Redhat Enterprise Linux vulnerabilities

CVE-2020-27783 [MEDIUM] CWE-79 CVE-2020-27783: A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properl A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.

CVE-2020-14318 [MEDIUM] CWE-266 CVE-2020-14318: A flaw was found in the way samba handled file and directory permissions. An authenticated user coul A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.

CVE-2020-25656 [MEDIUM] CWE-416 CVE-2020-25656: A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem wa A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality.

CVE-2020-14383 [MEDIUM] CWE-391 CVE-2020-14383: A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short delay, but it is easy for an authenticated non administrative attacker to crash it again as soon as it returns. The Samba DNS server itself wil

CVE-2020-25708 [HIGH] CWE-369 CVE-2020-25708: A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service.

CVE-2020-10763 [MEDIUM] CWE-532 CVE-2020-10763: An information-disclosure flaw was found in the way Heketi before 10.1.0 logs sensitive information. An information-disclosure flaw was found in the way Heketi before 10.1.0 logs sensitive information. This flaw allows an attacker with local access to the Heketi server to read potentially sensitive information such as gluster-block passwords.

CVE-2020-25705 [HIGH] CWE-330 CVE-2020-25705: A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. Thi A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0

CVE-2020-25661 [HIGH] CVE-2020-25661: A Red Hat only CVE-2020-12351 regression issue was found in the way the Linux kernel's Bluetooth imp A Red Hat only CVE-2020-12351 regression issue was found in the way the Linux kernel's Bluetooth implementation handled L2CAP packets with A2MP CID. This flaw allows a remote attacker in an adjacent range to crash the system, causing a denial of service or potentially executing arbitrary code on the system by sending a specially crafted L2CAP packet. The high

CVE-2020-25662 [MEDIUM] CVE-2020-25662: A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth sta A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the system by sending specially crafted AMP packets. The highest

CVE-2020-25648 [HIGH] CWE-770 CVE-2020-25648: A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This flaw affects NSS versions before 3.58.

CVE-2020-14355 [MEDIUM] CWE-120 CVE-2020-14355: Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messages that, when processed by the QUIC image compression

CVE-2020-25643 [HIGH] CWE-20 CVE-2020-25643: A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corru A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well

CVE-2020-25641 [MEDIUM] CWE-835 CVE-2020-25641: A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero- A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue requests to a block device, resulting in a denial of se

CVE-2020-25743 [LOW] CWE-476 CVE-2020-25743: hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.

CVE-2020-14370 [MEDIUM] CWE-212 CVE-2020-14370: An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. Whe An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control ov

CVE-2020-14382 [HIGH] CWE-787 CVE-2020-14382: A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. The bug is in segments validation code in file 'lib/luks2/luks2_json_metadata.c' in function hdr_validate_segments(struct crypt_device *cd, json_obje

CVE-2020-14362 [HIGH] CWE-191 CVE-2020-14362: A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

CVE-2020-14361 [HIGH] CWE-191 CVE-2020-14361: A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

CVE-2020-14346 [HIGH] CWE-191 CVE-2020-14346: A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension pro A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

CVE-2020-14331 [MEDIUM] CWE-787 CVE-2020-14331: A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system, potentially escalating their privileges on the