Vulnerabilities (CVE)

Vendor filter

Redhat Subscribe

Product filter

Enterprise Mrg Subscribe

Filter

58 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-1120 4 Redhat, Debian, Linux and 1 more 9 Enterprise Mrg, Debian Linux, Linux Kernel and 6 more 2019-10-09 3.5
A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as...
CVE-2017-7482 3 Redhat, Debian, Linux 3 Enterprise Mrg, Debian Linux, Linux Kernel 2019-10-09 7.2
In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer....
CVE-2017-15128 2 Redhat, Linux 3 Enterprise Mrg, Linux Kernel, Enterprise Linux 2019-10-09 4.9
A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG).
CVE-2017-15127 2 Redhat, Linux 3 Enterprise Mrg, Linux Kernel, Enterprise Linux 2019-10-03 4.9
A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13. A superfluous implicit page unlock for VM_SHARED hugetlbfs mapping could trigger a local denial of service (BUG).
CVE-2019-11479 5 F5, Pulsesecure, Redhat and 2 more 24 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 21 more 2019-06-20 5.0
Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a...
CVE-2019-11478 5 F5, Pulsesecure, Redhat and 2 more 25 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 22 more 2019-06-20 5.0
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a...
CVE-2019-11477 5 F5, Pulsesecure, Redhat and 2 more 25 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 22 more 2019-06-20 7.8
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service....
CVE-2018-16884 4 Redhat, Linux, Debian and 1 more 5 Enterprise Mrg, Linux Kernel, Enterprise Linux and 2 more 2019-05-29 6.7
A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious...
CVE-2019-3459 4 Redhat, Canonical, Linux and 1 more 5 Enterprise Mrg, Ubuntu Linux, Linux Kernel and 2 more 2019-05-28 3.3
A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.
CVE-2017-15115 5 Redhat, Linux, Canonical and 2 more 6 Enterprise Mrg, Linux Kernel, Enterprise Linux and 3 more 2019-05-08 7.2
The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or...
CVE-2013-1774 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2019-04-22 4.0
The chase_port function in drivers/usb/serial/io_ti.c in the Linux kernel before 3.7.4 allows local users to cause a denial of service (NULL pointer dereference and system crash) via an attempted /dev/ttyUSB read or write operation on a...
CVE-2013-2164 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2019-04-22 2.1
The mmc_ioctl_cdrom_read_data function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive.
CVE-2013-1773 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2019-04-22 6.2
Buffer overflow in the VFAT filesystem implementation in the Linux kernel before 3.3 allows local users to gain privileges or cause a denial of service (system crash) via a VFAT write operation on a filesystem with the utf8 mount option, which is...
CVE-2014-3153 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2019-04-22 7.2
The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe...
CVE-2014-3940 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2019-04-22 4.0
The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing certain memory locations, as demonstrated by...
CVE-2014-8171 2 Redhat, Linux 3 Enterprise Mrg, Linux Kernel, Enterprise Linux 2019-04-22 4.9
The memory resource controller (aka memcg) in the Linux kernel allows local users to cause a denial of service (deadlock) by spawning new processes within a memory-constrained cgroup.
CVE-2016-4470 4 Linux, Oracle, Novell and 1 more 14 Linux Kernel, Suse Linux Enterprise Real Time Extension, Linux and 11 more 2019-04-22 4.9
The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a...
CVE-2013-3301 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2019-04-22 7.2
The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for write...
CVE-2014-3917 3 Suse, Linux, Redhat 4 Linux Kernel, Enterprise Linux, Linux Enterprise Desktop and 1 more 2019-04-22 3.3
kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a...
CVE-2013-2015 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2019-04-22 4.7
The ext4_orphan_del function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attackers to cause a denial of service (system hang) via...