Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Enterprise Linux Compute Node Eus
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-6454 8 Canonical, Debian, Fedoraproject and 5 more 22 Ubuntu Linux, Debian Linux, Fedora and 19 more 2024-11-21 4.9 MEDIUM 5.5 MEDIUM
An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1, causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic).
CVE-2019-14816 7 Canonical, Debian, Fedoraproject and 4 more 54 Ubuntu Linux, Debian Linux, Fedora and 51 more 2024-11-21 7.2 HIGH 7.8 HIGH
There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
CVE-2018-16866 5 Canonical, Debian, Netapp and 2 more 21 Ubuntu Linux, Debian Linux, Active Iq Performance Analytics Services and 18 more 2024-11-21 2.1 LOW 3.3 LOW
An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable.
CVE-2017-15129 4 Canonical, Fedoraproject, Linux and 1 more 20 Ubuntu Linux, Fedora, Linux Kernel and 17 more 2024-11-21 4.9 MEDIUM 4.7 MEDIUM
A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely.
CVE-2015-5165 7 Arista, Debian, Fedoraproject and 4 more 24 Eos, Debian Linux, Fedora and 21 more 2024-11-21 9.3 HIGH N/A
The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.
CVE-2015-4170 2 Linux, Redhat 6 Linux Kernel, Enterprise Linux Compute Node Eus, Enterprise Linux For Ibm Z Systems Eus and 3 more 2024-11-21 4.7 MEDIUM 4.7 MEDIUM
Race condition in the ldsem_cmpxchg function in drivers/tty/tty_ldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of service (ldsem_down_read and ldsem_down_write deadlock) by establishing a new tty thread during shutdown of a previous tty thread.
CVE-2015-3214 6 Arista, Debian, Lenovo and 3 more 19 Eos, Debian Linux, Emc Px12-400r Ivx and 16 more 2024-11-21 6.9 MEDIUM N/A
The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use of an invalid index.