Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_linux
(Redhat)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2016-05-02 | CVE-2015-1350 | The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program. | Linux_kernel, Enterprise_linux, Enterprise_mrg | N/A | ||
| 2020-07-13 | CVE-2019-19338 | A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a host CPU affected by the TAA flaw (TAA_NO=0), but is not affected by the MDS issue (MDS_NO=1), the guest was to clear the affected buffers by using a VERW instruction mechanism. But when the MDS_NO=1 bit was exported to the guests, the guests did... | Linux_kernel, Enterprise_linux | N/A | ||
| 2018-11-12 | CVE-2018-19215 | Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the special cases of the % and $ and ! characters. | Netwide_assembler, Enterprise_linux | 7.8 | ||
| 2018-11-12 | CVE-2018-19214 | Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input. | Netwide_assembler, Enterprise_linux | 7.8 | ||
| 2020-04-10 | CVE-2020-11669 | An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR, aka CID-53a712bae5dd. | Linux_kernel, Leap, Enterprise_linux | N/A | ||
| 2005-04-27 | CVE-2005-0087 | The alsa-lib package in Red Hat Linux 4 disables stack protection for the libasound.so library, which makes it easier for attackers to execute arbitrary code if there are other vulnerabilities in the library. | Alsa\-Lib, Enterprise_linux | N/A | ||
| 2019-09-11 | CVE-2019-16233 | drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | Ubuntu_linux, Linux_kernel, Leap, Enterprise_linux | N/A | ||
| 2019-09-11 | CVE-2019-16231 | drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | Ubuntu_linux, Linux_kernel, Leap, Enterprise_linux | N/A | ||
| 2018-05-30 | CVE-2018-11235 | In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that runs "git clone --recurse-submodules" because submodule "names" are obtained from this file, and then appended to $GIT_DIR/modules, leading to directory traversal with "../" in a name. Finally, post-checkout hooks from a submodule are executed,... | Ubuntu_linux, Debian_linux, Git, Git, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_eus, Enterprise_linux_workstation | 7.8 | ||
| 2019-11-18 | CVE-2019-19081 | A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allows attackers to cause a denial of service (memory consumption), aka CID-8ce39eb5a67a. | Linux_kernel, Leap, Enterprise_linux | N/A |