CVE-2024-2961
Severity: important
Released on: 17/04/2024
Advisory:
Bugzilla: 2273404
Bugzilla Description:
glibc: Out of bounds write in iconv may lead to remote code execution
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26846
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275558
Bugzilla Description:
kernel: nvme-fc: do not wait in vain when unloading module
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26845
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275561
Bugzilla Description:
kernel: scsi: target: core: Add TMF to tmr_list handling
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26844
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275563
Bugzilla Description:
kernel: block: Fix WARNING in _copy_from_iter
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26843
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275565
Bugzilla Description:
kernel: efi: runtime: Fix potential overflow of soft-reserved region size
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26842
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275567
Bugzilla Description:
kernel: scsi: ufs: core: Fix shift issue in ufshcd_clear_cmd()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26841
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275571
Bugzilla Description:
kernel: LoongArch: Update cpu_sibling_map when disabling nonboot CPUs
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26840
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275573
Bugzilla Description:
kernel: cachefiles: fix memory leak in cachefiles_add_cache()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26839
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275576
Bugzilla Description:
kernel: IB/hfi1: Fix a memleak in init_credit_return
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26838
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275578
Bugzilla Description:
kernel: RDMA/irdma: Fix KASAN issue with tasklet
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26837
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275580
Bugzilla Description:
kernel: net: bridge: switchdev: Skip MDB replays of deferred events on offload
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26836
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275582
Bugzilla Description:
kernel: platform/x86: think-lmi: Fix password opcode ordering for workstations
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26835
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275584
Bugzilla Description:
kernel: netfilter: nf_tables: set dormant flag on hook register failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26834
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275586
Bugzilla Description:
kernel: netfilter: nft_flow_offload: release dst in case direct xmit path is used
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26833
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275588
Bugzilla Description:
kernel: drm/amd/display: Fix memory leak in dm_sw_fini()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26832
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275590
Bugzilla Description:
kernel: mm: zswap: fix missing folio cleanup in writeback race path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26831
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275593
Bugzilla Description:
kernel: net/handshake: Fix handshake_req_destroy_test1
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26830
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275596
Bugzilla Description:
kernel: i40e: Do not allow untrusted VF to remove administratively set MAC
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26829
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275598
Bugzilla Description:
kernel: media: ir_toy: fix a memleak in irtoy_tx
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26828
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275600
Bugzilla Description:
kernel: cifs: fix underflow in parse_server_interfaces()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26827
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275602
Bugzilla Description:
kernel: i2c: qcom-geni: Correct I2C TRE sequence
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26826
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275604
Bugzilla Description:
kernel: mptcp: fix data re-injection from stale subflow
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26825
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275607
Bugzilla Description:
kernel: nfc: nci: free rx_data_reassembly skb on NCI device cleanup
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26824
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275609
Bugzilla Description:
kernel: crypto: algif_hash - Remove bogus SGL free on zero-length error path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26823
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275611
Bugzilla Description:
kernel: irqchip/gic-v3-its: Restore quirk probing for ACPI-based systems
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26822
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275613
Bugzilla Description:
kernel: smb: client: set correct id, uid and cruid for multiuser automounts
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26821
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275616
Bugzilla Description:
kernel: fs: relax mount_setattr() permission checks
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26820
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275618
Bugzilla Description:
kernel: hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26819
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275620
Bugzilla Description:
kernel: dm: limit the number of targets and parameter size area
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26818
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275622
Bugzilla Description:
kernel: tools/rtla: Fix clang warning about mount_point var size
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52643
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275624
Bugzilla Description:
kernel: iio: core: fix memleak in iio_device_register_sysfs
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52642
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275626
Bugzilla Description:
kernel: media: rc: bpf attach/detach requires write permission
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26909
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275630
Bugzilla Description:
kernel: soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26907
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275633
Bugzilla Description:
kernel: RDMA/mlx5: Fix fortify source warning while accessing Eth segment
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26906
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275635
Bugzilla Description:
kernel: x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26905
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275637
Bugzilla Description:
kernel: btrfs: fix data races when accessing the reserved amount of block reserves
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26904
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275639
Bugzilla Description:
kernel: btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26903
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275641
Bugzilla Description:
kernel: Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26902
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275643
Bugzilla Description:
kernel: perf: RISCV: Fix panic on pmu overflow handler
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26901
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275645
Bugzilla Description:
kernel: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26900
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275647
Bugzilla Description:
kernel: md: fix kmemleak of rdev->serial
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26899
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275650
Bugzilla Description:
kernel: block: fix deadlock between bd_link_disk_holder and partition scan
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26898
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275652
Bugzilla Description:
kernel: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26897
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275655
Bugzilla Description:
kernel: wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26896
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275657
Bugzilla Description:
kernel: wifi: wfx: fix memory leak when starting AP
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26895
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275659
Bugzilla Description:
kernel: wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26894
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275661
Bugzilla Description:
kernel: ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26893
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275664
Bugzilla Description:
kernel: firmware: arm_scmi: Fix double free in SMC transport cleanup path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26892
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275666
Bugzilla Description:
kernel: wifi: mt76: mt7921e: fix use-after-free in free_irq()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26891
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275668
Bugzilla Description:
kernel: iommu/vt-d: Don't issue ATS Invalidation request when device is disconnected
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26890
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275670
Bugzilla Description:
kernel: Bluetooth: btrtl: fix out of bounds memory access
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26889
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275672
Bugzilla Description:
kernel: Bluetooth: hci_core: Fix possible buffer overflow
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26888
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275674
Bugzilla Description:
kernel: Bluetooth: msft: Fix memory leak
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26887
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275676
Bugzilla Description:
kernel: Bluetooth: btusb: Fix memory leak
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26886
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275678
Bugzilla Description:
kernel: Bluetooth: af_bluetooth: Fix deadlock
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26885
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275680
Bugzilla Description:
kernel: bpf: Fix DEVMAP_HASH overflow check on 32-bit arches
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26884
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275682
Bugzilla Description:
kernel: bpf: Fix hashtab overflow check on 32-bit arches
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26883
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275684
Bugzilla Description:
kernel: bpf: Fix stackmap overflow check on 32-bit arches
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26882
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275686
Bugzilla Description:
kernel: net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26881
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275688
Bugzilla Description:
kernel: net: hns3: fix kernel crash when 1588 is received on HIP08 devices
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26880
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275690
Bugzilla Description:
kernel: dm: call the resume method on internal suspend
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26879
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275692
Bugzilla Description:
kernel: clk: meson: Add missing clocks to axg_clk_regmaps
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26878
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275694
Bugzilla Description:
kernel: quota: Fix potential NULL pointer dereference
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26877
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275697
Bugzilla Description:
kernel: crypto: xilinx - call finalize with bh disabled
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26876
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275699
Bugzilla Description:
kernel: drm/bridge: adv7511: fix crash on irq during probe
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26875
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275701
Bugzilla Description:
kernel: media: pvrusb2: fix uaf in pvr2_context_set_notify
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26874
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275703
Bugzilla Description:
kernel: drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26873
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275705
Bugzilla Description:
kernel: scsi: hisi_sas: Fix a deadlock issue related to automatic dump
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26872
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275707
Bugzilla Description:
kernel: RDMA/srpt: Do not register event handler until srpt device is fully setup
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26871
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275709
Bugzilla Description:
kernel: f2fs: fix NULL pointer dereference in f2fs_submit_page_write()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26870
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275711
Bugzilla Description:
kernel: NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26869
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275713
Bugzilla Description:
kernel: f2fs: fix to truncate meta inode pages forcely
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26868
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275715
Bugzilla Description:
kernel: nfs: fix panic when nfs4_ff_layout_prepare_ds() fails
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26867
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275717
Bugzilla Description:
kernel: comedi: comedi_8255: Correct error in subdevice initialization
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26866
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275719
Bugzilla Description:
kernel: spi: lpspi: Avoid potential use-after-free in probe()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26865
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275721
Bugzilla Description:
kernel: rds: tcp: Fix use-after-free of net in reqsk_timer_handler().
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26864
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275723
Bugzilla Description:
kernel: tcp: Fix refcnt handling in __inet_hash_connect().
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26863
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275725
Bugzilla Description:
kernel: hsr: Fix uninit-value access in hsr_get_node()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26862
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275727
Bugzilla Description:
kernel: packet: annotate data-races around ignore_outgoing
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26861
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275729
Bugzilla Description:
kernel: wireguard: receive: annotate data-race around receiving_counter.counter
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26860
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275731
Bugzilla Description:
kernel: dm-integrity: fix a memory leak when rechecking the data
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26859
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275733
Bugzilla Description:
kernel: net/bnx2x: Prevent access to a freed page in page_pool
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26858
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275735
Bugzilla Description:
kernel: net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26857
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275737
Bugzilla Description:
kernel: geneve: make sure to pull inner header in geneve_rx()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26856
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275740
Bugzilla Description:
kernel: net: sparx5: Fix use after free inside sparx5_del_mact_entry
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26855
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275742
Bugzilla Description:
kernel: net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26908
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275744
Bugzilla Description:
kernel: x86/xen: Add some null pointer checking to smp.c
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26854
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275746
Bugzilla Description:
kernel: ice: fix uninitialized dplls mutex usage
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26853
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275748
Bugzilla Description:
kernel: igc: avoid returning frame twice in XDP_REDIRECT
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26851
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275750
Bugzilla Description:
kernel: netfilter: nf_conntrack_h323: Add protection for bmp length out of range
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26850
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275752
Bugzilla Description:
kernel: mm/debug_vm_pgtable: fix BUG_ON with pud advanced test
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26849
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275754
Bugzilla Description:
kernel: netlink: add nla be16/32 types to minlen array
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26848
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275756
Bugzilla Description:
kernel: afs: Fix endless loop in directory parsing
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26847
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275758
Bugzilla Description:
kernel: powerpc/rtas: use correct function name for resetting TCE tables
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26852
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275761
Bugzilla Description:
kernel: net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52645
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275771
Bugzilla Description:
kernel: pmdomain: mediatek: fix race conditions with genpd
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26910
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275773
Bugzilla Description:
kernel: netfilter: ipset: fix performance regression in swap operation
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26920
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275775
Bugzilla Description:
kernel: tracing/trigger: Fix to return error if failed to alloc snapshot
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26919
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275777
Bugzilla Description:
kernel: usb: ulpi: Fix debugfs directory leak
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26918
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275782
Bugzilla Description:
kernel: PCI: Fix active state requirement in PME polling
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26917
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275784
Bugzilla Description:
kernel: scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock"
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26916
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275788
Bugzilla Description:
kernel: Revert "drm/amd: flush any delayed gfxoff on suspend entry"
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26915
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275790
Bugzilla Description:
kernel: drm/amdgpu: Reset IH OVERFLOW_CLEAR bit
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26914
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275792
Bugzilla Description:
kernel: drm/amd/display: fix incorrect mpc_combine array size
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26913
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275794
Bugzilla Description:
kernel: drm/amd/display: Fix dcn35 8k30 Underflow/Corruption Issue
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26912
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275796
