Redhat Enterprise Linux vulnerabilities

CVE-2017-3073 [HIGH] CWE-416 CVE-2017-3073: Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution.

CVE-2016-0720 [HIGH] CWE-352 CVE-2016-0720: Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149. Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149.

CVE-2016-0721 [HIGH] CWE-384 CVE-2016-0721: Session fixation vulnerability in pcsd in pcs before 0.9.157. Session fixation vulnerability in pcsd in pcs before 0.9.157.

CVE-2017-5645 [CRITICAL] CWE-502 CVE-2017-5645: In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive s In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.

CVE-2016-4459 [HIGH] CWE-119 CVE-2016-4459: Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9. Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9.

CVE-2015-2877 [LOW] CWE-200 CVE-2015-2877: Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection (CAIN) attack. NOTE: the vendor states "Basically if you care about this attack vector, disable deduplica

CVE-2016-2568 [HIGH] CWE-116 CVE-2016-2568: pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a craf pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.

CVE-2016-3616 [HIGH] CWE-476 CVE-2016-3616: The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dere The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.

CVE-2016-9675 [HIGH] CVE-2016-9675: openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially execute arbitrary code.

CVE-2016-5195 [HIGH] CWE-362 CVE-2016-5195: Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to ga Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

CVE-2016-1000033 [LOW] CWE-295 CVE-2016-1000033: Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification valid Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks.

CVE-2016-6662 [CRITICAL] CWE-264 CVE-2016-6662: Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting genera

CVE-2016-2183 [HIGH] CWE-200 CVE-2016-2183: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DE

CVE-2016-5766 [HIGH] CWE-190 CVE-2016-5766: Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) be Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimens

CVE-2016-3471 [HIGH] CVE-2016-3471: Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local use Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Option.

CVE-2016-3452 [LOW] CVE-2016-3452: Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.10 and ear Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.

CVE-2016-5444 [LOW] CVE-2016-5444: Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and ear Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.

CVE-2016-6170 [MEDIUM] CWE-20 CVE-2016-6170: ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denia

CVE-2016-5244 [HIGH] CWE-200 CVE-2016-5244: The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initiali The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.

CVE-2016-4470 [MEDIUM] CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not e The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.