This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Redhat First view 2015-10-19
Product Enterprise Linux Last view 2019-10-14
Version 7.1 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:redhat:enterprise_linux

Activity : Overall

Related : CVE

  Date Alert Description
7.4 2019-10-14 CVE-2019-14823

A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to attacks such as Man in the Middle.

7.8 2017-10-04 CVE-2017-1000253

Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the "gap" between the stack and the binary.

4.9 2015-10-19 CVE-2015-7833

The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux (RHEL) 7.1 allows physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor.

CWE : Common Weakness Enumeration

%idName
33% (1) CWE-295 Certificate Issues
33% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
33% (1) CWE-17 Code

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2017-12-11 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2017-3658.nasl - Type: ACT_GATHER_INFO
2017-11-21 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZA-2017-086.nasl - Type: ACT_GATHER_INFO
2017-10-16 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-2725-1.nasl - Type: ACT_GATHER_INFO
2017-10-16 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-2723-1.nasl - Type: ACT_GATHER_INFO
2017-10-02 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZA-2017-090.nasl - Type: ACT_GATHER_INFO
2017-09-29 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2017-3626.nasl - Type: ACT_GATHER_INFO
2017-09-28 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2017-2795.nasl - Type: ACT_GATHER_INFO
2017-09-28 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2017-2795.nasl - Type: ACT_GATHER_INFO
2017-09-27 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20170926_kernel_on_SL6_x.nasl - Type: ACT_GATHER_INFO
2017-09-27 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-2793.nasl - Type: ACT_GATHER_INFO
2017-09-27 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-2794.nasl - Type: ACT_GATHER_INFO
2017-09-27 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-2795.nasl - Type: ACT_GATHER_INFO
2017-09-27 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-2796.nasl - Type: ACT_GATHER_INFO
2017-09-27 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-2797.nasl - Type: ACT_GATHER_INFO
2017-09-27 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-2798.nasl - Type: ACT_GATHER_INFO
2017-09-27 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-2799.nasl - Type: ACT_GATHER_INFO
2017-09-27 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-2800.nasl - Type: ACT_GATHER_INFO
2017-01-31 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-0333-1.nasl - Type: ACT_GATHER_INFO
2016-09-08 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2016-2245-1.nasl - Type: ACT_GATHER_INFO
2016-09-02 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2016-2105-1.nasl - Type: ACT_GATHER_INFO
2016-08-30 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2016-1029.nasl - Type: ACT_GATHER_INFO
2016-08-02 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-3426-1.nasl - Type: ACT_GATHER_INFO
2016-05-12 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2967-1.nasl - Type: ACT_GATHER_INFO
2016-04-13 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2948-2.nasl - Type: ACT_GATHER_INFO
2016-04-07 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2947-1.nasl - Type: ACT_GATHER_INFO