Bugzilla Description:
kernel: drm/nouveau: fix several DMA buffer leaks
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26911
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275798
Bugzilla Description:
kernel: drm/buddy: Fix alloc_range() error handling code
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52644
Severity: moderate
Released on: 17/04/2024
Advisory:
Bugzilla: 2275810
Bugzilla Description:
kernel: wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-31463
Severity: low
Released on: 17/04/2024
Advisory:
Bugzilla: 2275847
Bugzilla Description:
ironic-image: Unauthenticated local access to Ironic API
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-288
Affected Packages:
Package States: Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2024-21012
Severity: low
Released on: 16/04/2024
Advisory: RHSA-2024:1824, RHSA-2024:1823, RHSA-2024:1825, RHSA-2024:1827, RHSA-2024:1820,
Bugzilla: 2274975
Bugzilla Description:
OpenJDK: HTTP/2 client improper reverse DNS lookup (8315708)
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-350
Affected Packages: java-17-openjdk-1:17.0.11.0.9-1.el8_4,Linux,java-17-openjdk-1:17.0.11.0.9-1.el9_0,java-17-openjdk-1:17.0.11.0.9-1.el8_6,java-17-openjdk-1:17.0.11.0.9-2.el8,java-17-openjdk-1:17.0.11.0.9-2.el9,Windows,
Package States: Red Hat build of OpenJDK 11,Red Hat build of OpenJDK 1.8,Red Hat build of OpenJDK 1.8,Red Hat build of OpenJDK 21,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-21011
Severity: moderate
Released on: 16/04/2024
Advisory: RHSA-2024:1824, RHSA-2024:1823, RHSA-2024:1815, RHSA-2024:1825, RHSA-2024:1817, RHSA-2024:1827, RHSA-2024:1816, RHSA-2024:1820,
Bugzilla: 2274977
Bugzilla Description:
OpenJDK: long Exception message leading to crash (8319851)
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-117
Affected Packages: java-17-openjdk-1:17.0.11.0.9-1.el8_4,java-1.8.0-openjdk-1:1.8.0.412.b08-1.el7_9,Linux,java-17-openjdk-1:17.0.11.0.9-1.el9_0,java-17-openjdk-1:17.0.11.0.9-1.el8_6,java-17-openjdk-1:17.0.11.0.9-2.el8,java-17-openjdk-1:17.0.11.0.9-2.el9,Windows,
Package States: Red Hat build of OpenJDK 11,Red Hat build of OpenJDK 21,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-21085
Severity: moderate
Released on: 16/04/2024
Advisory: RHSA-2024:1815, RHSA-2024:1817, RHSA-2024:1816, RHSA-2024:1820,
Bugzilla: 2275001
Bugzilla Description:
OpenJDK: Pack200 excessive memory allocation (8322114)
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-789
Affected Packages: java-1.8.0-openjdk-1:1.8.0.412.b08-1.el7_9,Linux,Windows,
Package States: Red Hat build of OpenJDK 11,Red Hat build of OpenJDK 17,Red Hat build of OpenJDK 17,Red Hat build of OpenJDK 21,Red Hat build of OpenJDK 21,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-21068
Severity: moderate
Released on: 16/04/2024
Advisory: RHSA-2024:1824, RHSA-2024:1823, RHSA-2024:1815, RHSA-2024:1825, RHSA-2024:1817, RHSA-2024:1827, RHSA-2024:1816, RHSA-2024:1820,
Bugzilla: 2275003
Bugzilla Description:
OpenJDK: integer overflow in C1 compiler address generation (8322122)
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-190->CWE-787
Affected Packages: java-17-openjdk-1:17.0.11.0.9-1.el8_4,java-1.8.0-openjdk-1:1.8.0.412.b08-1.el7_9,Linux,java-17-openjdk-1:17.0.11.0.9-1.el9_0,java-17-openjdk-1:17.0.11.0.9-1.el8_6,java-17-openjdk-1:17.0.11.0.9-2.el8,java-17-openjdk-1:17.0.11.0.9-2.el9,Windows,
Package States: Red Hat build of OpenJDK 11,Red Hat build of OpenJDK 21,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-21094
Severity: moderate
Released on: 16/04/2024
Advisory: RHSA-2024:1824, RHSA-2024:1823, RHSA-2024:1815, RHSA-2024:1825, RHSA-2024:1817, RHSA-2024:1816, RHSA-2024:1820,
Bugzilla: 2275005
Bugzilla Description:
OpenJDK: C2 compilation fails with "Exceeded _node_regs array" (8317507)
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-787
Affected Packages: java-17-openjdk-1:17.0.11.0.9-1.el8_4,java-1.8.0-openjdk-1:1.8.0.412.b08-1.el7_9,Linux,java-17-openjdk-1:17.0.11.0.9-1.el9_0,java-17-openjdk-1:17.0.11.0.9-1.el8_6,java-17-openjdk-1:17.0.11.0.9-2.el8,java-17-openjdk-1:17.0.11.0.9-2.el9,Windows,
Package States: Red Hat build of OpenJDK 11,Red Hat build of OpenJDK 21,Red Hat build of OpenJDK 21,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-3177
Severity: low
Released on: 16/04/2024
Advisory:
Bugzilla: 2274118
Bugzilla Description:
kubernetes: kube-apiserver: bypassing mountable secrets policy imposed by the ServiceAccount admission plugin
CVSS Score:
CVSSv3 Score: 2.7
Vector:
CWE: CWE-213
Affected Packages:
Package States: Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2023-0657
Severity: low
Released on: 16/04/2024
Advisory: RHSA-2024:1868, RHSA-2024:1867,
Bugzilla: 2166728
Bugzilla Description:
keycloak: impersonation via logout token exchange
CVSS Score:
CVSSv3 Score: 3.4
Vector:
CWE: CWE-273
Affected Packages: keycloak,rhbk/keycloak-operator-bundle:22.0.10-1,rhbk/keycloak-rhel9:22-13,rhbk/keycloak-rhel9-operator:22-16,
Package States: Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2023-3758
Severity: moderate
Released on: 16/04/2024
Advisory:
Bugzilla: 2223762
Bugzilla Description:
sssd: Race condition during authorization leads to GPO policies functioning inconsistently
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-362->CWE-285
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Virtualization 4,
Full Details
CVE document
CVE-2023-6544
Severity: moderate
Released on: 16/04/2024
Advisory: RHSA-2024:1868, RHSA-2024:1867, RHSA-2024:1860, RHSA-2024:1862, RHSA-2024:1861, RHSA-2024:1864, RHSA-2024:1866,
Bugzilla: 2253116
Bugzilla Description:
keycloak: Authorization Bypass
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-625
Affected Packages: rhbk/keycloak-operator-bundle:22.0.10-1,rhbk/keycloak-rhel9:22-13,rhbk/keycloak-rhel9-operator:22-16,rh-sso-7/sso76-openshift-rhel8:7.6-46,keycloak-core,rh-sso7-keycloak-0:18.0.13-1.redhat_00001.1.el8sso,rh-sso7-keycloak-0:18.0.13-1.redhat_00001.1.el9sso,rh-sso7-keycloak-0:18.0.13-1.redhat_00001.1.el7sso,
Package States:
Full Details
CVE document
CVE-2023-6717
Severity: moderate
Released on: 16/04/2024
Advisory: RHSA-2024:1868, RHSA-2024:1867,
Bugzilla: 2253952
Bugzilla Description:
keycloak: XSS via assertion consumer service URL in SAML POST-binding flow
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-79
Affected Packages: keycloak,rhbk/keycloak-operator-bundle:22.0.10-1,rhbk/keycloak-rhel9:22-13,rhbk/keycloak-rhel9-operator:22-16,
Package States: Migration Toolkit for Applications 6,Migration Toolkit for Applications 7,OpenShift Serverless,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Decision Manager 7,Red Hat Developer Hub,Red Hat Integration Service Registry,Red Hat JBoss A-MQ 7,Red Hat JBoss Data Grid 7,Red Hat JBoss Enterprise Application Platform 6,Red Hat JBoss Enterprise Application Platform 6,Red Hat JBoss Enterprise Application Platform 6,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Fuse 7,Red Hat OpenShift GitOps,Red Hat Process Automation 7,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2024-1132
Severity: important
Released on: 16/04/2024
Advisory: RHSA-2024:1868, RHSA-2024:1867, RHSA-2024:1860, RHSA-2024:1862, RHSA-2024:1861, RHSA-2024:1864, RHSA-2024:1866,
Bugzilla: 2262117
Bugzilla Description:
keycloak: path transversal in redirection validation
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-22
Affected Packages: keycloak,rhbk/keycloak-operator-bundle:22.0.10-1,rhbk/keycloak-rhel9:22-13,rhbk/keycloak-rhel9-operator:22-16,rh-sso-7/sso76-openshift-rhel8:7.6-46,rh-sso7-keycloak-0:18.0.13-1.redhat_00001.1.el8sso,rh-sso7-keycloak-0:18.0.13-1.redhat_00001.1.el9sso,rh-sso7-keycloak-0:18.0.13-1.redhat_00001.1.el7sso,
Package States: Migration Toolkit for Applications 6,Migration Toolkit for Runtimes,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Decision Manager 7,Red Hat Integration Service Registry,Red Hat JBoss A-MQ 7,Red Hat JBoss Data Grid 7,Red Hat JBoss Enterprise Application Platform 6,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Fuse 7,Red Hat Process Automation 7,
Full Details
CVE document
CVE-2024-1249
Severity: important
Released on: 16/04/2024
Advisory: RHSA-2024:1868, RHSA-2024:1867, RHSA-2024:1860, RHSA-2024:1862, RHSA-2024:1861, RHSA-2024:1864, RHSA-2024:1866,
Bugzilla: 2262918
Bugzilla Description:
keycloak: org.keycloak.protocol.oidc: unvalidated cross-origin messages in checkLoginIframe leads to DDoS
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-346
Affected Packages: rhbk/keycloak-operator-bundle:22.0.10-1,rhbk/keycloak-rhel9:22-13,rhbk/keycloak-rhel9-operator:22-16,rh-sso-7/sso76-openshift-rhel8:7.6-46,rh-sso7-keycloak-0:18.0.13-1.redhat_00001.1.el8sso,rh-sso7-keycloak-0:18.0.13-1.redhat_00001.1.el9sso,rh-sso7-keycloak-0:18.0.13-1.redhat_00001.1.el7sso,
Package States: Migration Toolkit for Applications 6,Migration Toolkit for Applications 7,OpenShift Serverless,Red Hat Data Grid 8,Red Hat Decision Manager 7,Red Hat Developer Hub,Red Hat Integration Service Registry,Red Hat JBoss A-MQ 7,Red Hat JBoss A-MQ Streams,Red Hat JBoss Data Grid 7,Red Hat JBoss Enterprise Application Platform 6,Red Hat JBoss Enterprise Application Platform 6,Red Hat JBoss Enterprise Application Platform 6,Red Hat JBoss Enterprise Application Platform 6,Red Hat JBoss Enterprise Application Platform 6,Red Hat JBoss Enterprise Application Platform 6,Red Hat JBoss Enterprise Application Platform 6,Red Hat JBoss Enterprise Application Platform 6,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Fuse 7,Red Hat Process Automation 7,
Full Details
CVE document
CVE-2024-2419
Severity: important
Released on: 16/04/2024
Advisory: RHSA-2024:1867,
Bugzilla: 2269371
Bugzilla Description:
keycloak: path traversal in the redirect validation
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-601
Affected Packages: rhbk/keycloak-operator-bundle:22.0.10-1,rhbk/keycloak-rhel9:22-13,rhbk/keycloak-rhel9-operator:22-16,
Package States:
Full Details
CVE document
CVE-2024-22262
Severity: important
Released on: 16/04/2024
Advisory:
Bugzilla: 2275257
Bugzilla Description:
springframework: URL Parsing with Host Validation
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-601
Affected Packages:
Package States: A-MQ Clients 2,Red Hat build of Apache Camel 4.0 for Spring Boot,Red Hat build of Apache Camel for Spring Boot,Red Hat build of Apache Camel - HawtIO,Red Hat Build of Keycloak,Red Hat build of OptaPlanner 8,Red Hat Integration Camel K,Red Hat JBoss A-MQ 7,Red Hat JBoss A-MQ Streams,Red Hat JBoss Fuse 7,Red Hat Process Automation 7,Red Hat Single Sign-On 7,Red Hat support for Spring Boot,
Full Details
CVE document
CVE-2024-3852
Severity: important
Released on: 16/04/2024
Advisory: RHSA-2024:1904,
Bugzilla: 2275547
Bugzilla Description:
Mozilla: GetBoundName in the JIT returned the wrong object
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-843
Affected Packages: firefox-0:115.10.0-1.el8_2,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-3854
Severity: important
Released on: 16/04/2024
Advisory: RHSA-2024:1904,
Bugzilla: 2275549
Bugzilla Description:
Mozilla: Out-of-bounds-read after mis-optimized switch statement
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-125
Affected Packages: firefox-0:115.10.0-1.el8_2,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-3857
Severity: important
Released on: 16/04/2024
Advisory: RHSA-2024:1904,
Bugzilla: 2275550
Bugzilla Description:
Mozilla: Incorrect JITting of arguments led to use-after-free during garbage collection
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-416
Affected Packages: firefox-0:115.10.0-1.el8_2,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-2609
Severity: moderate
Released on: 16/04/2024
Advisory: RHSA-2024:1904,
Bugzilla: 2275551
Bugzilla Description:
Mozilla: Permission prompt input delay could expire when not in focus
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-356
Affected Packages: firefox-0:115.10.0-1.el8_2,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-3859
Severity: moderate
Released on: 16/04/2024
Advisory: RHSA-2024:1904,
Bugzilla: 2275552
Bugzilla Description:
Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-190->CWE-125
Affected Packages: firefox-0:115.10.0-1.el8_2,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-3861
Severity: moderate
Released on: 16/04/2024
Advisory: RHSA-2024:1904,
Bugzilla: 2275553
Bugzilla Description:
Mozilla: Potential use-after-free due to AlignedBuffer self-move
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-416
Affected Packages: firefox-0:115.10.0-1.el8_2,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-3864
Severity: important
Released on: 16/04/2024
Advisory: RHSA-2024:1904,
Bugzilla: 2275555
Bugzilla Description:
Mozilla: Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-120
Affected Packages: firefox-0:115.10.0-1.el8_2,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-3597
Severity: moderate
Released on: 15/04/2024
Advisory: RHSA-2024:1868, RHSA-2024:1867,
Bugzilla: 2221760
Bugzilla Description:
keycloak: secondary factor bypass in step-up authentication
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-287
Affected Packages: keycloak,rhbk/keycloak-operator-bundle:22.0.10-1,rhbk/keycloak-rhel9:22-13,rhbk/keycloak-rhel9-operator:22-16,
Package States: Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2024-3652
Severity: moderate
Released on: 15/04/2024
Advisory:
Bugzilla: 2274448
Bugzilla Description:
libreswan: IKEv1 default AH/ESP responder can crash and restart
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-617
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-3772
Severity: moderate
Released on: 15/04/2024
Advisory:
Bugzilla: 2275106
Bugzilla Description:
python-pydantic: regular expression denial of service via crafted email string
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-1333
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,
Full Details
CVE document
CVE-2024-31990
Severity: moderate
Released on: 15/04/2024
Advisory:
Bugzilla: 2275189
Bugzilla Description:
argo-cd: API server does not enforce project sourceNamespaces
CVSS Score:
CVSSv3 Score: 4.8
Vector:
CWE: CWE-863
Affected Packages:
Package States: Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,
Full Details
CVE document
CVE-2024-1135
Severity: important
Released on: 15/04/2024
Advisory:
Bugzilla: 2275280
Bugzilla Description:
python-gunicorn: HTTP Request Smuggling due to improper validation of Transfer-Encoding headers
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-444
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Discovery,Red Hat Enterprise Linux 7,Red Hat OpenShift Container Platform 4,Red Hat OpenStack Platform 16.1,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Storage 3,Red Hat Update Infrastructure 4 for Cloud Providers,
Full Details
CVE document
CVE-2024-32487
Severity: important
Released on: 13/04/2024
Advisory:
Bugzilla: 2274980
Bugzilla Description:
less: OS command injection
CVSS Score:
CVSSv3 Score: 8.6
Vector:
CWE: CWE-78
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26817
Severity: moderate
Released on: 13/04/2024
Advisory:
Bugzilla: 2274989
Bugzilla Description:
kernel: amdkfd: use calloc instead of kzalloc to avoid integer overflow
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-3651
Severity: moderate
Released on: 12/04/2024
Advisory:
Bugzilla: 2274779
Bugzilla Description:
python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode()
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-400
Affected Packages:
Package States: Red Hat Ansible Automation Platform 1.2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 3.11,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Software Collections,Red Hat Update Infrastructure 4 for Cloud Providers,Red Hat Update Infrastructure 4 for Cloud Providers,
Full Details
CVE document
CVE-2024-2397
Severity: low
Released on: 12/04/2024
Advisory:
Bugzilla: 2274792
Bugzilla Description:
tcpdump: Crafted .pcap file may lead to Denial of Service
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-28869
Severity: moderate
Released on: 12/04/2024
Advisory:
Bugzilla: 2274987
Bugzilla Description:
traefik: denial of service
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-755
Affected Packages:
Package States: Red Hat OpenShift Dev Spaces,
Full Details
CVE document
CVE-2024-2756
Severity: moderate
Released on: 12/04/2024
Advisory:
Bugzilla: 2275058
Bugzilla Description:
php: host/secure cookie bypass due to partial CVE-2022-31629 fix
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-3096
Severity: low
Released on: 12/04/2024
Advisory:
Bugzilla: 2275061
Bugzilla Description:
php: password_verify can erroneously return true, opening ATO risk
CVSS Score:
CVSSv3 Score: 4.8
Vector:
CWE: CWE-626
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-2757
Severity: moderate
Released on: 12/04/2024
Advisory:
Bugzilla: 2275068
Bugzilla Description:
php: mb_encode_mimeheader runs endlessly for some inputs
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-21508
Severity: important
Released on: 11/04/2024
Advisory:
Bugzilla: 2274446
Bugzilla Description:
mysql2: Remote Code Execution
CVSS Score:
CVSSv3 Score: 9.8
Vector:
CWE: CWE-94
Affected Packages:
Package States: Red Hat Developer Hub,Red Hat Developer Hub,
Full Details
CVE document
CVE-2024-3622
Severity: important
Released on: 10/04/2024
Advisory:
Bugzilla: 2274400
Bugzilla Description:
mirror-registry: Plain-text default CSRF secret key
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-256
Affected Packages:
Package States: mirror registry for Red Hat OpenShift,
Full Details
CVE document
CVE-2024-3623
Severity: important
Released on: 10/04/2024
Advisory:
Bugzilla: 2274404
Bugzilla Description:
mirror-registry: Default database secret key stored in plain-text on initial configuration file
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-256
Affected Packages:
Package States: mirror registry for Red Hat OpenShift,
Full Details
CVE document
CVE-2024-3624
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274407
Bugzilla Description:
mirror-registry: Database user and password stored in plain-text
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-256
Affected Packages:
Package States: mirror registry for Red Hat OpenShift,
Full Details
CVE document
CVE-2024-3625
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274408
Bugzilla Description:
mirror-registry: Redis password stored in plain-text
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-256
Affected Packages:
Package States: mirror registry for Red Hat OpenShift,
Full Details
CVE document
CVE-2024-21507
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274444
Bugzilla Description:
mysql2: Improper Input Validation
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Developer Hub,Red Hat Developer Hub,
Full Details
CVE document
CVE-2024-26816
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274474
Bugzilla Description:
kernel: x86, relocs: Ignore relocations in .notes section
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-212
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26815
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274478
Bugzilla Description:
kernel: net/sched: taprio: proper TCA_TAPRIO_TC_ENTRY_INDEX check
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-21509
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274489
Bugzilla Description:
mysql2: Prototype Poisoning
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-1321
Affected Packages:
Package States: Red Hat Developer Hub,Red Hat Developer Hub,
Full Details
CVE document
CVE-2024-23076
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274494
Bugzilla Description:
jfreechart: Null pointer exception
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-754
Affected Packages:
Package States: OpenShift Developer Tools and Services,Red Hat Build of Keycloak,Red Hat build of OptaPlanner 8,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Integration Camel K,Red Hat JBoss A-MQ 7,Red Hat JBoss A-MQ Streams,Red Hat JBoss Data Grid 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Fuse 7,Red Hat JBoss Web Server 6,Red Hat JBoss Web Server 6,Red Hat OpenShift Container Platform 3.11,Red Hat Process Automation 7,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2024-29903
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274504
Bugzilla Description:
cosign: Malicious artifects can cause machine-wide denial of service
