Redhat Enterprise Linux Server Aus vulnerabilities

CVE-2025-13601 [HIGH] CWE-190 CVE-2025-13601: A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer si A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off t

CVE-2025-6021 [HIGH] CWE-787 CVE-2025-6021: A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calcula A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.

CVE-2025-3155 [HIGH] CWE-601 CVE-2025-3155: A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitr A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment.

CVE-2025-2784 [HIGH] CWE-125 CVE-2025-2784: A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing cont A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server.

CVE-2025-1756 [HIGH] CWE-426 CVE-2025-1756: mongosh may be susceptible to local privilege escalation under certain conditions potentially enabli mongosh may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privilege, when a crafted file is stored in C:\node_modules\. This issue affects mongosh prior to 2.3.0

CVE-2024-12085 [HIGH] CWE-908 CVE-2024-12085: A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw all A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.

CVE-2024-12087 [MEDIUM] CWE-22 CVE-2024-12087: A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursi A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks

CVE-2024-12088 [MEDIUM] CWE-22 CVE-2024-12088: A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.

CVE-2024-9676 [MEDIUM] CWE-22 CVE-2024-9676: A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the co A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/sto

CVE-2024-9675 [HIGH] CWE-22 CVE-2024-9675: A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified path A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.

CVE-2024-7006 [HIGH] CWE-476 CVE-2024-7006: A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an at A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service.

CVE-2024-6387 [HIGH] CWE-364 CVE-2024-6387: A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race con A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

CVE-2023-3758 [HIGH] CWE-362 CVE-2023-3758: A race condition flaw was found in sssd where the GPO policy is not consistently applied for authent A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.

CVE-2022-24809 [MEDIUM] CWE-476 CVE-2022-24809: net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a `GET-NEXT` to the `nsVacmAccessTable` to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credenti

CVE-2022-24808 [MEDIUM] CWE-476 CVE-2022-24808: net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a `SET` request to `NET-SNMP-AGENT-MIB::nsLogTable` to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing

CVE-2022-24806 [MEDIUM] CWE-20 CVE-2022-24806: net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can exploit an Improper Input Validation vulnerability when SETing malformed OIDs in master agent and subagent simultaneously. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avo

CVE-2022-24805 [MEDIUM] CWE-120 CVE-2022-24805: net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a buffer overflow in the handling of the `INDEX` of `NET-SNMP-VACM-MIB` can cause an out-of-bounds memory access. A user with read-only credentials can exploit the issue. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentia

CVE-2022-24807 [MEDIUM] CWE-120 CVE-2022-24807: net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a malformed OID in a SET request to `SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable` can cause an out-of-bounds memory access. A user with read-write credentials can exploit the issue. Version 5.9.2 contains a patch. Users should use strong SNMPv3 c

CVE-2024-1488 [HIGH] CWE-276 CVE-2024-1488: A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outs A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potenti

CVE-2024-1062 [MEDIUM] CWE-122 CVE-2024-1062: A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.