Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_linux_desktop
(Redhat)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-03-04 | CVE-2021-3656 | A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a... | Fedora, Linux_kernel, 3scale_api_management, Codeready_linux_builder, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_big_endian, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_for_real_time, Enterprise_linux_for_real_time_for_nfv, Enterprise_linux_for_real_time_for_nfv_tus, Enterprise_linux_for_real_time_tus, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions, Enterprise_linux_server_tus, Enterprise_linux_server_update_services_for_sap_solutions, Enterprise_linux_workstation, Openstack, Software_collections, Virtualization_host | 8.8 | ||
| 2017-10-05 | CVE-2017-1000111 | Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process... | Debian_linux, Linux_kernel, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 7.8 | ||
| 2018-10-17 | CVE-2018-18445 | In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts. | Ubuntu_linux, Linux_kernel, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 7.8 | ||
| 2018-03-25 | CVE-2018-8976 | In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.cpp Exiv2::Internal::stringFormat out-of-bounds read) via a crafted file. | Debian_linux, Exiv2, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 6.5 | ||
| 2018-09-28 | CVE-2018-17581 | CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service. | Ubuntu_linux, Debian_linux, Exiv2, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 6.5 | ||
| 2018-11-08 | CVE-2018-19108 | In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file. | Ubuntu_linux, Debian_linux, Exiv2, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 6.5 | ||
| 2018-11-26 | CVE-2018-19535 | In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a heap-based buffer over-read) via a crafted PNG file. | Ubuntu_linux, Debian_linux, Exiv2, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 6.5 | ||
| 2012-08-28 | CVE-2012-4681 | Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the... | Jdk, Jre, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_workstation | N/A | ||
| 2013-10-16 | CVE-2013-5829 | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-5809. | Ubuntu_linux, Jdk, Jre, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_workstation | N/A | ||
| 2013-02-08 | CVE-2013-1620 | The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169. | Ubuntu_linux, Network_security_services, Enterprise_manager_ops_center, Glassfish_communications_server, Glassfish_server, Iplanet_web_proxy_server, Iplanet_web_server, Opensso, Traffic_director, Vm_server, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_workstation | N/A |