This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Redhat First view 2014-06-14
Product Enterprise Linux Last view 2021-08-27
Version 7.0 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:redhat:enterprise_linux

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
8.1 2021-08-27 CVE-2021-40153

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination.

4.4 2021-08-13 CVE-2021-3635

A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands.

6.4 2021-08-13 CVE-2021-3573

A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). A privileged local user could use this flaw to crash the system or escalate their privileges on the system. This flaw affects the Linux kernel versions prior to 5.13-rc5.

9.8 2021-08-12 CVE-2021-20314

Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages.

7.5 2021-08-05 CVE-2021-3580

A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.

7.8 2021-07-09 CVE-2021-3612

An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

8.8 2021-07-09 CVE-2021-3570

A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. This flaw affects linuxptp versions before 3.1.1, before 2.0.1, before 1.9.3, before 1.8.1, before 1.7.1, before 1.6.1 and before 1.5.1.

2.5 2021-06-09 CVE-2021-3533

A flaw was found in Ansible if an ansible user sets ANSIBLE_ASYNC_DIR to a subdirectory of a world writable directory. When this occurs, there is a race condition on the managed machine. A malicious, non-privileged account on the remote machine can exploit the race condition to access the async result data. This flaw affects Ansible Tower 3.7 and Ansible Automation Platform 1.2.

5.5 2021-06-09 CVE-2021-3532

A flaw was found in Ansible where the secret information present in async_files are getting disclosed when the user changes the jobdir to a world readable directory. Any secret information in an async status file will be readable by a malicious user on that system. This flaw affects Ansible Tower 3.7 and Ansible Automation Platform 1.2.

7.8 2021-06-01 CVE-2021-3516

There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.

8.8 2021-06-01 CVE-2021-32027

A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

6.7 2021-05-28 CVE-2021-20292

There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker with a local account with a root privilege, can leverage this vulnerability to escalate privileges and execute code in the context of the kernel.

9.8 2021-05-28 CVE-2021-20236

A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

5.3 2021-05-28 CVE-2021-20201

A flaw was found in spice in versions before 0.14.92. A DoS tool might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection.

7.5 2021-05-28 CVE-2020-25710

A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.

5.5 2021-05-27 CVE-2021-30501

An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service (abort) via a crafted file.

7.8 2021-05-27 CVE-2021-30500

Null pointer dereference was found in upx PackLinuxElf::canUnpack() in p_lx_elf.cpp,in version UPX 4.0.0. That allow attackers to execute arbitrary code and cause a denial of service via a crafted file.

5.5 2021-05-26 CVE-2021-30471

A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call in PdfNamesTree::AddToDictionary function in src/podofo/doc/PdfNamesTree.cpp can lead to a stack overflow.

5.5 2021-05-26 CVE-2021-30470

A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call among PdfTokenizer::ReadArray(), PdfTokenizer::GetNextVariant() and PdfTokenizer::ReadDataType() functions can lead to a stack overflow.

5.5 2021-05-26 CVE-2021-30469

A flaw was found in PoDoFo 0.9.7. An use-after-free in PoDoFo::PdfVecObjects::Clear() function can cause a denial of service via a crafted PDF file.

9.8 2021-05-21 CVE-2020-36329

A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

9.8 2021-05-21 CVE-2020-36328

A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

9.8 2021-05-21 CVE-2018-25014

A flaw was found in libwebp in versions before 1.0.1. An unitialized variable is used in function ReadSymbol. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

9.8 2021-05-21 CVE-2018-25011

A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow was found in PutLE16(). The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

5.9 2021-05-14 CVE-2021-3537

A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability.

CWE : Common Weakness Enumeration

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
12% (56) CWE-416 Use After Free
9% (40) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
8% (36) CWE-125 Out-of-bounds Read
7% (32) CWE-787 Out-of-bounds Write
5% (26) CWE-20 Improper Input Validation
5% (24) CWE-200 Information Exposure
5% (22) CWE-190 Integer Overflow or Wraparound
4% (19) CWE-476 NULL Pointer Dereference
3% (15) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
2% (13) CWE-362 Race Condition
2% (12) CWE-401 Failure to Release Memory Before Removing Last Reference ('Memory L...
1% (8) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
1% (8) CWE-287 Improper Authentication
1% (6) CWE-732 Incorrect Permission Assignment for Critical Resource
1% (6) CWE-369 Divide By Zero
1% (6) CWE-254 Security Features
1% (6) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
1% (6) CWE-59 Improper Link Resolution Before File Access ('Link Following')
1% (5) CWE-295 Certificate Issues
1% (5) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
0% (4) CWE-189 Numeric Errors
0% (3) CWE-399 Resource Management Errors
0% (3) CWE-347 Improper Verification of Cryptographic Signature
0% (3) CWE-284 Access Control (Authorization) Issues
0% (3) CWE-264 Permissions, Privileges, and Access Controls

SAINT Exploits

Description Link
libssh authentication bypass More info here
Red Hat DHCP client NetworkManager integration script command injection More info here
Linux Dirty COW Local File Overwrite More info here

