Redhat Enterprise Linux Server Tus vulnerabilities

CVE-2025-13601 [HIGH] CWE-190 CVE-2025-13601: A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer si A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off t

CVE-2025-6021 [HIGH] CWE-787 CVE-2025-6021: A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calcula A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.

CVE-2025-3155 [HIGH] CWE-601 CVE-2025-3155: A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitr A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment.

CVE-2025-2784 [HIGH] CWE-125 CVE-2025-2784: A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing cont A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server.

CVE-2024-12085 [HIGH] CWE-908 CVE-2024-12085: A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw all A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.

CVE-2024-9675 [HIGH] CWE-22 CVE-2024-9675: A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified path A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.

CVE-2023-3758 [HIGH] CWE-362 CVE-2023-3758: A race condition flaw was found in sssd where the GPO policy is not consistently applied for authent A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.

CVE-2024-1488 [HIGH] CWE-276 CVE-2024-1488: A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outs A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potenti

CVE-2024-1062 [MEDIUM] CWE-122 CVE-2024-1062: A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.

CVE-2023-6535 [MEDIUM] CWE-476 CVE-2023-6535: A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated maliciou A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.

CVE-2023-6536 [MEDIUM] CWE-476 CVE-2023-6536: A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated maliciou A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.

CVE-2023-6356 [MEDIUM] CWE-476 CVE-2023-6356: A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated maliciou A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service.

CVE-2023-5455 [MEDIUM] CWE-352 CVE-2023-5455: A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported ver A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certai

CVE-2023-5869 [HIGH] CWE-190 CVE-2023-5869: A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code th A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbit

CVE-2023-5868 [MEDIUM] CWE-686 CVE-2023-5868: A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensiti A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. Thi

CVE-2023-5870 [LOW] CWE-400 CVE-2023-5870: A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue ma

CVE-2023-46846 [CRITICAL] CWE-444 CVE-2023-46846: SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote a SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.

CVE-2023-46848 [HIGH] CWE-681 CVE-2023-46848: Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input.

CVE-2023-1476 [HIGH] CWE-416 CVE-2023-1476: A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting sour A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code. This issue occurs due to a race condition between rmap walk and mremap, allowing a local user to crash the system or potentially escalate their privileges on the system.

CVE-2023-46847 [HIGH] CWE-120 CVE-2023-46847: Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow att Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.