Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_mrg
(Redhat)| Repositories |
• https://github.com/torvalds/linux
• https://github.com/mjg59/linux |
| #Vulnerabilities | 74 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-11-21 | CVE-2012-3460 | cumin: At installation postgresql database user created without password | Enterprise_mrg | N/A | ||
| 2019-11-06 | CVE-2014-8181 | The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer, which may leaking sensitive information to userspace. | Enterprise_linux, Enterprise_mrg | N/A | ||
| 2018-01-14 | CVE-2017-15128 | A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG). | Linux_kernel, Enterprise_linux, Enterprise_mrg | 5.5 | ||
| 2018-12-18 | CVE-2018-16884 | A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. | Debian_linux, Linux_kernel, Enterprise_linux, Enterprise_mrg | 8.0 | ||
| 2017-10-18 | CVE-2014-3706 | ovirt-engine, as used in Red Hat MRG 3, allows man-in-the-middle attackers to spoof servers by leveraging failure to verify key attributes in vdsm X.509 certificates. | Enterprise_mrg | 5.9 |