Vulnerabilities (CVE)

Vendor filter

Redhat Subscribe

Product filter

Virtualization Host Subscribe

Filter

39 total CVE
CVE Vendors Products Updated CVSS
CVE-2017-1000407 4 Linux, Redhat, Canonical and 1 more 11 Linux Kernel, Linux, Virtualization Host and 8 more 2019-05-14 6.1
The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.
CVE-2018-5848 3 Google, Redhat, Debian 6 Android, Virtualization Host, Debian Linux and 3 more 2019-05-02 4.6
In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the 'ie_len' argument can cause a buffer overflow in all Android releases from CAF (Android for MSM,...
CVE-2018-6485 4 Gnu, Redhat, Netapp and 1 more 14 Glibc, Virtualization Host, Enterprise Linux Desktop and 11 more 2019-04-26 7.5
An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading...
CVE-2018-11237 4 Gnu, Redhat, Netapp and 1 more 9 Glibc, Virtualization Host, Enterprise Linux Desktop and 6 more 2019-04-25 4.6
An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.
CVE-2018-11236 4 Gnu, Redhat, Netapp and 1 more 9 Glibc, Virtualization Host, Enterprise Linux Desktop and 6 more 2019-04-25 7.5
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer...
CVE-2018-10675 3 Linux, Redhat, Canonical 9 Linux Kernel, Virtualization Host, Ubuntu Linux and 6 more 2019-04-16 7.2
The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.
CVE-2017-1000410 3 Linux, Redhat, Debian 9 Linux Kernel, Virtualization Host, Debian Linux and 6 more 2019-04-08 5.0
The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be...
CVE-2018-10926 2 Debian, Redhat 5 Debian Linux, Enterprise Linux, Enterprise Linux Server and 2 more 2019-03-21 6.5
A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal and execute arbitrary code on a glusterfs server node.
CVE-2018-10929 2 Debian, Redhat 5 Debian Linux, Enterprise Linux, Enterprise Linux Server and 2 more 2019-03-21 6.5
A flaw was found in RPC request using gfs2_create_req in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute arbitrary code on glusterfs server nodes.
CVE-2018-10322 2 Linux, Redhat 5 Linux Kernel, Virtualization Host, Enterprise Linux Desktop and 2 more 2019-03-20 4.9
The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_ilock_attr_map_shared invalid pointer dereference) via a crafted xfs image.
CVE-2018-7740 4 Linux, Redhat, Debian and 1 more 7 Linux Kernel, Virtualization Host, Debian Linux and 4 more 2019-03-18 4.9
The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages...
CVE-2018-5750 4 Linux, Redhat, Canonical and 1 more 10 Linux Kernel, Virtualization Host, Ubuntu Linux and 7 more 2019-03-07 2.1
The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.
CVE-2018-6927 4 Linux, Redhat, Canonical and 1 more 10 Linux Kernel, Virtualization Host, Ubuntu Linux and 7 more 2019-03-06 4.6
The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.
CVE-2018-10904 2 Redhat, Debian 4 Virtualization Host, Debian Linux, Enterprise Linux Server and 1 more 2018-11-14 6.5
It was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by the "debug/io-stats" translator. Attacker can use this flaw to create files and execute arbitrary code. To...
CVE-2018-10907 2 Redhat, Debian 4 Virtualization Host, Debian Linux, Enterprise Linux Server and 1 more 2018-11-14 6.5
It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using 'alloca(3)'. An authenticated attacker could exploit this by mounting a gluster...
CVE-2018-10911 2 Redhat, Debian 6 Virtualization Host, Debian Linux, Enterprise Linux Desktop and 3 more 2018-11-14 5.0
A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value.
CVE-2018-10913 2 Redhat, Debian 4 Virtualization Host, Debian Linux, Enterprise Linux Server and 1 more 2018-11-14 4.0
An information disclosure vulnerability was discovered in glusterfs server. An attacker could issue a xattr request via glusterfs FUSE to determine the existence of any file.
CVE-2018-10914 2 Redhat, Debian 4 Virtualization Host, Debian Linux, Enterprise Linux Server and 1 more 2018-11-14 4.0
It was found that an attacker could issue a xattr request via glusterfs FUSE to cause gluster brick process to crash which will result in a remote denial of service. If gluster multiplexing is enabled this will result in a crash of multiple...
CVE-2018-10923 2 Redhat, Debian 4 Virtualization Host, Debian Linux, Enterprise Linux Server and 1 more 2018-11-14 5.5
It was found that the "mknod" call derived from mknod(2) can create files pointing to devices on a glusterfs server node. An authenticated attacker could use this to create an arbitrary device and read data from any device attached to the...