121 CVE-2020-27749: A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supp A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with a sufficiently large payloa

CVE-2021-20194 [HIGH] CWE-20 CVE-2021-20194: There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with confi There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). As result of BPF execution, the local user can trigger bug in __cgroup_bpf_run_filter_get

CVE-2021-20229 [MEDIUM] CWE-863 CVE-2021-20229: A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privileg A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special query that returns all columns of the table. The highest threat from this vulnerability is to confidentiality.

CVE-2021-20188 [HIGH] CWE-863 CVE-2021-20188: A flaw was found in podman before 1.7.0. File permissions for non-root users running in a privileged A flaw was found in podman before 1.7.0. File permissions for non-root users running in a privileged container are not correctly checked. This flaw can be abused by a low-privileged user inside the container to access any other file in the container, even if owned by the root user inside the container. It does not allow to directly escape the containe

CVE-2020-35513 [MEDIUM] CWE-271 CVE-2020-35513: A flaw incorrect umask during file or directory modification in the Linux kernel NFS (network file s A flaw incorrect umask during file or directory modification in the Linux kernel NFS (network file system) functionality was found in the way user create and delete object using NFSv4.2 or newer if both simultaneously accessing the NFS by the other process that is not using new NFSv4.2. A user with access to the NFS could use this flaw to starve the

CVE-2020-25657 [MEDIUM] CWE-385 CVE-2020-25657: A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher t A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext. The highest threat from this vulnerability is to confidentiality.