ExploitDB Exploits

id Description
33894 Python CGIHTTPServer Encoded Path Traversal

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0199 Multiple Vulnerabilities in Apple Mac OS X
Severity: Category I - VMSKEY: V0061337
2015-A-0155 Multiple Vulnerabilities in Oracle MySQL Product Suite
Severity: Category I - VMSKEY: V0061083
2015-A-0112 Oracle Linux & Virtualization Buffer Overflow Vulnerability
Severity: Category I - VMSKEY: V0060735
2015-A-0115 QEMU Virtual Floppy Drive Controller (FDC) Buffer Overflow Vulnerability
Severity: Category II - VMSKEY: V0060741
2015-A-0042 Samba Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0058919
2014-B-0105 Samba Remote Code Execution
Severity: Category I - VMSKEY: V0053637
2014-A-0105 Multiple Vulnerabilities in Oracle Java
Severity: Category I - VMSKEY: V0053191

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2019-12-10 Libmspack cabd_sys_read_block off-by-one heap overflow attempt
RuleID : 52133 - Type : FILE-OTHER - Revision : 2
2019-12-10 Libmspack cabd_sys_read_block off-by-one heap overflow attempt
RuleID : 52132 - Type : FILE-OTHER - Revision : 2
2019-10-25 Red Hat NetworkManager DHCP client command injection attempt
RuleID : 52022-community - Type : OS-LINUX - Revision : 1
2019-11-26 Red Hat NetworkManager DHCP client command injection attempt
RuleID : 52022 - Type : OS-LINUX - Revision : 1
2019-11-03 HAProxy H2 Frame heap memory corruption attempt
RuleID : 51725 - Type : SERVER-WEBAPP - Revision : 1
2018-05-30 Red Hat NetworkManager DHCP client command injection attempt
RuleID : 46847-community - Type : OS-LINUX - Revision : 1
2018-07-03 Red Hat NetworkManager DHCP client command injection attempt
RuleID : 46847 - Type : OS-LINUX - Revision : 1
2018-02-20 Mozilla Firefox HTTP index format out of bounds read attempt
RuleID : 45476 - Type : BROWSER-FIREFOX - Revision : 2
2017-10-24 PHP form-based file upload DoS attempt
RuleID : 44390 - Type : SERVER-WEBAPP - Revision : 2
2017-07-27 Mozilla Firefox domFuzzLite3 table use after free attempt
RuleID : 43347 - Type : BROWSER-FIREFOX - Revision : 2
2017-07-27 Mozilla Firefox domFuzzLite3 table use after free attempt
RuleID : 43346 - Type : BROWSER-FIREFOX - Revision : 2
2016-12-02 Mozilla Firefox ESR NotifyTimeChange use after free attempt
RuleID : 40896-community - Type : BROWSER-FIREFOX - Revision : 3
2017-01-04 Mozilla Firefox ESR NotifyTimeChange use after free attempt
RuleID : 40896 - Type : BROWSER-FIREFOX - Revision : 3
2016-12-01 Mozilla Firefox ESR NotifyTimeChange use after free attempt
RuleID : 40888-community - Type : BROWSER-FIREFOX - Revision : 3
2017-01-04 Mozilla Firefox ESR NotifyTimeChange use after free attempt
RuleID : 40888 - Type : BROWSER-FIREFOX - Revision : 3
2016-11-30 Linux kernel madvise race condition attempt
RuleID : 40566 - Type : OS-LINUX - Revision : 2
2016-11-30 Linux kernel madvise race condition attempt
RuleID : 40565 - Type : OS-LINUX - Revision : 2
2016-11-30 Linux kernel madvise race condition attempt
RuleID : 40564 - Type : OS-LINUX - Revision : 2
2016-11-30 Linux kernel madvise race condition attempt
RuleID : 40563 - Type : OS-LINUX - Revision : 2
2016-11-30 Linux kernel madvise race condition attempt
RuleID : 40562 - Type : OS-LINUX - Revision : 2
2016-11-30 Linux kernel madvise race condition attempt
RuleID : 40561 - Type : OS-LINUX - Revision : 2
2016-11-30 Linux kernel madvise race condition attempt
RuleID : 40560 - Type : OS-LINUX - Revision : 2
2016-11-30 Linux kernel madvise race condition attempt
RuleID : 40543 - Type : OS-LINUX - Revision : 2
2016-11-30 Linux kernel madvise race condition attempt
RuleID : 40542 - Type : OS-LINUX - Revision : 2
2016-10-25 Multiple SQL products privilege escalation attempt
RuleID : 40254 - Type : SERVER-MYSQL - Revision : 2

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-18 Name: The remote Debian host is missing a security update.
File: debian_DLA-1635.nasl - Type: ACT_GATHER_INFO
2019-01-17 Name: The remote Fedora host is missing one or more security updates.
File: fedora_2019-509c133845.nasl - Type: ACT_GATHER_INFO
2019-01-17 Name: The remote Fedora host is missing one or more security updates.
File: fedora_2019-f812c9fb22.nasl - Type: ACT_GATHER_INFO
2019-01-16 Name: The remote Fedora host is missing a security update.
File: fedora_2019-f6ff819834.nasl - Type: ACT_GATHER_INFO
2019-01-11 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZA-2018-089.nasl - Type: ACT_GATHER_INFO
2019-01-10 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa10917_183R1.nasl - Type: ACT_GATHER_INFO
2019-01-10 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa10917_184R1.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-06090dff59.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-0b038c7047.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-0ddef94854.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-111044d435.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-1c1a318a0b.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-23ca7a6798.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-2735a12b72.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-28f30efaf6.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-2c965abb15.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-327707371e.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-381ab64b59.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing one or more security updates.
File: fedora_2018-3857a8b41a.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-42eab0f5b9.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-4e660226e7.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-537c8312fc.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-56221eb24b.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-6243646704.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-6744ca470d.nasl - Type: ACT_GATHER_INFO