Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Virtualization Host
Total 83 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-18559 2 Linux, Redhat 9 Linux Kernel, Enterprise Linux Desktop, Enterprise Linux Server and 6 more 2024-02-28 6.8 MEDIUM 8.1 HIGH
In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code mishandles a certain multithreaded case involving a packet_do_bind unregister action followed by a packet_notifier register action. Later, packet_release operates on only one of the two applicable linked lists. The attacker can achieve Program Counter control.
CVE-2018-14659 2 Debian, Redhat 6 Debian Linux, Enterprise Linux, Enterprise Linux Server and 3 more 2024-02-28 4.0 MEDIUM 6.5 MEDIUM
The Gluster file system through versions 4.1.4 and 3.1.2 is vulnerable to a denial of service attack via use of the 'GF_XATTR_IOSTATS_DUMP_KEY' xattr. A remote, authenticated attacker could exploit this by mounting a Gluster volume and repeatedly calling 'setxattr(2)' to trigger a state dump and create an arbitrary number of files in the server's runtime directory.
CVE-2018-10927 4 Debian, Gluster, Opensuse and 1 more 5 Debian Linux, Glusterfs, Leap and 2 more 2024-02-28 5.5 MEDIUM 8.1 HIGH
A flaw was found in RPC request using gfs3_lookup_req in glusterfs server. An authenticated attacker could use this flaw to leak information and execute remote denial of service by crashing gluster brick process.
CVE-2018-10875 4 Canonical, Debian, Redhat and 1 more 11 Ubuntu Linux, Debian Linux, Ansible Engine and 8 more 2024-02-28 4.6 MEDIUM 7.8 HIGH
A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.
CVE-2018-10904 4 Debian, Gluster, Opensuse and 1 more 5 Debian Linux, Glusterfs, Leap and 2 more 2024-02-28 6.5 MEDIUM 8.8 HIGH
It was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by the "debug/io-stats" translator. Attacker can use this flaw to create files and execute arbitrary code. To exploit this attacker would require sufficient access to modify the extended attributes of files on a gluster volume.
CVE-2018-1000805 4 Canonical, Debian, Paramiko and 1 more 11 Ubuntu Linux, Debian Linux, Paramiko and 8 more 2024-02-28 6.5 MEDIUM 8.8 HIGH
Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity.
CVE-2018-10926 4 Debian, Gluster, Opensuse and 1 more 6 Debian Linux, Glusterfs, Leap and 3 more 2024-02-28 6.5 MEDIUM 8.8 HIGH
A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal and execute arbitrary code on a glusterfs server node.
CVE-2018-1114 1 Redhat 3 Undertow, Virtualization, Virtualization Host 2024-02-28 4.0 MEDIUM 6.5 MEDIUM
It was found that URLResource.getLastModified() in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak.
CVE-2018-10858 4 Canonical, Debian, Redhat and 1 more 8 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 5 more 2024-02-28 6.5 MEDIUM 8.8 HIGH
A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.
CVE-2018-10873 4 Canonical, Debian, Redhat and 1 more 11 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 8 more 2024-02-28 6.5 MEDIUM 8.8 HIGH
A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. A malicious client or server, after authentication, could send specially crafted messages to its peer which would result in a crash or, potentially, other impacts.
CVE-2018-10907 4 Debian, Gluster, Opensuse and 1 more 5 Debian Linux, Glusterfs, Leap and 2 more 2024-02-28 6.5 MEDIUM 8.8 HIGH
It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using 'alloca(3)'. An authenticated attacker could exploit this by mounting a gluster volume and sending a string longer that the fixed buffer size to cause crash or potential code execution.
CVE-2018-10923 4 Debian, Gluster, Opensuse and 1 more 5 Debian Linux, Glusterfs, Leap and 2 more 2024-02-28 5.5 MEDIUM 8.1 HIGH
It was found that the "mknod" call derived from mknod(2) can create files pointing to devices on a glusterfs server node. An authenticated attacker could use this to create an arbitrary device and read data from any device attached to the glusterfs server node.
CVE-2018-10911 4 Debian, Gluster, Opensuse and 1 more 7 Debian Linux, Glusterfs, Leap and 4 more 2024-02-28 5.0 MEDIUM 7.5 HIGH
A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value.
CVE-2018-10930 4 Debian, Gluster, Opensuse and 1 more 7 Debian Linux, Glusterfs, Leap and 4 more 2024-02-28 4.0 MEDIUM 6.5 MEDIUM
A flaw was found in RPC request using gfs3_rename_req in glusterfs server. An authenticated attacker could use this flaw to write to a destination outside the gluster volume.
CVE-2018-18397 3 Canonical, Linux, Redhat 10 Ubuntu Linux, Linux Kernel, Enterprise Linux Desktop and 7 more 2024-02-28 2.1 LOW 5.5 MEDIUM
The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c.
CVE-2018-14654 2 Debian, Redhat 6 Debian Linux, Enterprise Linux Server, Enterprise Linux Virtualization and 3 more 2024-02-28 8.5 HIGH 6.5 MEDIUM
The Gluster file system through version 4.1.4 is vulnerable to abuse of the 'features/index' translator. A remote attacker with access to mount volumes could exploit this via the 'GF_XATTROP_ENTRY_IN_KEY' xattrop to create arbitrary, empty files on the target server.
CVE-2019-1559 13 Canonical, Debian, F5 and 10 more 90 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 87 more 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).
CVE-2018-10913 4 Debian, Gluster, Opensuse and 1 more 5 Debian Linux, Glusterfs, Leap and 2 more 2024-02-28 4.0 MEDIUM 6.5 MEDIUM
An information disclosure vulnerability was discovered in glusterfs server. An attacker could issue a xattr request via glusterfs FUSE to determine the existence of any file.
CVE-2018-11236 4 Gnu, Netapp, Oracle and 1 more 9 Glibc, Data Ontap Edge, Element Software Management and 6 more 2024-02-28 7.5 HIGH 9.8 CRITICAL
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.
CVE-2018-8088 3 Oracle, Qos, Redhat 14 Goldengate Application Adapters, Goldengate Stream Analytics, Utilities Framework and 11 more 2024-02-28 7.5 HIGH 9.8 CRITICAL
org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. EventData in the slf4j-ext module in QOS.CH SLF4J, has been fixed in SLF4J versions 1.7.26 later and in the 2.0.x series.