CVSS Score:
CVSSv3 Score: 4.2
Vector:
CWE: CWE-770
Affected Packages:
Package States: OpenShift Pipelines,Red Hat Advanced Cluster Security 3,Red Hat Advanced Cluster Security 4,
Full Details
CVE document
CVE-2024-29902
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274508
Bugzilla Description:
cosign: Malicious attachments can cause system-wide denial of service
CVSS Score:
CVSSv3 Score: 4.2
Vector:
CWE: CWE-770
Affected Packages:
Package States: OpenShift Pipelines,Red Hat Advanced Cluster Security 3,Red Hat Advanced Cluster Security 4,
Full Details
CVE document
CVE-2024-23080
Severity:
Released on: 10/04/2024
Advisory:
Bugzilla: 2274516
Bugzilla Description:
joda-time: Null pointer exeption may lead to DoS
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: A-MQ Clients 2,Logging Subsystem for Red Hat OpenShift,Migration Toolkit for Applications 6,Migration Toolkit for Runtimes,OpenShift Developer Tools and Services,OpenShift Serverless,Red Hat build of Apache Camel 4.0 for Spring Boot,Red Hat build of Apache Camel for Quarkus,Red Hat build of Apache Camel for Spring Boot,Red Hat Build of Keycloak,Red Hat build of OptaPlanner 8,Red Hat Data Grid 8,Red Hat Enterprise Linux 7,Red Hat Integration Camel K,Red Hat Integration Camel Quarkus,Red Hat Integration Change Data Capture,Red Hat Integration Service Registry,Red Hat JBoss A-MQ 7,Red Hat JBoss A-MQ Streams,Red Hat JBoss Data Grid 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Fuse 7,Red Hat JBoss Fuse Service Works 6,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat Process Automation 7,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Single Sign-On 7,Red Hat Software Collections,
Full Details
CVE document
CVE-2021-47219
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274567
Bugzilla Description:
kernel: scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs()
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47218
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274568
Bugzilla Description:
kernel: selinux: fix NULL-pointer dereference when hashtab allocation fails
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47216
Severity: low
Released on: 10/04/2024
Advisory:
Bugzilla: 2274569
Bugzilla Description:
kernel: scsi: advansys: Fix kernel pointer leak
CVSS Score:
CVSSv3 Score: 5.1
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47215
Severity: low
Released on: 10/04/2024
Advisory:
Bugzilla: 2274571
Bugzilla Description:
kernel: net/mlx5e: kTLS, Fix crash in RX resync flow
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47214
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274572
Bugzilla Description:
kernel: hugetlb, userfaultfd: fix reservation restore on userfaultfd error
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47213
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274573
Bugzilla Description:
kernel: NFSD: Fix exposure in nfsd4_decode_bitmap()
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47212
Severity: low
Released on: 10/04/2024
Advisory:
Bugzilla: 2274574
Bugzilla Description:
kernel: net/mlx5: Update error handler for UCTX and UMEM
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47211
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274575
Bugzilla Description:
kernel: ALSA: usb-audio: fix null pointer dereference on pointer cs_desc
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47210
Severity: low
Released on: 10/04/2024
Advisory:
Bugzilla: 2274576
Bugzilla Description:
kernel: usb: typec: tipd: Remove WARN_ON in tps6598x_block_read
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47209
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274577
Bugzilla Description:
kernel: sched/fair: Prevent dead task groups from regaining cfs_rq's
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47217
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274604
Bugzilla Description:
kernel: x86/hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47202
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274607
Bugzilla Description:
kernel: thermal: Fix NULL pointer dereferences in of_thermal_ functions
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47201
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274608
Bugzilla Description:
kernel: iavf: free q_vectors before queues in iavf_disable_vf
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47200
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274609
Bugzilla Description:
kernel: drm/prime: Fix use after free in mmap with drm_gem_ttm_mmap
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47199
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274610
Bugzilla Description:
kernel: net/mlx5e: CT, Fix multiple allocations and memleak of mod acts
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47198
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274611
Bugzilla Description:
kernel: scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47197
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274612
Bugzilla Description:
kernel: net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47196
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274613
Bugzilla Description:
kernel: RDMA/core: Set send and receive CQ before forwarding to the driver
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47195
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274614
Bugzilla Description:
kernel: spi: fix use-after-free of the add_lock mutex
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47194
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274615
Bugzilla Description:
kernel: cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47193
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274616
Bugzilla Description:
kernel: scsi: pm80xx: Fix memory leak during rmmod
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47192
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274617
Bugzilla Description:
kernel: scsi: core: sysfs: Fix hang when device state is set via sysfs
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47191
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274618
Bugzilla Description:
kernel: scsi: scsi_debug: Fix out-of-bound read in resp_readcap16()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47190
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274619
Bugzilla Description:
kernel: perf bpf: Avoid memory leak from perf_env__insert_btf()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47189
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274620
Bugzilla Description:
kernel: btrfs: fix memory ordering between normal and ordered work functions
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47188
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274621
Bugzilla Description:
kernel: scsi: ufs: core: Improve SCSI abort handling
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47187
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274622
Bugzilla Description:
kernel: arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47186
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274623
Bugzilla Description:
kernel: tipc: check for null after calling kmemdup
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47185
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274624
Bugzilla Description:
kernel: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47184
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274625
Bugzilla Description:
kernel: i40e: Fix NULL ptr dereference on VSI filter sync
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47183
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274626
Bugzilla Description:
kernel: scsi: lpfc: Fix link down processing to address NULL pointer dereference
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47182
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274627
Bugzilla Description:
kernel: scsi: core: Fix scsi_mode_sense() buffer length handling
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47181
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274628
Bugzilla Description:
kernel: usb: musb: tusb6010: check return value after calling platform_get_resource()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47207
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274630
Bugzilla Description:
kernel: ALSA: gus: fix null pointer dereference on pointer block
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47206
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274631
Bugzilla Description:
kernel: usb: host: ohci-tmio: check return value after calling platform_get_resource()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47205
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274632
Bugzilla Description:
kernel: clk: sunxi-ng: Unregister clocks/resets when unbinding
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47204
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274633
Bugzilla Description:
kernel: net: dpaa2-eth: fix use-after-free in dpaa2_eth_remove
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47203
Severity: moderate
Released on: 10/04/2024
Advisory:
Bugzilla: 2274634
Bugzilla Description:
kernel: scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-24576
Severity: low
Released on: 09/04/2024
Advisory:
Bugzilla: 2265585
Bugzilla Description:
rust: Fail to Escape Arguments Properly in Microsoft Windows
CVSS Score:
Vector:
CWE: CWE-78
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-2905
Severity: moderate
Released on: 09/04/2024
Advisory:
Bugzilla: 2271585
Bugzilla Description:
rpm-ostree: world-readable /etc/shadow file
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-732
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2024-2201
Severity: moderate
Released on: 09/04/2024
Advisory:
Bugzilla: 2268118
Bugzilla Description:
hw: cpu: intel:InSpectre Gadget a residual Attack Surface of Cross-privilege Spectre v2
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-1874
Severity:
Released on: 09/04/2024
Advisory:
Bugzilla: 2267262
Bugzilla Description:
php: Fail to Escape Arguments Properly in Microsoft Windows
CVSS Score:
Vector:
CWE: CWE-78
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-27980
Severity:
Released on: 09/04/2024
Advisory:
Bugzilla: 2270693
Bugzilla Description:
Node.js: Fail to Escape Arguments Properly in Microsoft Windows
CVSS Score:
Vector:
CWE: CWE-78
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-21409
Severity: moderate
Released on: 09/04/2024
Advisory:
Bugzilla: 2273484
Bugzilla Description:
dotnet: Release COM server object when CPimcManager creation fails
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-416
Affected Packages:
Package States: .NET 6.0 on Red Hat Enterprise Linux,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-3508
Severity: moderate
Released on: 09/04/2024
Advisory:
Bugzilla: 2274109
Bugzilla Description:
bzip2: Compressed Content Bomb Leads to Denial of Service of Bombastic API
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE:
Affected Packages:
Package States: Red Hat Trusted Profile Analyzer,
Full Details
CVE document
CVE-2024-26811
Severity: moderate
Released on: 08/04/2024
Advisory:
Bugzilla: 2273967
Bugzilla Description:
kernel: ksmbd: validate payload size in ipc response
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-2511
Severity: low
Released on: 08/04/2024
Advisory:
Bugzilla: 2274020
Bugzilla Description:
openssl: Unbounded memory growth with session handling in TLSv1.3
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-400
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-23078
Severity: moderate
Released on: 08/04/2024
Advisory:
Bugzilla: 2274095
Bugzilla Description:
jgrapht-core: Null Pointer Exception
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-395
Affected Packages:
Package States: Migration Toolkit for Applications 6,Migration Toolkit for Runtimes,Red Hat build of Quarkus,Red Hat Process Automation 7,
Full Details
CVE document
CVE-2024-23081
Severity: moderate
Released on: 08/04/2024
Advisory:
Bugzilla: 2274197
Bugzilla Description:
threetenbp: null pointer exception
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-754
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,OpenShift Serverless,Red Hat build of Apache Camel 4.0 for Spring Boot,Red Hat build of Apache Camel for Quarkus,Red Hat build of Apache Camel for Spring Boot,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Integration Camel K,Red Hat Integration Camel Quarkus,Red Hat JBoss A-MQ Streams,Red Hat JBoss Data Grid 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Fuse 7,Red Hat OpenShift Dev Spaces,
Full Details
CVE document
CVE-2024-23079
Severity: moderate
Released on: 08/04/2024
Advisory:
Bugzilla: 2274203
Bugzilla Description:
jgrapht: null pointer exception
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-754
Affected Packages:
Package States: Migration Toolkit for Applications 6,Migration Toolkit for Runtimes,Red Hat build of Quarkus,Red Hat JBoss Data Grid 7,Red Hat JBoss Fuse 7,Red Hat Process Automation 7,
Full Details
CVE document
CVE-2024-3567
Severity: moderate
Released on: 08/04/2024
Advisory:
Bugzilla: 2274339
Bugzilla Description:
QEMU: net: assertion failure in update_sctp_checksum()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-617
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8 Advanced Virtualization,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-31948
Severity: moderate
Released on: 07/04/2024
Advisory:
Bugzilla: 2273982
Bugzilla Description:
frr: bgpd daemon crash
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-248
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-31949
Severity: moderate
Released on: 07/04/2024
Advisory:
Bugzilla: 2273992
Bugzilla Description:
frr: infinite loop
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-31950
Severity: important
Released on: 07/04/2024
Advisory:
Bugzilla: 2273995
Bugzilla Description:
frr: buffer overflow and daemon crash in ospf_te_parse_ri
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-31951
Severity: important
Released on: 07/04/2024
Advisory:
Bugzilla: 2273999
Bugzilla Description:
frr: buffer overflow in ospf_te_parse_ext_link
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-21506
Severity: moderate
Released on: 06/04/2024
Advisory:
Bugzilla: 2273859
Bugzilla Description:
python-pymongo: out of bounds read
CVSS Score:
CVSSv3 Score: 5.2
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat OpenStack Platform 16.1,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat Satellite 6,
Full Details
CVE document
CVE-2024-25742
Severity: moderate
Released on: 05/04/2024
Advisory:
Bugzilla: 2270836
Bugzilla Description:
hw: amd: Instruction raise #VC exception at exit
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-25743
Severity: moderate
Released on: 05/04/2024
Advisory:
Bugzilla: 2270836
Bugzilla Description:
hw: amd: Instruction raise #VC exception at exit
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26814
Severity: low
Released on: 05/04/2024
Advisory:
Bugzilla: 2273646
Bugzilla Description:
kernel: vfio/fsl-mc: Block calling interrupt handler without trigger
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26813
Severity: low
Released on: 05/04/2024
Advisory:
Bugzilla: 2273648
Bugzilla Description:
kernel: vfio/platform: Create persistent IRQ handlers
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26812
Severity: moderate
Released on: 05/04/2024
Advisory:
Bugzilla: 2273650
Bugzilla Description:
kernel: vfio/pci: Create persistent INTx handler
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26810
Severity: low
Released on: 05/04/2024
Advisory:
Bugzilla: 2273654
Bugzilla Description:
kernel: vfio/pci: Lock external INTx masking ops
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-27437
Severity: low
Released on: 05/04/2024
Advisory:
Bugzilla: 2273657
Bugzilla Description:
kernel: vfio/pci: Disable auto-enable of exclusive INTx IRQ
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-31852
Severity: moderate
Released on: 05/04/2024
Advisory:
Bugzilla: 2273715
Bugzilla Description:
llvm: LR register can be overwritten without data being saved to the stack on ARM
CVSS Score:
CVSSv3 Score: 4.2
Vector:
CWE: CWE-440
Affected Packages:
Package States: Red Hat Developer Tools,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-2312
Severity: moderate
Released on: 05/04/2024
Advisory:
Bugzilla: 2273912
Bugzilla Description:
grub2: grub-efi crashes upon `exit`
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-1973
Severity: important
Released on: 04/04/2024
Advisory: RHSA-2024:1675, RHSA-2024:1674, RHSA-2024:1677, RHSA-2024:1676,
Bugzilla: 2185662
Bugzilla Description:
undertow: unrestricted request storage leads to memory exhaustion
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-20
Affected Packages: eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el8eap,eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap,eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el9eap,eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el9eap,eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el9eap,eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el7eap,eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el8eap,eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el9eap,eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el9eap,eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el9eap,eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el8eap,eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el9eap,eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el8eap,eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el7eap,eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap,eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el7eap,eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el7eap,eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el8eap,eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el8eap,eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el9eap,eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el8eap,eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el9eap,eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el7eap,eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el8eap,eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el9eap,eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el7eap,eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el8eap,eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el8eap,eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el7eap,eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el7eap,eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el7eap,eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el7eap,eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el8eap,eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el8eap,eap7-lucene-solr-0:5.5.5-6.redhat_2.1.el9eap,eap7-wildfly-0:7.4.16-4.GA_redhat_00002.1.el7eap,eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el8eap,eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el8eap,eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el8eap,eap7-elytron-web-0:1.9.4-1.Final_redhat_00001.1.el7eap,eap7-jboss-server-migration-0:1.10.0-35.Final_redhat_00034.1.el7eap,eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el9eap,eap7-apache-cxf-0:3.4.10-2.redhat_00001.1.el7eap,eap7-jberet-0:1.3.9-3.SP3_redhat_00001.1.el9eap,undertow,eap7-jboss-annotations-api_1.3_spec-0:2.0.1-3.Final_redhat_00001.1.el9eap,eap7-hibernate-0:5.3.36-1.Final_redhat_00001.1.el8eap,eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap,eap7-hal-console-0:3.3.21-1.Final_redhat_00001.1.el9eap,eap7-jboss-remoting-0:5.0.27-4.SP2_redhat_00001.1.el7eap,eap7-insights-java-client-0:1.1.2-1.redhat_00001.1.el7eap,eap7-infinispan-0:11.0.18-2.Final_redhat_00001.1.el7eap,eap7-jboss-xnio-base-0:3.8.12-1.SP2_redhat_00001.1.el9eap,eap7-eclipse-jgit-0:5.13.3.202401111512-1.r_redhat_00001.1.el8eap,eap7-jgroups-kubernetes-0:1.0.17-1.Final_redhat_00001.1.el9eap,eap7-wildfly-elytron-0:1.15.22-1.Final_redhat_00001.1.el9eap,eap7-jboss-cert-helper-0:1.1.2-1.redhat_00001.1.el7eap,eap7-activemq-artemis-0:2.16.0-18.redhat_00052.1.el8eap,
Package States: Red Hat JBoss Enterprise Application Platform 8,
Full Details
CVE document
CVE-2024-26750
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273368
Bugzilla Description:
kernel: af_unix: Drop oob_skb ref before purging queue in GC.
