Redhat Enterprise Linux Desktop vulnerabilities

CVE-2019-5774 [HIGH] CWE-862 CVE-2019-5774: Omission of the .desktop filetype from the Safe Browsing checklist in SafeBrowsing in Google Chrome Omission of the .desktop filetype from the Safe Browsing checklist in SafeBrowsing in Google Chrome on Linux prior to 72.0.3626.81 allowed an attacker who convinced a user to download a .desktop file to execute arbitrary code via a downloaded .desktop file.

CVE-2019-5769 [HIGH] CWE-20 CVE-2019-5769: Incorrect handling of invalid end character position when front rendering in Blink in Google Chrome Incorrect handling of invalid end character position when front rendering in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2019-5767 [MEDIUM] CWE-1021 CVE-2019-5767: Insufficient protection of permission UI in WebAPKs in Google Chrome on Android prior to 72.0.3626.8 Insufficient protection of permission UI in WebAPKs in Google Chrome on Android prior to 72.0.3626.81 allowed an attacker who convinced the user to install a malicious application to access privacy/security sensitive web APIs via a crafted APK.

CVE-2019-5776 [MEDIUM] CVE-2019-5776: Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allow Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.

CVE-2019-5777 [MEDIUM] CVE-2019-5777: Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allow Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.

CVE-2019-5766 [MEDIUM] CVE-2019-5766: Incorrect handling of origin taint checking in Canvas in Google Chrome prior to 72.0.3626.81 allowed Incorrect handling of origin taint checking in Canvas in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

CVE-2019-5754 [MEDIUM] CWE-327 CVE-2019-5754: Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker r Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker running or able to cause use of a proxy server to obtain cleartext of transport encryption via malicious network proxy.

CVE-2019-5775 [MEDIUM] CVE-2019-5775: Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allow Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.

CVE-2019-5773 [MEDIUM] CWE-346 CVE-2019-5773: Insufficient origin validation in IndexedDB in Google Chrome prior to 72.0.3626.81 allowed a remote Insufficient origin validation in IndexedDB in Google Chrome prior to 72.0.3626.81 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page.

CVE-2019-5778 [MEDIUM] CWE-79 CVE-2019-5778: A missing case for handling special schemes in permission request checks in Extensions in Google Chr A missing case for handling special schemes in permission request checks in Extensions in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to bypass extension permission checks for privileged pages via a crafted Chrome Extension.

CVE-2019-5779 [MEDIUM] CWE-862 CVE-2019-5779: Insufficient policy validation in ServiceWorker in Google Chrome prior to 72.0.3626.81 allowed a rem Insufficient policy validation in ServiceWorker in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

CVE-2019-5768 [MEDIUM] CWE-269 CVE-2019-5768: DevTools API not correctly gating on extension capability in DevTools in Google Chrome prior to 72.0 DevTools API not correctly gating on extension capability in DevTools in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension.

CVE-2019-5781 [MEDIUM] CVE-2019-5781: Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allow Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.

CVE-2019-5765 [MEDIUM] CWE-312 CVE-2019-5765: An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81 allow An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted Intent.

CVE-2019-6974 [HIGH] CWE-362 CVE-2019-6974: In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles referen In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.

CVE-2019-8308 [HIGH] CWE-668 CVE-2019-8308: Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sand Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file.

CVE-2018-12549 [CRITICAL] CWE-111 CVE-2018-12549: In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on the r In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on the receiver object of an Unsafe call when accelerating it.

CVE-2018-12547 [CRITICAL] CWE-20 CVE-2018-12547: In Eclipse OpenJ9, prior to the 0.12.0 release, the jio_snprintf() and jio_vsnprintf() native method In Eclipse OpenJ9, prior to the 0.12.0 release, the jio_snprintf() and jio_vsnprintf() native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not directly callable by non-native user code.

CVE-2019-7664 [MEDIUM] CWE-787 CVE-2019-7664: In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h becau In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service (program crash).

CVE-2019-7665 [MEDIUM] CWE-125 CVE-2019-7665: In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in el In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service (program crash) because ebl_core_note does not reject malformed core file notes.