Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Enterprise Linux For Ibm Z Systems
Total 90 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-3602 2 Buildah Project, Redhat 4 Buildah, Enterprise Linux, Enterprise Linux For Ibm Z Systems and 1 more 2024-02-28 1.9 LOW 5.5 MEDIUM
An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile RUN commands) can access environment variables from parent and grandparent processes. When run in a container in a CI/CD environment, environment variables may include sensitive information that was shared with the container in order to be used only by Buildah itself (e.g. container registry credentials).
CVE-2021-3677 3 Fedoraproject, Postgresql, Redhat 7 Fedora, Postgresql, Enterprise Linux and 4 more 2024-02-28 4.0 MEDIUM 6.5 MEDIUM
A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include max_worker_processes=0, the known versions of this attack are infeasible. However, undiscovered variants of the attack may be independent of that setting.
CVE-2022-0492 6 Canonical, Debian, Fedoraproject and 3 more 30 Ubuntu Linux, Debian Linux, Fedora and 27 more 2024-02-28 6.9 MEDIUM 7.8 HIGH
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
CVE-2022-0330 4 Fedoraproject, Linux, Netapp and 1 more 46 Fedora, Linux Kernel, H300e and 43 more 2024-02-28 4.6 MEDIUM 7.8 HIGH
A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system.
CVE-2022-0435 5 Fedoraproject, Linux, Netapp and 2 more 37 Fedora, Linux Kernel, H300e and 34 more 2024-02-28 9.0 HIGH 8.8 HIGH
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network.
CVE-2021-4091 2 Port389, Redhat 8 389-ds-base, Enterprise Linux Desktop, Enterprise Linux For Ibm Z Systems and 5 more 2024-02-28 5.0 MEDIUM 7.5 HIGH
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash.
CVE-2021-3737 6 Canonical, Fedoraproject, Netapp and 3 more 17 Ubuntu Linux, Fedora, Hci and 14 more 2024-02-28 7.1 HIGH 7.5 HIGH
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.
CVE-2021-23214 3 Fedoraproject, Postgresql, Redhat 6 Fedora, Postgresql, Enterprise Linux and 3 more 2024-02-28 5.1 MEDIUM 8.1 HIGH
When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption.
CVE-2016-2124 5 Canonical, Debian, Fedoraproject and 2 more 24 Ubuntu Linux, Debian Linux, Fedora and 21 more 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.
CVE-2021-3930 3 Debian, Qemu, Redhat 10 Debian Linux, Qemu, Codeready Linux Builder and 7 more 2024-02-28 2.1 LOW 6.5 MEDIUM
An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition.
CVE-2021-3551 4 Dogtagpki, Fedoraproject, Oracle and 1 more 12 Dogtagpki, Fedora, Linux and 9 more 2024-02-28 4.4 MEDIUM 7.8 HIGH
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threat from this vulnerability is to confidentiality.
CVE-2021-3733 4 Fedoraproject, Netapp, Python and 1 more 20 Extra Packages For Enterprise Linux, Fedora, Hci Compute Node Firmware and 17 more 2024-02-28 4.0 MEDIUM 6.5 MEDIUM
There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability.
CVE-2021-20257 4 Debian, Fedoraproject, Qemu and 1 more 8 Debian Linux, Fedora, Qemu and 5 more 2024-02-28 2.1 LOW 6.5 MEDIUM
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits (tx) descriptors in process_tx_desc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
CVE-2022-0516 5 Debian, Fedoraproject, Linux and 2 more 31 Debian Linux, Fedora, Linux Kernel and 28 more 2024-02-28 4.6 MEDIUM 7.8 HIGH
A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions prior to 5.17-rc4.
CVE-2020-25717 5 Canonical, Debian, Fedoraproject and 2 more 25 Ubuntu Linux, Debian Linux, Fedora and 22 more 2024-02-28 8.5 HIGH 8.1 HIGH
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.
CVE-2021-44142 6 Canonical, Debian, Fedoraproject and 3 more 23 Ubuntu Linux, Debian Linux, Fedora and 20 more 2024-02-28 9.0 HIGH 8.8 HIGH
The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root.
CVE-2021-3672 6 C-ares Project, Fedoraproject, Nodejs and 3 more 17 C-ares, Fedora, Node.js and 14 more 2024-02-28 6.8 MEDIUM 5.6 MEDIUM
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.
CVE-2020-14301 2 Netapp, Redhat 13 Ontap Select Deploy Administration Utility, Codeready Linux Builder, Enterprise Linux and 10 more 2024-02-28 4.0 MEDIUM 6.5 MEDIUM
An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were saved in the XML dump of the guest domain. This flaw allows an attacker to access potentially sensitive information in the domain configuration via the `dumpxml` command.
CVE-2020-27842 5 Debian, Fedoraproject, Oracle and 2 more 11 Debian Linux, Extra Packages For Enterprise Linux, Fedora and 8 more 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application availability.
CVE-2020-9490 7 Apache, Canonical, Debian and 4 more 25 Http Server, Ubuntu Linux, Debian Linux and 22 more 2024-02-28 5.0 MEDIUM 7.5 HIGH
Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for unpatched servers.