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26809
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273402
Bugzilla Description:
kernel: netfilter: nft_set_pipapo: release elements in clone only from destroy path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26808
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273405
Bugzilla Description:
kernel: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26746
Severity: low
Released on: 04/04/2024
Advisory:
Bugzilla: 2273408
Bugzilla Description:
kernel: dmaengine: idxd: Ensure safe user copy of completion record
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26745
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273410
Bugzilla Description:
kernel: powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26807
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273416
Bugzilla Description:
kernel: spi: cadence-qspi: fix pointer reference in runtime PM hooks
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26806
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273419
Bugzilla Description:
kernel: spi: cadence-qspi: remove system-wide suspend helper calls from runtime PM hooks
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26805
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273421
Bugzilla Description:
kernel: netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26804
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273423
Bugzilla Description:
kernel: net: ip_tunnel: prevent perpetual headroom growth
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26803
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273425
Bugzilla Description:
kernel: net: veth: clear GRO when clearing XDP even when down
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26802
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273427
Bugzilla Description:
kernel: stmmac: Clear variable when destroying workqueue
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26801
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273429
Bugzilla Description:
kernel: Bluetooth: Avoid potential use-after-free in hci_error_reset
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26799
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273432
Bugzilla Description:
kernel: ASoC: qcom: Fix uninitialized pointer dmactl
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26798
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273434
Bugzilla Description:
kernel: fbcon: always restore the old font data in fbcon_do_set_font()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26797
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273436
Bugzilla Description:
kernel: drm/amd/display: Prevent potential buffer overflow in map_hw_resources
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26796
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273438
Bugzilla Description:
kernel: drivers: perf: ctr_get_width function for legacy is not defined
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26795
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273440
Bugzilla Description:
kernel: riscv: Sparse-Memory/vmemmap out-of-bounds fix
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26794
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273442
Bugzilla Description:
kernel: btrfs: fix race between ordered extent completion and fiemap
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26793
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273444
Bugzilla Description:
kernel: gtp: fix use-after-free and null-ptr-deref in gtp_newlink()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26792
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273446
Bugzilla Description:
kernel: btrfs: fix double free of anonymous device after snapshot creation failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26791
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273448
Bugzilla Description:
kernel: btrfs: dev-replace: properly validate device names
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26790
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273451
Bugzilla Description:
kernel: dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26789
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273453
Bugzilla Description:
kernel: crypto: arm64/neonbs - fix out-of-bounds access on short input
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26788
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273455
Bugzilla Description:
kernel: dmaengine: fsl-qdma: init irq after reg initialization
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26787
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273457
Bugzilla Description:
kernel: mmc: mmci: stm32: fix DMA API overlapping mappings warning
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26786
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273459
Bugzilla Description:
kernel: iommufd: Fix iopt_access_list_id overwrite bug
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26785
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273461
Bugzilla Description:
kernel: iommufd: Fix protection fault in iommufd_test_syz_conv_iova
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26784
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273464
Bugzilla Description:
kernel: pmdomain: arm: Fix NULL dereference on scmi_perf_domain removal
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26783
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273466
Bugzilla Description:
kernel: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26782
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273468
Bugzilla Description:
kernel: mptcp: fix double-free on socket dismantle
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26781
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273470
Bugzilla Description:
kernel: mptcp: fix possible deadlock in subflow diag
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26800
Severity: low
Released on: 04/04/2024
Advisory:
Bugzilla: 2273472
Bugzilla Description:
kernel: tls: fix use-after-free on failed backlog decryption
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26780
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273474
Bugzilla Description:
kernel: af_unix: Fix task hung while purging oob_skb in GC.
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-38709
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273491
Bugzilla Description:
httpd: HTTP response splitting
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-20->CWE-113
Affected Packages:
Package States: OpenShift Pipelines,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat JBoss Enterprise Application Platform 6,Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift GitOps,Red Hat OpenStack Platform 16.1,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat Software Collections,
Full Details
CVE document
CVE-2024-24795
Severity: low
Released on: 04/04/2024
Advisory:
Bugzilla: 2273499
Bugzilla Description:
httpd: HTTP Response Splitting in multiple modules
CVSS Score:
CVSSv3 Score: 4.0
Vector:
CWE: CWE-113
Affected Packages:
Package States: OpenShift Pipelines,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat JBoss Enterprise Application Platform 6,Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift GitOps,Red Hat OpenStack Platform 16.1,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat Software Collections,
Full Details
CVE document
CVE-2024-22189
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273513
Bugzilla Description:
quic-go: memory exhaustion attack against QUIC's connection ID mechanism
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Ansible Automation Platform 2,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,
Full Details
CVE document
CVE-2024-30261
Severity: low
Released on: 04/04/2024
Advisory:
Bugzilla: 2273519
Bugzilla Description:
nodejs-undici: fetch() with integrity option is too lax when algorithm is specified but hash value is in incorrect
CVSS Score:
CVSSv3 Score: 2.6
Vector:
CWE: CWE-284
Affected Packages:
Package States: Red Hat OpenShift Dev Spaces,
Full Details
CVE document
CVE-2024-30260
Severity: low
Released on: 04/04/2024
Advisory:
Bugzilla: 2273522
Bugzilla Description:
nodejs-undici: proxy-authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline
CVSS Score:
CVSSv3 Score: 3.9
Vector:
CWE: CWE-285
Affected Packages:
Package States: Red Hat OpenShift Dev Spaces,
Full Details
CVE document
CVE-2024-31207
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273531
Bugzilla Description:
vitejs: "server.fs.deny" configuration does not deny requests that include patterns
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: (CWE-200|CWE-284)
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Build of Keycloak,Red Hat JBoss Enterprise Application Platform 8,
Full Details
CVE document
CVE-2024-2660
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2273634
Bugzilla Description:
Vault: Vault TLS Cert Auth Method Did Not Correctly Validate OCSP Responses
CVSS Score:
CVSSv3 Score: 6.4
Vector:
CWE: CWE-703
Affected Packages:
Package States: Red Hat Openshift Container Storage 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,
Full Details
CVE document
CVE-2024-3447
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2274123
Bugzilla Description:
QEMU: sdhci: heap buffer overflow in sdhci_write_dataport()
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8 Advanced Virtualization,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-3446
Severity: moderate
Released on: 04/04/2024
Advisory:
Bugzilla: 2274211
Bugzilla Description:
QEMU: virtio: DMA reentrancy issue leads to double free vulnerability
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-415
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8 Advanced Virtualization,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-1139
Severity: important
Released on: 03/04/2024
Advisory:
Bugzilla: 2262158
Bugzilla Description:
cluster-monitoring-operator: credentials leak
CVSS Score:
CVSSv3 Score: 7.7
Vector:
CWE: CWE-200
Affected Packages:
Package States: Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2023-45288
Severity: important
Released on: 03/04/2024
Advisory: RHSA-2024:1681, RHSA-2024:1683, RHSA-2024:1679, RHSA-2024:1668,
Bugzilla: 2268273
Bugzilla Description:
golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-400
Affected Packages: openshift4/ose-hyperkube:v4.12.0-202404040933.p1.gbd92d70.assembly.stream.el8,openshift4/ose-hyperkube:v4.13.0-202404040933.p1.g731fb36.assembly.stream.el8,openshift4/ose-hyperkube-rhel9:v4.14.0-202404041112.p0.gec42b99.assembly.stream.el9,openshift4/ose-hyperkube-rhel9:v4.15.0-202404031521.p1.gc1f5b34.assembly.stream.el9,
Package States: cert-manager Operator for Red Hat OpenShift,Cost Management,Cryostat 2,Custom metric autoscaler Operator for Red Hat Openshift,Fence Agents Remediation Operator,Kube Descheduler Operator,Logging Subsystem for Red Hat OpenShift,Logical Volume Manager Storage,Machine Deletion Remediation Operator,Migration Toolkit for Applications 6,Migration Toolkit for Applications 7,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Multicluster Engine for Kubernetes,NBDE Tang Server,Network Observability Operator,Node HealthCheck Operator,Node Maintenance Operator,OpenShift API for Data Protection,OpenShift Developer Tools and Services,OpenShift Pipelines,OpenShift Run Once Duration Override Operator,OpenShift Secondary Scheduler Operator,OpenShift Serverless,OpenShift Service Mesh 2,OpenShift Source-to-Image (S2I) Builder Image,Power monitoring for Red Hat OpenShift,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 3,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 1.2,Red Hat Ansible Automation Platform 2,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 7,Red Hat Certification for Red Hat Enterprise Linux 8,Red Hat Certification for Red Hat Enterprise Linux 9,Red Hat Developer Tools,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform Assisted Installer,Red Hat Openshift Container Storage 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift distributed tracing 2,Red Hat OpenShift GitOps,Red Hat OpenShift on AWS,Red Hat Openshift sandboxed containers,Red Hat OpenShift Virtualization 4,Red Hat OpenStack Platform 16.1,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat Quay 3,Red Hat Service Interconnect 1,Red Hat Software Collections,Red Hat Storage 3,Red Hat Web Terminal,Self Node Remediation Operator,Service Telemetry Framework 1.5 for RHEL 8,
Full Details
CVE document
CVE-2024-27316
Severity: moderate
Released on: 03/04/2024
Advisory: RHSA-2024:1872, RHSA-2024:1786,
Bugzilla: 2268277
Bugzilla Description:
httpd: CONTINUATION frames DoS
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-400
Affected Packages: mod_http2-0:1.15.19-5.el9_3.1,httpd:2.4-8090020240405093943.a75119d5,
Package States: A-MQ Clients 2,Cryostat 2,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Migration Toolkit for Applications 6,Migration Toolkit for Runtimes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,.NET 6.0 on Red Hat Enterprise Linux,OpenShift Developer Tools and Services,OpenShift Serverless,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 3,Red Hat Advanced Cluster Security 4,Red Hat build of Apache Camel 4.0 for Spring Boot,Red Hat build of Apache Camel for Quarkus,Red Hat build of Apache Camel for Spring Boot,Red Hat build of Apache Camel - HawtIO,Red Hat Build of Keycloak,Red Hat build of OptaPlanner 8,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Integration Camel K,Red Hat Integration Camel Quarkus,Red Hat Integration Change Data Capture,Red Hat Integration Service Registry,Red Hat JBoss A-MQ 7,Red Hat JBoss A-MQ Streams,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat JBoss Data Grid 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Fuse 7,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift GitOps,Red Hat Process Automation 7,Red Hat Process Automation 7,Red Hat Service Interconnect 1,Red Hat Single Sign-On 7,Red Hat Software Collections,Red Hat Software Collections,
Full Details
CVE document
CVE-2024-28182
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2268639
Bugzilla Description:
nghttp2: CONTINUATION frames DoS
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-390
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat JBoss Core Services,Red Hat Software Collections,Red Hat Software Collections,
Full Details
CVE document
CVE-2024-2653
Severity: important
Released on: 03/04/2024
Advisory:
Bugzilla: 2269175
Bugzilla Description:
amphp: CONTINUATION frames DoS
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-400
Affected Packages:
Package States:
Full Details
CVE document
CVE-2024-27919
Severity: important
Released on: 03/04/2024
Advisory:
Bugzilla: 2269444
Bugzilla Description:
envoy: CONTINUATION frames which enable DoS
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-400
Affected Packages:
Package States: Custom metric autoscaler Operator for Red Hat Openshift,Logging Subsystem for Red Hat OpenShift,Logical Volume Manager Storage,Migration Toolkit for Applications 6,Migration Toolkit for Containers,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift Serverless,OpenShift Service Mesh 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 7,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Dev Spaces,Red Hat OpenShift distributed tracing 2,Red Hat Openshift sandboxed containers,Red Hat OpenStack Platform 16.2,
Full Details
CVE document
CVE-2024-31309
Severity: important
Released on: 03/04/2024
Advisory:
Bugzilla: 2269627
Bugzilla Description:
trafficserver: CONTINUATION frames DoS
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-400
Affected Packages:
Package States:
Full Details
CVE document
CVE-2024-31080
Severity: important
Released on: 03/04/2024
Advisory: RHSA-2024:1785,
Bugzilla: 2271997
Bugzilla Description:
xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-126
Affected Packages: xorg-x11-server-0:1.20.4-29.el7_9,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-31081
Severity: important
Released on: 03/04/2024
Advisory: RHSA-2024:1785,
Bugzilla: 2271998
Bugzilla Description:
xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-126
Affected Packages: xorg-x11-server-0:1.20.4-29.el7_9,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-31082
Severity: important
Released on: 03/04/2024
Advisory:
Bugzilla: 2271999
Bugzilla Description:
xorg-x11-server: Heap buffer overread/data leakage in ProcAppleDRICreatePixmap
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-126
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-31083
Severity: important
Released on: 03/04/2024
Advisory: RHSA-2024:1785,
Bugzilla: 2272000
Bugzilla Description:
xorg-x11-server: User-after-free in ProcRenderAddGlyphs
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-416
Affected Packages: xorg-x11-server-0:1.20.4-29.el7_9,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-27983
Severity: important
Released on: 03/04/2024
Advisory:
Bugzilla: 2272764
Bugzilla Description:
nodejs: CONTINUATION frames DoS
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-400
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-31419
Severity: low
Released on: 03/04/2024
Advisory:
Bugzilla: 2272948
Bugzilla Description:
cnv: information disclosure through the usage of vm-dump-metrics
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-497
Affected Packages:
Package States: Red Hat OpenShift Virtualization 4,
Full Details
CVE document
CVE-2024-31420
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2272951
Bugzilla Description:
cnv: DoS through repeatedly calling vm-dump-metrics until virt handler crashes
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat OpenShift Virtualization 4,
Full Details
CVE document
CVE-2024-30255
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2272986
Bugzilla Description:
envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-390
Affected Packages:
Package States: Custom metric autoscaler Operator for Red Hat Openshift,Logging Subsystem for Red Hat OpenShift,Logical Volume Manager Storage,Migration Toolkit for Applications 6,Migration Toolkit for Containers,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift Serverless,OpenShift Service Mesh 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 7,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Dev Spaces,Red Hat OpenShift distributed tracing 2,Red Hat Openshift sandboxed containers,Red Hat OpenStack Platform 16.2,
