Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_linux
(Redhat)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-11-02 | CVE-2023-38469 | A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record. | Avahi, Enterprise_linux | 5.5 | ||
| 2023-11-02 | CVE-2023-38470 | A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function. | Avahi, Enterprise_linux | 5.5 | ||
| 2023-11-02 | CVE-2023-38471 | A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function. | Avahi, Enterprise_linux | 5.5 | ||
| 2023-11-02 | CVE-2023-38472 | A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse() function. | Avahi, Enterprise_linux | 5.5 | ||
| 2023-11-02 | CVE-2023-38473 | A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function. | Avahi, Enterprise_linux | 5.5 | ||
| 2023-11-03 | CVE-2023-46847 | Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication. | Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_for_arm_64, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_power_little_endian, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Squid | 7.5 | ||
| 2023-11-03 | CVE-2023-46848 | Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input. | Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Squid | 7.5 | ||
| 2023-11-03 | CVE-2023-4091 | A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only access but then implicitly truncates the opened file to 0 bytes if the client specifies a separate OVERWRITE create disposition request. The issue arises in configurations that bypass kernel file system... | Fedora, Enterprise_linux, Enterprise_linux_eus, Storage, Samba | 6.5 | ||
| 2023-11-03 | CVE-2023-5824 | A flaw was found in Squid. The limits applied for validation of HTTP response headers are applied before caching. However, Squid may grow a cached HTTP response header beyond the configured maximum size, causing a stall or crash of the worker process when a large header is retrieved from the disk cache, resulting in a denial of service. | Enterprise_linux, Squid | 7.5 | ||
| 2023-11-03 | CVE-2023-1476 | A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code. This issue occurs due to a race condition between rmap walk and mremap, allowing a local user to crash the system or potentially escalate their privileges on the system. | Linux_kernel, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_server_tus | 7.0 |