RSS   Vulnerabilities for
'Enterprise linux for real time for nfv'
   RSS

2022-03-10
 
CVE-2022-0847

CWE-665
 

 
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.

 
2022-03-04
 
CVE-2021-3656

CWE-862
 

 
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.

 
2022-03-03
 
CVE-2021-3609

CWE-362
 

 
.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.

 
2018-07-26
 
CVE-2018-10881

CWE-119
 

 
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.

 
2016-06-27
 
CVE-2016-3707

 

 
The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.

 

 >>> Vendor: Redhat 369 Products
Linux
Enterprise linux
Enterprise linux desktop
Linux powertools
Tmpwatch
Stronghold
Redhat package manager
Docbook stylesheets
Docbook utils
Pre-execution environment
Interchange
Linux advanced workstation
Rhmask
LV
Tcpdump
Analog real-time synthesizer
Kdebase
Kdelibs
Kdelibs devel
Kdelibs sound
Kdelibs sound devel
Wu ftpd
Daredevil skk
Ddskk-xemacs
Up2date
Pam smb
Sendmail
Kernel
Rsync
Bigmem kernel
Kernel doc
Kernel source
Openssl
Sysstat
Gdk pixbuf
LHA
Fedora core
Libpng
Sysreport
Open iscsi
Cluster suite
Network satelite server
Fedora
Conga
Mcstrans
Certificate server
Cairo
Network satellite server
Cygwin
Directory server
Fedora directory server
Nfs utils
Desktop
Enterprise linux desktop workstation
Desktop workstation
Fedora 8
Certificate system
Vsftpd
Adminutil
Enterprise ipa
Freeipa
Jboss enterprise application platform
Initscripts
CMAN
dogtag certificate system
Cluster project
Gfs2-utils
Rgmanager
Dogtag certificate system
Enterprise mrg
Spacewalk-java
Enterprise virtualization
Qspice
KVM
Network satellite
Yum-rhn-plugin
Enterprise virtualization hypervisor
Enterprise virtualization manager
Jboss enterprise service bus
Jboss enterprise soa platform
Evince
Spice-xpi
Spice-activex
LUCI
Icedtea
Jboss enterprise web platform
Jboss remoting
Icedtea-web
Policycoreutils
Libvirt
Jboss seam 2 framework
Policykit
System-config-firewall
System-config-printer
Jboss operations network
Automatic bug reporting tool
SOS
Dtach
Jboss community application server
Mod cluster
See all Products for Vendor Redhat


Copyright 2022, cxsecurity.com

 

Back to Top