Full Details
CVE document
CVE-2024-26747
Severity: low
Released on: 03/04/2024
Advisory:
Bugzilla: 2273072
Bugzilla Description:
kernel: usb: roles: fix NULL pointer issue when put module's reference
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26749
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273074
Bugzilla Description:
kernel: usb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable()
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26748
Severity: low
Released on: 03/04/2024
Advisory:
Bugzilla: 2273076
Bugzilla Description:
kernel: usb: cdns3: fix memory double free when handle zero packet
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-415
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52639
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273080
Bugzilla Description:
kernel: KVM: s390: vsie: fix race during shadow creation
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52638
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273082
Bugzilla Description:
kernel: can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52637
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273085
Bugzilla Description:
kernel: can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER)
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52641
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273087
Bugzilla Description:
kernel: fs/ntfs3: Add NULL ptr dereference checking at the end of attr_allocate_frame()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52640
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273089
Bugzilla Description:
kernel: fs/ntfs3: Fix oob in ntfs_listxattr
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26694
Severity: low
Released on: 03/04/2024
Advisory:
Bugzilla: 2273092
Bugzilla Description:
kernel: wifi: iwlwifi: fix double-free bug
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-415
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26693
Severity: low
Released on: 03/04/2024
Advisory:
Bugzilla: 2273094
Bugzilla Description:
kernel: wifi: iwlwifi: mvm: fix a crash when we run out of stations
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26692
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273096
Bugzilla Description:
kernel: smb: Fix regression in writes when non-standard maximum write size negotiated
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26691
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273098
Bugzilla Description:
kernel: KVM: arm64: Fix circular locking dependency
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26690
Severity: low
Released on: 03/04/2024
Advisory:
Bugzilla: 2273100
Bugzilla Description:
kernel: net: stmmac: protect updates of 64-bit statistics counters
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26689
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273102
Bugzilla Description:
kernel: ceph: prevent use-after-free in encode_cap_msg()
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26688
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273105
Bugzilla Description:
kernel: fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26687
Severity: low
Released on: 03/04/2024
Advisory:
Bugzilla: 2273107
Bugzilla Description:
kernel: xen/events: close evtchn after mapping cleanup
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26686
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273109
Bugzilla Description:
kernel: fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26685
Severity: low
Released on: 03/04/2024
Advisory:
Bugzilla: 2273111
Bugzilla Description:
kernel: nilfs2: fix potential bug in end_buffer_async_write
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26700
Severity: low
Released on: 03/04/2024
Advisory:
Bugzilla: 2273113
Bugzilla Description:
kernel: drm/amd/display: Fix MST Null Ptr for RV
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26699
Severity: low
Released on: 03/04/2024
Advisory:
Bugzilla: 2273115
Bugzilla Description:
kernel: drm/amd/display: Fix array-index-out-of-bounds in dcn35_clkmgr
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26698
Severity: low
Released on: 03/04/2024
Advisory:
Bugzilla: 2273117
Bugzilla Description:
kernel: hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26697
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273119
Bugzilla Description:
kernel: nilfs2: fix data corruption in dsync block recovery for small block sizes
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26696
Severity: low
Released on: 03/04/2024
Advisory:
Bugzilla: 2273121
Bugzilla Description:
kernel: nilfs2: fix hang in nilfs_lookup_dirty_data_buffers()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1246
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26695
Severity: low
Released on: 03/04/2024
Advisory:
Bugzilla: 2273123
Bugzilla Description:
kernel: crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26727
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273126
Bugzilla Description:
kernel: btrfs: do not ASSERT() if the newly created subvolume already got read
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26726
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273128
Bugzilla Description:
kernel: btrfs: don't drop extent_map for free space inode on write error
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26725
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273130
Bugzilla Description:
kernel: dpll: fix possible deadlock during netlink dump operation
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26724
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273133
Bugzilla Description:
kernel: net/mlx5: DPLL, Fix possible use after free after delayed work timer triggers
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26723
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273135
Bugzilla Description:
kernel: lan966x: Fix crash when adding interface under a lag
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26722
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273137
Bugzilla Description:
kernel: ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26721
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273139
Bugzilla Description:
kernel: drm/i915/dsc: Fix the macro that calculates DSCC_/DSCA_ PPS reg address
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26720
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273141
Bugzilla Description:
kernel: mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26719
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273143
Bugzilla Description:
kernel: nouveau: offload fence uevents work to workqueue
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26718
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273146
Bugzilla Description:
kernel: dm-crypt, dm-verity: disable tasklets
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26717
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273148
Bugzilla Description:
kernel: HID: i2c-hid-of: fix NULL-deref on failed power up
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26716
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273150
Bugzilla Description:
kernel: usb: core: Prevent null pointer dereference in update_port_device_state
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26715
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273152
Bugzilla Description:
kernel: usb: dwc3: gadget: Fix NULL pointer dereference in dwc3_gadget_suspend
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26714
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273154
Bugzilla Description:
kernel: interconnect: qcom: sc8180x: Mark CO0 BCM keepalive
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26713
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273156
Bugzilla Description:
kernel: powerpc/pseries/iommu: Fix iommu initialisation during DLPAR add
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26712
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273158
Bugzilla Description:
kernel: powerpc/kasan: Fix addr error caused by page alignment
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26711
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273160
Bugzilla Description:
kernel: iio: adc: ad4130: zero-initialize clock init data
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26710
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273162
Bugzilla Description:
kernel: powerpc/kasan: Limit KASAN thread size increase to 32KB
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26709
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273164
Bugzilla Description:
kernel: powerpc/iommu: Fix the missing iommu_group_put() during platform domain attach
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26708
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273166
Bugzilla Description:
kernel: mptcp: really cope with fastopen race
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26707
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273168
Bugzilla Description:
kernel: net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26706
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273170
Bugzilla Description:
kernel: parisc: Fix random data corruption from exception handler
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26705
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273172
Bugzilla Description:
kernel: parisc: BTLB: Fix crash when setting up BTLB at CPU bringup
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26704
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273174
Bugzilla Description:
kernel: ext4: fix double-free of blocks due to wrong extents moved_len
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26703
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273176
Bugzilla Description:
kernel: tracing/timerlat: Move hrtimer_init to timerlat_fd open()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26702
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273178
Bugzilla Description:
kernel: iio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26769
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273180
Bugzilla Description:
kernel: nvmet-fc: avoid deadlock on delete association path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26768
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273183
Bugzilla Description:
kernel: LoongArch: Change acpi_core_pic[NR_CPUS] to acpi_core_pic[MAX_CORE_PIC]
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26767
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273185
Bugzilla Description:
kernel: drm/amd/display: fixed integer types and null check locations
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26766
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273187
Bugzilla Description:
kernel: IB/hfi1: Fix sdma.h tx->num_descs off-by-one error
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26765
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273190
Bugzilla Description:
kernel: LoongArch: Disable IRQ before init_fn() for nonboot CPUs
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26764
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273193
Bugzilla Description:
kernel: fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26763
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273196
Bugzilla Description:
kernel: dm-crypt: don't modify the data when using authenticated encryption
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26762
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273198
Bugzilla Description:
kernel: cxl/pci: Skip to handle RAS errors if CXL.mem device is detached
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26761
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273200
Bugzilla Description:
kernel: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26760
Severity: low
Released on: 03/04/2024
Advisory:
Bugzilla: 2273202
Bugzilla Description:
kernel: scsi: target: pscsi: Fix bio_put() for error case
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26759
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273204
Bugzilla Description:
kernel: mm/swap: fix race when skipping swapcache
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26758
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273206
Bugzilla Description:
kernel: md: Don't ignore suspended array in md_check_recovery()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26757
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273208
Bugzilla Description:
kernel: md: Don't ignore read-only array in md_check_recovery()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26756
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273211
Bugzilla Description:
kernel: md: Don't register sync_thread for reshape directly
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26755
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273213
Bugzilla Description:
kernel: md: Don't suspend the array for interrupted reshape
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26754
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273215
Bugzilla Description:
kernel: gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26753
Severity: low
Released on: 03/04/2024
Advisory:
Bugzilla: 2273217
Bugzilla Description:
kernel: crypto: virtio/akcipher - Fix stack overflow on memcpy
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26752
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273219
Bugzilla Description:
kernel: l2tp: pass correct message length to ip6_append_data
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-130
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26751
Severity: low
Released on: 03/04/2024
Advisory:
Bugzilla: 2273221
Bugzilla Description:
kernel: ARM: ep93xx: Add terminator to gpiod_lookup_table
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-606
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26779
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273223
Bugzilla Description:
kernel: wifi: mac80211: fix race condition on enabling fast-xmit
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26778
Severity: low
Released on: 03/04/2024
Advisory:
Bugzilla: 2273225
Bugzilla Description:
kernel: fbdev: savage: Error out if pixclock equals zero
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-369
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26777
Severity: low
Released on: 03/04/2024
Advisory:
Bugzilla: 2273228
Bugzilla Description:
kernel: fbdev: sis: Error out if pixclock equals zero
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-369
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26776
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273230
Bugzilla Description:
kernel: spi: hisi-sfc-v3xx: Return IRQ_NONE if no interrupts were detected
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26775
Severity: low
Released on: 03/04/2024
Advisory:
Bugzilla: 2273232
Bugzilla Description:
kernel: aoe: avoid potential deadlock at set_capacity
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26774
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273234
Bugzilla Description:
kernel: ext4: avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-369
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26773
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273236
Bugzilla Description:
kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-229
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26771
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273238
Bugzilla Description:
kernel: dmaengine: ti: edma: Add some null pointer checks to the edma_probe
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-170
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26770
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273240
Bugzilla Description:
kernel: HID: nvidia-shield: Add missing null pointer checks to LED initialization
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-170
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26772
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273242
Bugzilla Description:
kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-229
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26734
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273244
Bugzilla Description:
kernel: devlink: fix possible use-after-free and memory leaks in devlink_init()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26733
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273247
Bugzilla Description:
kernel: arp: Prevent overflow in arp_req_get().
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26732
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273250
Bugzilla Description:
kernel: net: implement lockless setsockopt(SO_PEEK_OFF)
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26731
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273252
Bugzilla Description:
kernel: bpf, sockmap: Fix NULL pointer dereference in sk_psock_verdict_data_ready()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26730
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273254
Bugzilla Description:
kernel: hwmon: (nct6775) Fix access to temperature configuration registers
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26729
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273256
Bugzilla Description:
kernel: drm/amd/display: Fix potential null pointer dereference in dc_dmub_srv
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26728
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273258
Bugzilla Description:
kernel: drm/amd/display: fix null-pointer dereference on edid reading
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26744
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273260
Bugzilla Description:
kernel: RDMA/srpt: Support specifying the srpt_service_guid parameter
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26743
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273262
Bugzilla Description:
kernel: RDMA/qedr: Fix qedr_create_user_qp error flow
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26742
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273264
Bugzilla Description:
kernel: scsi: smartpqi: Fix disable_managed_interrupts
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26741
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273266
Bugzilla Description:
kernel: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished().
