Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Enterprise Linux Server
Total 1910 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-1126 5 Canonical, Debian, Procps-ng Project and 2 more 10 Ubuntu Linux, Debian Linux, Procps-ng and 7 more 2024-11-21 7.5 HIGH 4.8 MEDIUM
procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124.
CVE-2018-1124 6 Canonical, Debian, Opensuse and 3 more 9 Ubuntu Linux, Debian Linux, Leap and 6 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users.
CVE-2018-1120 4 Canonical, Debian, Linux and 1 more 7 Ubuntu Linux, Debian Linux, Linux Kernel and 4 more 2024-11-21 3.5 LOW 2.8 LOW
A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which makes a read() call to the /proc/<pid>/cmdline (or /proc/<pid>/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks).
CVE-2018-1118 4 Canonical, Debian, Linux and 1 more 7 Ubuntu Linux, Debian Linux, Linux Kernel and 4 more 2024-11-21 2.1 LOW 2.3 LOW
Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.
CVE-2018-1113 2 Fedoraproject, Redhat 6 Fedora, Enterprise Linux, Enterprise Linux Desktop and 3 more 2024-11-21 4.6 MEDIUM 4.8 MEDIUM
setup before version 2.11.4-1.fc28 in Fedora and Red Hat Enterprise Linux added /sbin/nologin and /usr/sbin/nologin to /etc/shells. This violates security assumptions made by pam_shells and some daemons which allow access based on a user's shell being listed in /etc/shells. Under some circumstances, users which had their shell changed to /sbin/nologin could still access the system.
CVE-2018-1111 2 Fedoraproject, Redhat 7 Fedora, Enterprise Linux, Enterprise Linux Desktop and 4 more 2024-11-21 7.9 HIGH 7.5 HIGH
DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.
CVE-2018-1106 4 Canonical, Debian, Packagekit Project and 1 more 9 Ubuntu Linux, Debian Linux, Packagekit and 6 more 2024-11-21 2.1 LOW 5.5 MEDIUM
An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system.
CVE-2018-1100 3 Canonical, Redhat, Zsh 5 Ubuntu Linux, Enterprise Linux Desktop, Enterprise Linux Server and 2 more 2024-11-21 7.2 HIGH 7.8 HIGH
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user.
CVE-2018-1094 3 Canonical, Linux, Redhat 5 Ubuntu Linux, Linux Kernel, Enterprise Linux Desktop and 2 more 2024-11-21 7.1 HIGH 5.5 MEDIUM
The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted ext4 image.
CVE-2018-1089 3 Debian, Fedoraproject, Redhat 5 Debian Linux, 389 Directory Server, Enterprise Linux Desktop and 2 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.
CVE-2018-1088 3 Debian, Opensuse, Redhat 6 Debian Linux, Leap, Enterprise Linux Server and 3 more 2024-11-21 6.8 MEDIUM 8.1 HIGH
A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink.
CVE-2018-1087 4 Canonical, Debian, Linux and 1 more 11 Ubuntu Linux, Debian Linux, Linux Kernel and 8 more 2024-11-21 4.6 MEDIUM 8.0 HIGH
kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest or, potentially, escalate their privileges in the guest.
CVE-2018-1084 4 Canonical, Corosync, Debian and 1 more 4 Ubuntu Linux, Corosync, Debian Linux and 1 more 2024-11-21 7.5 HIGH 7.5 HIGH
corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c.
CVE-2018-1083 4 Canonical, Debian, Redhat and 1 more 6 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 3 more 2024-11-21 7.2 HIGH 7.8 HIGH
Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries to use autocomplete to traverse the before mentioned path. If the user affected is privileged, this leads to privilege escalation.
CVE-2018-1071 4 Canonical, Debian, Redhat and 1 more 6 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 3 more 2024-11-21 2.1 LOW 5.5 MEDIUM
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd() function. A local attacker could exploit this to cause a denial of service.
CVE-2018-1068 4 Canonical, Debian, Linux and 1 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2024-11-21 7.2 HIGH 6.7 MEDIUM
A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.
CVE-2018-1061 5 Canonical, Debian, Fedoraproject and 2 more 8 Ubuntu Linux, Debian Linux, Fedora and 5 more 2024-11-21 5.0 MEDIUM 6.5 MEDIUM
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.
CVE-2018-1060 5 Canonical, Debian, Fedoraproject and 2 more 8 Ubuntu Linux, Debian Linux, Fedora and 5 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.
CVE-2018-1054 2 Fedoraproject, Redhat 4 389 Directory Server, Enterprise Linux Desktop, Enterprise Linux Server and 1 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.
CVE-2018-1050 4 Canonical, Debian, Redhat and 1 more 6 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 3 more 2024-11-21 3.3 LOW 4.3 MEDIUM
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash.