Redhat Enterprise Linux Server vulnerabilities

CVE-2019-5776 [MEDIUM] CVE-2019-5776: Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allow Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.

CVE-2019-5777 [MEDIUM] CVE-2019-5777: Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allow Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.

CVE-2019-5766 [MEDIUM] CVE-2019-5766: Incorrect handling of origin taint checking in Canvas in Google Chrome prior to 72.0.3626.81 allowed Incorrect handling of origin taint checking in Canvas in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

CVE-2019-5754 [MEDIUM] CWE-327 CVE-2019-5754: Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker r Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker running or able to cause use of a proxy server to obtain cleartext of transport encryption via malicious network proxy.

CVE-2019-5775 [MEDIUM] CVE-2019-5775: Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allow Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.

CVE-2019-5773 [MEDIUM] CWE-346 CVE-2019-5773: Insufficient origin validation in IndexedDB in Google Chrome prior to 72.0.3626.81 allowed a remote Insufficient origin validation in IndexedDB in Google Chrome prior to 72.0.3626.81 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page.

CVE-2019-5778 [MEDIUM] CWE-79 CVE-2019-5778: A missing case for handling special schemes in permission request checks in Extensions in Google Chr A missing case for handling special schemes in permission request checks in Extensions in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to bypass extension permission checks for privileged pages via a crafted Chrome Extension.

CVE-2019-5779 [MEDIUM] CWE-862 CVE-2019-5779: Insufficient policy validation in ServiceWorker in Google Chrome prior to 72.0.3626.81 allowed a rem Insufficient policy validation in ServiceWorker in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

CVE-2019-5768 [MEDIUM] CWE-269 CVE-2019-5768: DevTools API not correctly gating on extension capability in DevTools in Google Chrome prior to 72.0 DevTools API not correctly gating on extension capability in DevTools in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension.

CVE-2019-5781 [MEDIUM] CVE-2019-5781: Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allow Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.

CVE-2019-5765 [MEDIUM] CWE-312 CVE-2019-5765: An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81 allow An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted Intent.

CVE-2019-8383 [HIGH] CWE-119 CVE-2019-8383: An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address occurs in the function An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address occurs in the function adv_png_unfilter_8 in lib/png.c. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact when a victim opens a specially crafted file.

CVE-2019-8379 [HIGH] CWE-476 CVE-2019-8379: An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the functio An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the function be_uint32_read() located in endianrw.h. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact when a victim opens a specially crafted

CVE-2019-6974 [HIGH] CWE-362 CVE-2019-6974: In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles referen In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.

CVE-2019-8308 [HIGH] CWE-668 CVE-2019-8308: Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sand Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file.

CVE-2018-12549 [CRITICAL] CWE-111 CVE-2018-12549: In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on the r In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on the receiver object of an Unsafe call when accelerating it.

CVE-2018-12547 [CRITICAL] CWE-20 CVE-2018-12547: In Eclipse OpenJ9, prior to the 0.12.0 release, the jio_snprintf() and jio_vsnprintf() native method In Eclipse OpenJ9, prior to the 0.12.0 release, the jio_snprintf() and jio_vsnprintf() native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not directly callable by non-native user code.

CVE-2019-5736 [HIGH] CWE-78 CVE-2019-5736: runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overw runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to whi

CVE-2019-7664 [MEDIUM] CWE-787 CVE-2019-7664: In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h becau In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service (program crash).

CVE-2019-7665 [MEDIUM] CWE-125 CVE-2019-7665: In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in el In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service (program crash) because ebl_core_note does not reject malformed core file notes.