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26740
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273268
Bugzilla Description:
kernel: net/sched: act_mirred: use the backlog for mirred ingress
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26739
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273270
Bugzilla Description:
kernel: net/sched: act_mirred: don't override retval if we already lost the skb
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26738
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273272
Bugzilla Description:
kernel: powerpc/pseries/iommu: DLPAR add doesn't completely initialize pci_controller
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26737
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273274
Bugzilla Description:
kernel: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26736
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273276
Bugzilla Description:
kernel: afs: Increase buffer size in afs_update_volume_status()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26735
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273278
Bugzilla Description:
kernel: ipv6: sr: fix possible use-after-free and null-ptr-deref
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-2700
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2273281
Bugzilla Description:
quarkus-core: Leak of local configuration properties into Quarkus applications
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-526
Affected Packages:
Package States: OpenShift Serverless,Red Hat build of Apache Camel for Quarkus,Red Hat build of Apache Camel - HawtIO,Red Hat Build of Keycloak,Red Hat build of OptaPlanner 8,Red Hat build of Quarkus,Red Hat Integration Camel K,Red Hat Integration Camel Quarkus,Red Hat Integration Service Registry,
Full Details
CVE document
CVE-2024-2758
Severity: important
Released on: 03/04/2024
Advisory:
Bugzilla: 2273367
Bugzilla Description:
Tempesta FW: HTTP/2 CONTINUATION frames can be utilized for DoS attacks
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document
CVE-2024-27982
Severity: moderate
Released on: 03/04/2024
Advisory:
Bugzilla: 2275392
Bugzilla Description:
nodejs: HTTP Request Smuggling via Content Length Obfuscation
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-444
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Software Collections,
Full Details
CVE document
CVE-2023-6236
Severity: moderate
Released on: 02/04/2024
Advisory:
Bugzilla: 2250812
Bugzilla Description:
JBoss EAP: OIDC app attempting to access the second tenant, the user should be prompted to log
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-345
Affected Packages:
Package States: Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document
CVE-2024-1233
Severity: moderate
Released on: 02/04/2024
Advisory:
Bugzilla: 2262849
Bugzilla Description:
JBoss EAP: wildfly-elytron has a SSRF security issue
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE:
Affected Packages:
Package States: Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document
CVE-2024-26657
Severity: low
Released on: 02/04/2024
Advisory:
Bugzilla: 2272687
Bugzilla Description:
kernel: drm/sched: fix null-ptr-deref in init entity
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-29834
Severity: important
Released on: 02/04/2024
Advisory:
Bugzilla: 2272689
Bugzilla Description:
apache-pulsar: improper authorization for namespace and topic management endpoints
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-285
Affected Packages:
Package States: Red Hat build of Apache Camel 4.0 for Spring Boot,Red Hat build of Apache Camel for Spring Boot,Red Hat Integration Camel K,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Fuse 7,
Full Details
CVE document
CVE-2024-26656
Severity: moderate
Released on: 02/04/2024
Advisory:
Bugzilla: 2272692
Bugzilla Description:
kernel: drm/amdgpu: use-after-free vulnerability
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52631
Severity: low
Released on: 02/04/2024
Advisory:
Bugzilla: 2272769
Bugzilla Description:
kernel: fs/ntfs3: NULL pointer dereference issue
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52630
Severity: moderate
Released on: 02/04/2024
Advisory:
Bugzilla: 2272771
Bugzilla Description:
kernel: blk-iocost: UBSAN shift-out-of-bounds warning
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-191
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26666
Severity:
Released on: 02/04/2024
Advisory:
Bugzilla: 2272773
Bugzilla Description:
kernel: wifi: mac80211: fix RCU use in TDLS fast-xmit
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26667
Severity: low
Released on: 02/04/2024
Advisory:
Bugzilla: 2272775
Bugzilla Description:
kernel: drm/msm/dpu: check for valid hw_pp in dpu_encoder_helper_phys_cleanup
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26658
Severity: moderate
Released on: 02/04/2024
Advisory:
Bugzilla: 2272777
Bugzilla Description:
kernel: bcachefs: grab s_umount only if snapshotting
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26659
Severity: moderate
Released on: 02/04/2024
Advisory:
Bugzilla: 2272780
Bugzilla Description:
kernel: xhci: handle isoc Babble and Buffer Overrun events properly
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-119
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26660
Severity: moderate
Released on: 02/04/2024
Advisory:
Bugzilla: 2272782
Bugzilla Description:
kernel: drm/amd/display: Implement bounds check for stream encoder creation in DCN301
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26661
Severity: low
Released on: 02/04/2024
Advisory:
Bugzilla: 2272784
Bugzilla Description:
kernel: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()'
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26662
Severity: low
Released on: 02/04/2024
Advisory:
Bugzilla: 2272786
Bugzilla Description:
kernel: drm/amd/display: 'panel_cntl' could be null in 'dcn21_set_backlight_level()'
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26663
Severity: low
Released on: 02/04/2024
Advisory:
Bugzilla: 2272788
Bugzilla Description:
kernel: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26664
Severity: moderate
Released on: 02/04/2024
Advisory:
Bugzilla: 2272791
Bugzilla Description:
kernel: hwmon: (coretemp) Fix out-of-bounds memory access
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26665
Severity: moderate
Released on: 02/04/2024
Advisory:
Bugzilla: 2272793
Bugzilla Description:
kernel: tunnels: fix out of bounds access when building IPv6 PMTU error
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26669
Severity: moderate
Released on: 02/04/2024
Advisory:
Bugzilla: 2272795
Bugzilla Description:
kernel: net/sched: flower: Fix chain template offload
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26668
Severity: low
Released on: 02/04/2024
Advisory:
Bugzilla: 2272797
Bugzilla Description:
kernel: netfilter: nft_limit: reject configurations that cause integer overflow
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26670
Severity: moderate
Released on: 02/04/2024
Advisory:
Bugzilla: 2272800
Bugzilla Description:
kernel: arm64: entry: fix ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-1300
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52633
Severity: low
Released on: 02/04/2024
Advisory:
Bugzilla: 2272802
Bugzilla Description:
kernel: um: time-travel: fix time corruption
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52632
Severity: low
Released on: 02/04/2024
Advisory:
Bugzilla: 2272804
Bugzilla Description:
kernel: drm/amdkfd: lock dependency warning with srcu
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-667
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52634
Severity: low
Released on: 02/04/2024
Advisory:
Bugzilla: 2272806
Bugzilla Description:
kernel: drm/amd/display: Fix disable_otg_wa logic
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52635
Severity: moderate
Released on: 02/04/2024
Advisory:
Bugzilla: 2272808
Bugzilla Description:
kernel: PM / devfreq: Synchronize devfreq_monitor_[start/stop]
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-414
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26671
Severity: moderate
Released on: 02/04/2024
Advisory:
Bugzilla: 2272811
Bugzilla Description:
kernel: blk-mq: fix IO hang from sbitmap wakeup race
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26672
Severity: low
Released on: 02/04/2024
Advisory:
Bugzilla: 2272814
Bugzilla Description:
kernel: drm/amdgpu: variable 'mca_funcs' dereferenced before NULL check in 'amdgpu_mca_smu_get_mca_entry()'
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26673
Severity: moderate
Released on: 02/04/2024
Advisory:
Bugzilla: 2272816
Bugzilla Description:
kernel: netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26674
Severity: low
Released on: 02/04/2024
Advisory:
Bugzilla: 2272818
Bugzilla Description:
kernel: x86/lib: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52636
Severity: low
Released on: 02/04/2024
Advisory:
Bugzilla: 2272820
Bugzilla Description:
kernel: libceph: just wait for more data to be available on the socket
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26683
Severity: moderate
Released on: 02/04/2024
Advisory:
Bugzilla: 2272822
Bugzilla Description:
kernel: wifi: cfg80211: detect stuck ECSA element in probe resp
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26684
Severity: low
Released on: 02/04/2024
Advisory:
Bugzilla: 2272824
Bugzilla Description:
kernel: net: stmmac: xgmac: fix handling of DPP safety error for DMA channels
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26675
Severity: low
Released on: 02/04/2024
Advisory:
Bugzilla: 2272829
Bugzilla Description:
kernel: ppp_async: limit MRU to 64K
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26676
Severity: low
Released on: 02/04/2024
Advisory:
Bugzilla: 2272832
Bugzilla Description:
kernel: af_unix: Call kfree_skb() for dead unix_(sk)->oob_skb in GC
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26677
Severity:
Released on: 02/04/2024
Advisory:
Bugzilla: 2272834
Bugzilla Description:
kernel: rxrpc: Fix delayed ACKs to not set the reference serial number
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26678
Severity: low
Released on: 02/04/2024
Advisory:
Bugzilla: 2272836
Bugzilla Description:
kernel: x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26679
Severity: low
Released on: 02/04/2024
Advisory:
Bugzilla: 2272839
Bugzilla Description:
kernel: inet: read sk->sk_family once in inet_recv_error()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26680
Severity: low
Released on: 02/04/2024
Advisory:
Bugzilla: 2272842
Bugzilla Description:
kernel: net: atlantic: Fix DMA mapping for PTP hwts ring
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26681
Severity: low
Released on: 02/04/2024
Advisory:
Bugzilla: 2272844
Bugzilla Description:
kernel: netdevsim: avoid potential loop in nsim_dev_trap_report_work()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-606
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26682
Severity: moderate
Released on: 02/04/2024
Advisory:
Bugzilla: 2272846
Bugzilla Description:
kernel: wifi: mac80211: improve CSA/ECSA connection refusal
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-3205
Severity: moderate
Released on: 02/04/2024
Advisory:
Bugzilla: 2272889
Bugzilla Description:
libyaml: Heap-Based Buffer Overflow
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26653
Severity: moderate
Released on: 01/04/2024
Advisory:
Bugzilla: 2272444
Bugzilla Description:
kernel: usb: misc: ljca: Fix double free in error handling path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-415
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26654
Severity: moderate
Released on: 01/04/2024
Advisory:
Bugzilla: 2272446
Bugzilla Description:
kernel: ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26655
Severity: moderate
Released on: 01/04/2024
Advisory:
Bugzilla: 2272530
Bugzilla Description:
kernel: posix-clock: memory leak in posix_clock_open()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-28219
Severity: moderate
Released on: 01/04/2024
Advisory:
Bugzilla: 2272563
Bugzilla Description:
python-pillow: buffer overflow in _imagingcms.c
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-120
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Quay 3,Red Hat Satellite 6,
Full Details
CVE document
CVE-2024-28960
Severity: moderate
Released on: 29/03/2024
Advisory:
Bugzilla: 2272172
Bugzilla Description:
mbedtls: Insecure handling of shared memory in PSA Crypto APIs
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-653
Affected Packages:
Package States:
Full Details
CVE document
CVE-2024-23449
Severity: moderate
Released on: 29/03/2024
Advisory:
Bugzilla: 2272190
Bugzilla Description:
elasticsearch: uncaught exception leads to crash
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-248
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Red Hat OpenStack Platform 16.1,Red Hat OpenStack Platform 16.2,Red Hat Quay 3,
Full Details
CVE document
CVE-2023-52629
Severity: moderate
Released on: 29/03/2024
Advisory:
Bugzilla: 2272204
Bugzilla Description:
kernel: sh: push-switch: Reorder cleanup operations to avoid use-after-free bug
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-3094
Severity: critical
Released on: 29/03/2024
Advisory:
Bugzilla: 2272210
Bugzilla Description:
xz: malicious code in distributed source
CVSS Score:
CVSSv3 Score: 10.0
Vector:
CWE: CWE-506
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat JBoss Enterprise Application Platform 8,
Full Details
CVE document
CVE-2024-29893
Severity: moderate
Released on: 29/03/2024
Advisory: RHSA-2024:1697, RHSA-2024:1752, RHSA-2024:1753, RHSA-2024:1700,
Bugzilla: 2272211
Bugzilla Description:
argo-cd: uncontrolled memory allocation vulnerability
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-400
Affected Packages: openshift-gitops-1/gitops-operator-bundle:v1.12.1-1,openshift-gitops-1/gitops-rhel8:v1.11.3-2,openshift-gitops-1/argo-rollouts-rhel8:v1.12.1-1,openshift-gitops-1/gitops-rhel8-operator:v1.10.4-1,openshift-gitops-1/must-gather-rhel8:v1.12.1-1,openshift-gitops-1/argocd-rhel8:v1.11.3-2,openshift-gitops-1/dex-rhel8:v1.10.4-1,openshift-gitops-1/console-plugin-rhel8:v1.11.3-2,openshift-gitops-1/dex-rhel8:v1.12.1-1,openshift-gitops-1/gitops-operator-bundle:v1.11.3-2,openshift-gitops-1/must-gather-rhel8:v1.11.3-2,openshift-gitops-1/kam-delivery-rhel8:v1.12.1-1,openshift-gitops-1/gitops-rhel8:v1.12.1-1,openshift-gitops-argocd-cli-0:1.12.1-5.el8,openshift-gitops-1/gitops-rhel8-operator:v1.11.3-2,openshift-gitops-1/kam-delivery-rhel8:v1.11.3-2,openshift-gitops-1/console-plugin-rhel8:v1.10.4-1,openshift-gitops-1/dex-rhel8:v1.11.3-2,openshift-gitops-1/console-plugin-rhel8:v1.12.1-1,openshift-gitops-1/gitops-operator-bundle:v1.10.4-1,openshift-gitops-1/argocd-rhel8:v1.12.1-1,openshift-gitops-1/argo-rollouts-rhel8:v1.10.4-1,openshift-gitops-1/must-gather-rhel8:v1.10.4-1,openshift-gitops-1/argo-rollouts-rhel8:v1.11.3-2,openshift-gitops-argocd-cli-0:1.12.1-4.el9,microshift-gitops-0:1.12.1-4.el9,openshift-gitops-1/gitops-rhel8-operator:v1.12.1-1,openshift-gitops-1/kam-delivery-rhel8:v1.10.4-1,openshift-gitops-1/gitops-rhel8:v1.10.4-1,openshift-gitops-argocd-rhel9-container-v1.12.1-2,openshift-gitops-1/argocd-rhel8:v1.10.4-1,
Package States: Red Hat Openshift Data Foundation 4,
Full Details
CVE document
CVE-2023-52628
Severity: moderate
Released on: 28/03/2024
Advisory:
Bugzilla: 2272041
Bugzilla Description:
kernel: netfilter: nftables: exthdr: fix 4-byte stack OOB write
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-2466
Severity: moderate
Released on: 27/03/2024
Advisory:
Bugzilla: 2270497
Bugzilla Description:
curl: TLS certificate check bypass with mbedTLS
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-297
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat Software Collections,
Full Details
CVE document
CVE-2024-2398
Severity: moderate
Released on: 27/03/2024
Advisory:
Bugzilla: 2270498
Bugzilla Description:
curl: HTTP/2 push headers memory-leak
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat Software Collections,
Full Details
CVE document
CVE-2024-2379
Severity: low
Released on: 27/03/2024
Advisory:
Bugzilla: 2270499
Bugzilla Description:
curl: QUIC certificate check bypass with wolfSSL
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-295
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat Software Collections,
Full Details
CVE document
CVE-2024-2004
Severity: low
Released on: 27/03/2024
Advisory:
Bugzilla: 2270500
Bugzilla Description:
curl: Usage of disabled protocol
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-115
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat Software Collections,
Full Details
CVE document
CVE-2024-2947
Severity: moderate
Released on: 27/03/2024
Advisory:
Bugzilla: 2271614
Bugzilla Description:
cockpit: command injection when deleting a sosreport with a crafted name
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-77
Affected Packages:
Package States: Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26651
Severity: moderate
Released on: 27/03/2024
Advisory:
Bugzilla: 2271873
Bugzilla Description:
kernel: sr9800: Add check for usbnet_get_endpoints
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26652
Severity: moderate
Released on: 27/03/2024
Advisory:
Bugzilla: 2271875
Bugzilla Description:
kernel: net: pds_core: Fix possible double free in error handling path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-415
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-3019
Severity: important
Released on: 27/03/2024
Advisory:
Bugzilla: 2271898
Bugzilla Description:
pcp: exposure of the redis server backend allows remote command execution via pmproxy
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-668
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-23451
Severity: moderate
Released on: 27/03/2024
Advisory:
Bugzilla: 2271929
Bugzilla Description:
elasticsearch: Incorrect authorization issue in Remote Cluster Security
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-863
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Red Hat OpenStack Platform 16.1,Red Hat OpenStack Platform 16.2,Red Hat Quay 3,
Full Details
CVE document
CVE-2024-23450
Severity: moderate
Released on: 27/03/2024
Advisory:
Bugzilla: 2271933
Bugzilla Description:
elasticsearch: Possible denial of service when processing documents in a deeply nested pipeline
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE: CWE-400
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Red Hat OpenStack Platform 16.1,Red Hat OpenStack Platform 16.2,Red Hat Quay 3,
Full Details
CVE document
CVE-2024-28085
Severity: important
Released on: 27/03/2024
Advisory:
Bugzilla: 2271942
Bugzilla Description:
util-linux: CVE-2024-28085: wall: escape sequence injection
CVSS Score:
CVSSv3 Score: 8.4
Vector:
CWE: CWE-268
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26644
Severity: moderate
Released on: 26/03/2024
Advisory:
Bugzilla: 2271644
Bugzilla Description:
kernel: btrfs: don't abort filesystem when attempting to snapshot deleted subvolume
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26645
Severity: moderate
Released on: 26/03/2024
Advisory:
Bugzilla: 2271648
Bugzilla Description:
kernel: tracing: Ensure visibility when inserting an element into tracing_map
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52627
Severity: moderate
Released on: 26/03/2024
Advisory:
Bugzilla: 2271678
Bugzilla Description:
kernel: iio: adc: ad7091r: Allow users to configure device events
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52626
Severity: moderate
Released on: 26/03/2024
Advisory:
Bugzilla: 2271680
Bugzilla Description:
kernel: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52625
Severity: low
Released on: 26/03/2024
Advisory:
Bugzilla: 2271682
Bugzilla Description:
kernel: drm/amd/display: Refactor DMCUB enter/exit idle interface
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52624
Severity: low
Released on: 26/03/2024
Advisory:
Bugzilla: 2271684
Bugzilla Description:
kernel: drm/amd/display: Wake DMCUB before executing GPINT commands
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52623
Severity: low
Released on: 26/03/2024
Advisory:
Bugzilla: 2271686
Bugzilla Description:
kernel: SUNRPC: Fix a suspicious RCU usage warning
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52622
Severity: moderate
Released on: 26/03/2024
Advisory:
Bugzilla: 2271688
Bugzilla Description:
kernel: ext4: avoid online resizing failures due to oversized flex bg
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52621
Severity: moderate
Released on: 26/03/2024
Advisory:
Bugzilla: 2271690
Bugzilla Description:
kernel: bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-2955
Severity: moderate
Released on: 26/03/2024
Advisory:
Bugzilla: 2271741
Bugzilla Description:
wireshark: T.38 dissector crash
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-762
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26646
Severity: low
Released on: 26/03/2024
Advisory:
Bugzilla: 2271788
Bugzilla Description:
kernel: thermal: intel: hfi: Add syscore callbacks for system-wide PM
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26647
Severity: low
Released on: 26/03/2024
Advisory:
Bugzilla: 2271790
Bugzilla Description:
kernel: drm/amd/display: Fix late dereference 'dsc' check in 'link_set_dsc_pps_packet()'
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26650
Severity: low
Released on: 26/03/2024
Advisory:
Bugzilla: 2271795
Bugzilla Description:
kernel: p2sb_bar() calls during PCI device probe
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26649
Severity: moderate
Released on: 26/03/2024
Advisory:
Bugzilla: 2271796
Bugzilla Description:
kernel: null pointer when load rlc firmware
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26648
Severity: low
Released on: 26/03/2024
Advisory:
Bugzilla: 2271797
Bugzilla Description:
kernel: NULL check in edp_setup_replay()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-1313
Severity: moderate
Released on: 26/03/2024
Advisory:
Bugzilla: 2271903
Bugzilla Description:
grafana: vulnerable to authorization bypass
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-639
Affected Packages:
Package States: Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Storage 3,
Full Details
CVE document
CVE-2024-2971
Severity: low
Released on: 26/03/2024
Advisory:
Bugzilla: 2271911
Bugzilla Description:
xpdf: negative object number in an indirect reference in a PDF file can cause an out-of-bounds array write
CVSS Score:
CVSSv3 Score: 2.9
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2021-47168
Severity: moderate
Released on: 25/03/2024
Advisory:
Bugzilla: 2271432
Bugzilla Description:
kernel: NFS: fix an incorrect limit in filelayout_decode_layout()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47167
Severity: moderate
Released on: 25/03/2024
Advisory:
Bugzilla: 2271433
Bugzilla Description:
kernel: NFS: Fix an Oopsable condition in __nfs_pageio_add_request()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47166
Severity: moderate
Released on: 25/03/2024
Advisory:
Bugzilla: 2271443
Bugzilla Description:
kernel: NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47165
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271448
Bugzilla Description:
kernel: drm/meson: fix shutdown crash when component not probed
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47164
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271451
Bugzilla Description:
kernel: net/mlx5e: Fix null deref accessing lag dev
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47163
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271452
Bugzilla Description:
kernel: tipc: wait and exit until all work queues are done
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47162
Severity: moderate
Released on: 25/03/2024
Advisory:
Bugzilla: 2271455
Bugzilla Description:
kernel: tipc: skb_linearize the head skb when reassembling msgs
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47180
Severity: moderate
Released on: 25/03/2024
Advisory:
Bugzilla: 2271458
Bugzilla Description:
kernel: NFC: nci: fix memory leak in nci_allocate_device
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47179
Severity: moderate
Released on: 25/03/2024
Advisory:
Bugzilla: 2271459
Bugzilla Description:
kernel: NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47161
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271460
Bugzilla Description:
kernel: spi: spi-fsl-dspi: Fix a resource leak in an error handling path
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47178
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271461
Bugzilla Description:
kernel: scsi: target: core: Avoid smp_processor_id() in preemptible code
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47177
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271462
Bugzilla Description:
kernel: iommu/vt-d: Fix sysfs leak in alloc_iommu()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-460
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47176
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271463
Bugzilla Description:
kernel: s390/dasd: add missing discipline function
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47175
Severity: moderate
Released on: 25/03/2024
Advisory:
Bugzilla: 2271465
Bugzilla Description:
kernel: net/sched: fq_pie: fix OOB access in the traffic path
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47174
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271466
Bugzilla Description:
kernel: netfilter: nft_set_pipapo_avx2: Add irq_fpu_usable() check, fallback to non-AVX2 version
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47173
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271467
Bugzilla Description:
kernel: misc/uss720: fix memory leak in uss720_probe
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47172
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271468
Bugzilla Description:
kernel: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47171
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271469
Bugzilla Description:
kernel: net: usb: fix memory leak in smsc75xx_bind
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47170
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271470
Bugzilla Description:
kernel: USB: usbfs: Don't WARN about excessively large memory allocations
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47169
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271471
Bugzilla Description:
kernel: serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait'
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47160
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271472
Bugzilla Description:
kernel: net: dsa: mt7530: fix VLAN traffic leaks
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47159
Severity: moderate
Released on: 25/03/2024
Advisory:
Bugzilla: 2271473
Bugzilla Description:
kernel: net: dsa: fix a crash if ->get_sset_count() fails
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-704
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47158
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271474
Bugzilla Description:
kernel: net: dsa: sja1105: add error handling in sja1105_setup()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47152
Severity: moderate
Released on: 25/03/2024
Advisory:
Bugzilla: 2271475
Bugzilla Description:
kernel: mptcp: fix data stream corruption
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47153
Severity: moderate
Released on: 25/03/2024
Advisory:
Bugzilla: 2271476
Bugzilla Description:
kernel: i2c: i801: Don't generate an interrupt on bus reset
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47145
Severity: moderate
Released on: 25/03/2024
Advisory:
Bugzilla: 2271477
Bugzilla Description:
kernel: btrfs: do not BUG_ON in link_to_fixup_dir
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-460
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47144
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271478
Bugzilla Description:
kernel: drm/amd/amdgpu: fix refcount leak
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47143
Severity: moderate
Released on: 25/03/2024
Advisory:
Bugzilla: 2271479
Bugzilla Description:
kernel: net/smc: remove device from smcd_dev_list after failed device_add()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-455
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47142
Severity: moderate
Released on: 25/03/2024
Advisory:
Bugzilla: 2271480
Bugzilla Description:
kernel: drm/amdgpu: Fix a use-after-free
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47141
Severity: moderate
Released on: 25/03/2024
Advisory:
Bugzilla: 2271481
Bugzilla Description:
kernel: gve: Add NULL pointer checks when freeing irqs.
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47140
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271482
Bugzilla Description:
kernel: iommu/amd: Clear DMA ops when switching domain
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47139
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271483
Bugzilla Description:
kernel: net: hns3: put off calling register_netdev() until client initialize complete
CVSS Score:
CVSSv3 Score: 4.1
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47138
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271484
Bugzilla Description:
kernel: cxgb4: avoid accessing registers when clearing filters
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47151
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271485
Bugzilla Description:
kernel: interconnect: qcom: bcm-voter: add a missing of_node_put()
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47150
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271487
Bugzilla Description:
kernel: net: fec: fix the potential memory leak in fec_enet_init()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47149
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271488
Bugzilla Description:
kernel: net: fujitsu: fix potential null-ptr-deref
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47148
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271495
Bugzilla Description:
kernel: octeontx2-pf: fix a buffer overflow in otx2_set_rxfh_context()
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-119
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47147
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271496
Bugzilla Description:
kernel: ptp: ocp: Fix a resource leak in an error handling path
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47146
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271497
Bugzilla Description:
kernel: mld: fix panic in mld_newpack()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47136
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271498
Bugzilla Description:
kernel: net: zero-initialize tc skb extension on allocation
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47137
Severity: low
Released on: 25/03/2024
Advisory:
Bugzilla: 2271499
Bugzilla Description:
kernel: net: lantiq: fix memory corruption in RX ring
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-29025
Severity: moderate
Released on: 25/03/2024
Advisory:
Bugzilla: 2272907
Bugzilla Description:
netty-codec-http: Allocation of Resources Without Limits or Throttling
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-770
Affected Packages:
Package States: AMQ Clients,A-MQ Clients 2,Cryostat 2,Logging Subsystem for Red Hat OpenShift,Migration Toolkit for Applications 6,Migration Toolkit for Runtimes,OpenShift Serverless,Red Hat build of Apache Camel 4.0 for Spring Boot,Red Hat build of Apache Camel for Quarkus,Red Hat build of Apache Camel for Spring Boot,Red Hat build of Apache Camel - HawtIO,Red Hat Build of Keycloak,Red Hat build of OptaPlanner 8,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Integration Camel K,Red Hat Integration Camel Quarkus,Red Hat Integration Change Data Capture,Red Hat Integration Service Registry,Red Hat JBoss A-MQ 7,Red Hat JBoss A-MQ Streams,Red Hat JBoss Data Grid 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Fuse 7,Red Hat Process Automation 7,Red Hat Single Sign-On 7,Red Hat support for Spring Boot,
Full Details
CVE document
CVE-2024-30156
Severity: important
Released on: 24/03/2024
Advisory: RHSA-2024:1691, RHSA-2024:1690, RHSA-2024:1689,
Bugzilla: 2271486
Bugzilla Description:
varnish: HTTP/2 Broken Window Attack may result in denial of service
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-400
Affected Packages: rh-varnish6-varnish-modules-0:0.15.0-8.el7,varnish-0:6.6.2-4.el9_3.1,rh-varnish6-varnish-0:6.0.13-1.el7,varnish:6-8090020240328195416.a75119d5,
Package States: Red Hat Enterprise Linux 9,Red Hat Software Collections,
Full Details
CVE document
CVE-2024-30161
Severity: moderate
Released on: 24/03/2024
Advisory:
Bugzilla: 2271518
Bugzilla Description:
qt6: wasm component may access QNetworkReply header improperly
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2024-29059
Severity: moderate
Released on: 23/03/2024
Advisory:
Bugzilla: 2271385
Bugzilla Description:
dotnet: .NET Framework Information Disclosure Vulnerability
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-200
Affected Packages:
Package States: .NET 6.0 on Red Hat Enterprise Linux,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-29944
Severity: critical
Released on: 22/03/2024
Advisory: RHSA-2024:1491, RHSA-2024:1490, RHSA-2024:1484, RHSA-2024:1483, RHSA-2024:1486, RHSA-2024:1485, RHSA-2024:1488, RHSA-2024:1487, RHSA-2024:1489,
Bugzilla: 2271064
Bugzilla Description:
Mozilla: Privileged JavaScript Execution via Event Handlers
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-94
Affected Packages: firefox-0:115.9.1-1.el8_2,firefox-0:115.9.1-1.el9_2,firefox-0:115.9.1-1.el9_0,firefox-0:115.9.1-1.el7_9,firefox-0:115.9.1-1.el8_8,firefox-0:115.9.1-1.el8_9,firefox-0:115.9.1-1.el8_6,firefox-0:115.9.1-1.el8_4,firefox-0:115.9.1-1.el9_3,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-29943
Severity: critical
Released on: 22/03/2024
Advisory:
Bugzilla: 2271107
Bugzilla Description:
Mozilla: Out-of-bounds access via Range Analysis bypass
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: (CWE-125|CWE-787)
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-2824
Severity: moderate
Released on: 22/03/2024
Advisory:
Bugzilla: 2271380
Bugzilla Description:
jhead: heap buffer overflow in PrintFormatNumber() can lead to segmentation fault
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-122
Affected Packages:
Package States:
Full Details
CVE document
CVE-2024-28835
Severity: moderate
Released on: 21/03/2024
Advisory: RHSA-2024:1879,
Bugzilla: 2269084
Bugzilla Description:
gnutls: potential crash during chain building/verification
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-248
Affected Packages: gnutls-0:3.7.6-23.el9_3.4,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2024-28834
Severity: moderate
Released on: 21/03/2024
Advisory: RHSA-2024:1879, RHSA-2024:1784,
Bugzilla: 2269228
Bugzilla Description:
gnutls: vulnerable to Minerva side-channel information leak
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-200
Affected Packages: gnutls-0:3.6.16-8.el8_9.3,gnutls-0:3.7.6-23.el9_3.4,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document
CVE-2024-2494
Severity: moderate
Released on: 21/03/2024
Advisory:
Bugzilla: 2270115
Bugzilla Description:
libvirt: negative g_new0 length can lead to unbounded memory allocation
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-789
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8 Advanced Virtualization,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-27281
Severity: moderate
Released on: 21/03/2024
Advisory:
Bugzilla: 2270749
Bugzilla Description:
ruby: RCE vulnerability with .rdoc_options in RDoc
CVSS Score:
CVSSv3 Score: 4.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat OpenStack Platform 16.1,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat Satellite 6,
Full Details
CVE document
CVE-2024-27280
Severity: moderate
Released on: 21/03/2024
Advisory:
Bugzilla: 2270750
Bugzilla Description:
ruby: Buffer overread vulnerability in StringIO
CVSS Score:
CVSSv3 Score: 3.1
Vector:
CWE:
Affected Packages:
Package States: Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat Satellite 6,
Full Details
CVE document
CVE-2024-29374
Severity: moderate
Released on: 21/03/2024
Advisory:
Bugzilla: 2270860
Bugzilla Description:
moodle: A Cross-Site Scripting (XSS) vulnerability in "?lang" parameter
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-80
Affected Packages:
Package States:
Full Details
CVE document
CVE-2024-29180
Severity: important
Released on: 21/03/2024
Advisory:
Bugzilla: 2270863
Bugzilla Description:
webpack-dev-middleware: lack of URL validation may lead to file leak
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-22
Affected Packages:
Package States: Cryostat 2,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Migration Toolkit for Applications 6,Migration Toolkit for Applications 6,Migration Toolkit for Applications 7,Migration Toolkit for Applications 7,Migration Toolkit for Containers,Migration Toolkit for Runtimes,Migration Toolkit for Virtualization,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Network Observability Operator,Node HealthCheck Operator,OpenShift Pipelines,OpenShift Serverless,OpenShift Service Mesh 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 3,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO,Red Hat build of OptaPlanner 8,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Discovery,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Integration Camel K,Red Hat Integration Service Registry,Red Hat JBoss Fuse 7,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift distributed tracing 2,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Process Automation 7,Red Hat Quay 3,
Full Details
CVE document
CVE-2024-26643
Severity: moderate
Released on: 21/03/2024
Advisory:
Bugzilla: 2270879
Bugzilla Description:
kernel: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26642
Severity: moderate
Released on: 21/03/2024
Advisory:
Bugzilla: 2270881
Bugzilla Description:
kernel: netfilter: nf_tables: disallow anonymous set with timeout flag
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52620
Severity: moderate
Released on: 21/03/2024
Advisory:
Bugzilla: 2270883
Bugzilla Description:
kernel: netfilter: nf_tables: disallow timeout for anonymous sets
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-1394
Severity: important
Released on: 20/03/2024
Advisory: RHSA-2024:1462, RHSA-2024:1561, RHSA-2024:1472, RHSA-2024:1640, RHSA-2024:1574, RHSA-2024:1563, RHSA-2024:1468, RHSA-2024:1644, RHSA-2024:1501, RHSA-2024:1567, RHSA-2024:1566, RHSA-2024:1646, RHSA-2024:1502,
Bugzilla: 2262921
Bugzilla Description:
golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-401
Affected Packages: podman-3:4.4.1-21.1.rhaos4.15.el9,go-toolset:rhel8-8090020240313170136.26eb71ac,openshift-clients-0:4.14.0-202403261640.p0.gf7b14a9.assembly.stream.el9,grafana-pcp-0:5.1.1-2.el9_3,ignition-0:2.16.2-2.1.rhaos4.14.el9,containernetworking-plugins-1:1.4.0-1.2.rhaos4.14.el8,grafana-pcp-0:5.1.1-2.el8_9,runc-4:1.1.12-1.1.rhaos4.15.el9,microshift-0:4.14.19-202403280926.p0.gc1f8861.assembly.4.14.19.el9,podman-3:4.4.1-11.3.rhaos4.14.el9,cri-tools-0:1.27.0-3.1.el9,butane-0:0.19.0-1.3.rhaos4.14.el8,microshift-0:4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9,ose-aws-ecr-image-credential-provider-0:4.15.0-202403211549.p0.g2e3cca1.assembly.stream.el9,ignition-0:2.14.0-7.1.rhaos4.12.el8,receptor-0:1.4.5-1.el8ap,butane-0:0.16.0-2.2.rhaos4.12.el8,receptor-0:1.4.5-1.el9ap,butane-0:0.20.0-1.1.rhaos4.15.el8,go-toolset-1.19-golang-0:1.19.13-6.el7_9,skopeo-2:1.11.2-21.2.rhaos4.15.el9,openshift-clients-0:4.15.0-202403211240.p0.g62c4d45.assembly.stream.el8,ose-aws-ecr-image-credential-provider-0:4.14.0-202403251040.p0.g607e2dd.assembly.stream.el8,buildah-1:1.29.1-20.3.rhaos4.15.el9,cri-tools-0:1.28.0-3.1.el8,grafana-0:9.2.10-8.el8_9,containernetworking-plugins-1:1.4.0-1.1.rhaos4.12.el8,podman-3:4.2.0-7.2.rhaos4.12.el9,containernetworking-plugins-1:1.4.0-1.2.rhaos4.15.el8,cri-o-0:1.28.4-8.rhaos4.15.git24f50b9.el9,cri-tools-0:1.25.0-2.2.el9,runc-3:1.1.6-5.2.rhaos4.12.el8,skopeo-2:1.11.2-10.3.rhaos4.14.el9,ignition-0:2.16.2-2.1.rhaos4.15.el9,buildah-1:1.23.4-5.2.rhaos4.12.el8,openshift-clients-0:4.12.0-202403251017.p0.gd4c9e3c.assembly.stream.el9,golang-0:1.20.12-2.el9_3,skopeo-2:1.9.4-3.2.rhaos4.12.el8,cri-o-0:1.25.5-13.1.rhaos4.12.git76343da.el8,cri-o-0:1.27.4-6.1.rhaos4.14.gitd09e4c0.el9,grafana-0:9.2.10-8.el9_3,
Package States: NBDE Tang Server,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Pipelines,OpenShift Serverless,Red Hat Ansible Automation Platform 1.2,Red Hat Ansible Automation Platform 1.2,Red Hat Ansible Automation Platform 2,Red Hat Certification for Red Hat Enterprise Linux 8,Red Hat Certification for Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift GitOps,Red Hat OpenShift on AWS,Red Hat OpenShift Virtualization 4,Red Hat OpenStack Platform 16.1,Red Hat OpenStack Platform 16.1,Red Hat OpenStack Platform 16.1,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat Service Interconnect 1,Red Hat Service Interconnect 1,Red Hat Service Interconnect 1,Red Hat Software Collections,Red Hat Storage 3,
Full Details
CVE document
CVE-2024-2243
Severity: moderate
Released on: 20/03/2024
Advisory:
Bugzilla: 2267336
Bugzilla Description:
csmock: command injection vulnerability in csmock-plugin-snyk
CVSS Score:
CVSSv3 Score: 7.6
Vector:
CWE: CWE-78
Affected Packages:
Package States:
Full Details
CVE document
CVE-2023-46839
Severity: moderate
Released on: 20/03/2024
Advisory:
Bugzilla: 2270533
Bugzilla Description:
xen: phantom functions assigned to incorrect contexts
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document
CVE-2023-50967
Severity: moderate
Released on: 20/03/2024
Advisory:
Bugzilla: 2270538
Bugzilla Description:
jose: Denial of service due to uncontrolled CPU consumption
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-400
Affected Packages:
Package States: Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,OpenShift Serverless,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Developer Hub,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,
Full Details
CVE document
CVE-2024-29018
Severity: moderate
Released on: 20/03/2024
Advisory:
Bugzilla: 2270591
Bugzilla Description:
moby: external DNS requests from 'internal' networks could lead to data exfiltration
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-669
Affected Packages:
Package States: cert-manager Operator for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Migration Toolkit for Applications 6,Migration Toolkit for Applications 6,Migration Toolkit for Containers,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift Developer Tools and Services,OpenShift Serverless,OpenShift Serverless,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Source-to-Image (S2I) Builder Image,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 3,Red Hat Advanced Cluster Security 3,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 6,Red Hat Ceph Storage 7,Red Hat Ceph Storage 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform Assisted Installer,Red Hat OpenShift Container Platform Assisted Installer,Red Hat Openshift Container Storage 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift distributed tracing 2,Red Hat OpenShift distributed tracing 2,Red Hat Openshift sandboxed containers,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenStack Platform 16.2,Red Hat Quay 3,Red Hat Quay 3,Red Hat Software Collections,
Full Details
CVE document
CVE-2024-29133
Severity: low
Released on: 20/03/2024
Advisory:
Bugzilla: 2270673
Bugzilla Description:
commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-121->CWE-787
Affected Packages:
Package States: AMQ Clients,A-MQ Clients 2,Migration Toolkit for Applications 6,Migration Toolkit for Runtimes,OpenShift Developer Tools and Services,Red Hat build of Apache Camel 4.0 for Spring Boot,Red Hat build of Apache Camel for Quarkus,Red Hat build of Apache Camel for Spring Boot,Red Hat build of OptaPlanner 8,Red Hat Data Grid 8,Red Hat Integration Camel K,Red Hat JBoss A-MQ 7,Red Hat JBoss Data Grid 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Fuse 7,Red Hat OpenShift Container Platform 3.11,Red Hat Process Automation 7,Red Hat Single Sign-On 7,Red Hat support for Spring Boot,
Full Details
CVE document
CVE-2024-29131
Severity: low
Released on: 20/03/2024
Advisory:
Bugzilla: 2270674
Bugzilla Description:
commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-121->CWE-787
Affected Packages:
Package States: AMQ Clients,A-MQ Clients 2,Migration Toolkit for Applications 6,Migration Toolkit for Runtimes,OpenShift Developer Tools and Services,Red Hat build of Apache Camel 4.0 for Spring Boot,Red Hat build of Apache Camel for Quarkus,Red Hat build of Apache Camel for Spring Boot,Red Hat build of OptaPlanner 8,Red Hat Data Grid 8,Red Hat Integration Camel K,Red Hat JBoss A-MQ 7,Red Hat JBoss Data Grid 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Fuse 7,Red Hat OpenShift Container Platform 3.11,Red Hat Process Automation 7,Red Hat Single Sign-On 7,Red Hat support for Spring Boot,
Full Details
CVE document
CVE-2024-2169
Severity: moderate
Released on: 20/03/2024
Advisory:
Bugzilla: 2272753
Bugzilla Description:
udp: Implementations of UDP protocol are vulnerable to network loops
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Ansible Automation Platform 1.2,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-2307
Severity: moderate
Released on: 19/03/2024
Advisory:
Bugzilla: 2268513
Bugzilla Description:
osbuild-composer: race condition may disable GPG verification for package repositories
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-362->CWE-347
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-21503
Severity: moderate
Released on: 19/03/2024
Advisory:
Bugzilla: 2270236
Bugzilla Description:
psf/black: ReDoS via the lines_with_leading_tabs_expanded() function in strings.py file
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-1333
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,
Full Details
CVE document
CVE-2023-50966
Severity: moderate
Released on: 19/03/2024
Advisory:
Bugzilla: 2270311
Bugzilla Description:
erlang-jose: Denial-of-service due to high CPU consumption
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-400
Affected Packages:
Package States:
Full Details
CVE document
CVE-2024-27439
Severity: important
Released on: 19/03/2024
Advisory:
Bugzilla: 2270332
Bugzilla Description:
apache-wicket: Possible bypass of CSRF protection
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: (CWE-352|CWE-444)
Affected Packages:
Package States: Migration Toolkit for Applications 6,Migration Toolkit for Runtimes,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Fuse 7,
Full Details
CVE document
CVE-2024-22025
Severity: moderate
Released on: 19/03/2024
Advisory:
Bugzilla: 2270559
Bugzilla Description:
nodejs: using the fetch() function to retrieve content from an untrusted URL leads to denial of service
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-400
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-2605
Severity: important
Released on: 19/03/2024
Advisory:
Bugzilla: 2270659
Bugzilla Description:
Mozilla: Windows Error Reporter could be used as a Sandbox escape vector
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-2607
Severity: important
Released on: 19/03/2024
Advisory: RHSA-2024:1491, RHSA-2024:1490, RHSA-2024:1493, RHSA-2024:1492, RHSA-2024:1484, RHSA-2024:1495, RHSA-2024:1494, RHSA-2024:1483, RHSA-2024:1486, RHSA-2024:1497, RHSA-2024:1496, RHSA-2024:1485, RHSA-2024:1499, RHSA-2024:1488, RHSA-2024:1498, RHSA-2024:1487, RHSA-2024:1500, RHSA-2024:1489,
Bugzilla: 2270660
Bugzilla Description:
Mozilla: JIT code failed to save return registers on Armv7-A
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-1262
Affected Packages: firefox-0:115.9.1-1.el8_2,firefox-0:115.9.1-1.el9_2,firefox-0:115.9.1-1.el9_0,thunderbird-0:115.9.0-1.el8_9,thunderbird-0:115.9.0-1.el7_9,thunderbird-0:115.9.0-1.el8_8,thunderbird-0:115.9.0-1.el8_6,thunderbird-0:115.9.0-1.el8_4,thunderbird-0:115.9.0-1.el9_3,thunderbird-0:115.9.0-1.el9_2,thunderbird-0:115.9.0-1.el8_2,thunderbird-0:115.9.0-1.el9_0,firefox-0:115.9.1-1.el7_9,firefox-0:115.9.1-1.el8_8,firefox-0:115.9.1-1.el8_9,firefox-0:115.9.1-1.el8_6,firefox-0:115.9.1-1.el8_4,firefox-0:115.9.1-1.el9_3,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,
Full Details
CVE document
CVE-2024-2608
Severity: important
Released on: 19/03/2024
Advisory: RHSA-2024:1491, RHSA-2024:1490, RHSA-2024:1493, RHSA-2024:1492, RHSA-2024:1484, RHSA-2024:1495, RHSA-2024:1494, RHSA-2024:1483, RHSA-2024:1486, RHSA-2024:1497, RHSA-2024:1496, RHSA-2024:1485, RHSA-2024:1499, RHSA-2024:1488, RHSA-2024:1498, RHSA-2024:1487, RHSA-2024:1500, RHSA-2024:1489,
Bugzilla: 2270661
Bugzilla Description:
Mozilla: Integer overflow could have led to out of bounds write
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-190->CWE-120
Affected Packages: firefox-0:115.9.1-1.el8_2,firefox-0:115.9.1-1.el9_2,firefox-0:115.9.1-1.el9_0,thunderbird-0:115.9.0-1.el8_9,thunderbird-0:115.9.0-1.el7_9,thunderbird-0:115.9.0-1.el8_8,thunderbird-0:115.9.0-1.el8_6,thunderbird-0:115.9.0-1.el8_4,thunderbird-0:115.9.0-1.el9_3,thunderbird-0:115.9.0-1.el9_2,thunderbird-0:115.9.0-1.el8_2,thunderbird-0:115.9.0-1.el9_0,firefox-0:115.9.1-1.el7_9,firefox-0:115.9.1-1.el8_8,firefox-0:115.9.1-1.el8_9,firefox-0:115.9.1-1.el8_6,firefox-0:115.9.1-1.el8_4,firefox-0:115.9.1-1.el9_3,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,
Full Details
CVE document
CVE-2024-2616
Severity: important
Released on: 19/03/2024
Advisory: RHSA-2024:1491, RHSA-2024:1490, RHSA-2024:1484, RHSA-2024:1483, RHSA-2024:1486, RHSA-2024:1485, RHSA-2024:1488, RHSA-2024:1487, RHSA-2024:1489,
Bugzilla: 2270662
Bugzilla Description:
Mozilla: Improve handling of out-of-memory conditions in ICU
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE:
Affected Packages: firefox-0:115.9.1-1.el8_2,firefox-0:115.9.1-1.el9_2,firefox-0:115.9.1-1.el9_0,firefox-0:115.9.1-1.el7_9,firefox-0:115.9.1-1.el8_8,firefox-0:115.9.1-1.el8_9,firefox-0:115.9.1-1.el8_6,firefox-0:115.9.1-1.el8_4,firefox-0:115.9.1-1.el9_3,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-2610
Severity: moderate
Released on: 19/03/2024
Advisory: RHSA-2024:1491, RHSA-2024:1490, RHSA-2024:1493, RHSA-2024:1492, RHSA-2024:1484, RHSA-2024:1495, RHSA-2024:1494, RHSA-2024:1483, RHSA-2024:1486, RHSA-2024:1497, RHSA-2024:1496, RHSA-2024:1485, RHSA-2024:1499, RHSA-2024:1488, RHSA-2024:1498, RHSA-2024:1487, RHSA-2024:1500, RHSA-2024:1489,
Bugzilla: 2270663
Bugzilla Description:
Mozilla: Improper handling of html and body tags enabled CSP nonce leakage
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-79
Affected Packages: firefox-0:115.9.1-1.el8_2,firefox-0:115.9.1-1.el9_2,firefox-0:115.9.1-1.el9_0,thunderbird-0:115.9.0-1.el8_9,thunderbird-0:115.9.0-1.el7_9,thunderbird-0:115.9.0-1.el8_8,thunderbird-0:115.9.0-1.el8_6,thunderbird-0:115.9.0-1.el8_4,thunderbird-0:115.9.0-1.el9_3,thunderbird-0:115.9.0-1.el9_2,thunderbird-0:115.9.0-1.el8_2,thunderbird-0:115.9.0-1.el9_0,firefox-0:115.9.1-1.el7_9,firefox-0:115.9.1-1.el8_8,firefox-0:115.9.1-1.el8_9,firefox-0:115.9.1-1.el8_6,firefox-0:115.9.1-1.el8_4,firefox-0:115.9.1-1.el9_3,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,
Full Details
CVE document
CVE-2024-2611
Severity: moderate
Released on: 19/03/2024
Advisory: RHSA-2024:1491, RHSA-2024:1490, RHSA-2024:1493, RHSA-2024:1492, RHSA-2024:1484, RHSA-2024:1495, RHSA-2024:1494, RHSA-2024:1483, RHSA-2024:1486, RHSA-2024:1497, RHSA-2024:1496, RHSA-2024:1485, RHSA-2024:1499, RHSA-2024:1488, RHSA-2024:1498, RHSA-2024:1487, RHSA-2024:1500, RHSA-2024:1489,
Bugzilla: 2270664
Bugzilla Description:
Mozilla: Clickjacking vulnerability could have led to a user accidentally granting permissions
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-449
Affected Packages: firefox-0:115.9.1-1.el8_2,firefox-0:115.9.1-1.el9_2,firefox-0:115.9.1-1.el9_0,thunderbird-0:115.9.0-1.el8_9,thunderbird-0:115.9.0-1.el7_9,thunderbird-0:115.9.0-1.el8_8,thunderbird-0:115.9.0-1.el8_6,thunderbird-0:115.9.0-1.el8_4,thunderbird-0:115.9.0-1.el9_3,thunderbird-0:115.9.0-1.el9_2,thunderbird-0:115.9.0-1.el8_2,thunderbird-0:115.9.0-1.el9_0,firefox-0:115.9.1-1.el7_9,firefox-0:115.9.1-1.el8_8,firefox-0:115.9.1-1.el8_9,firefox-0:115.9.1-1.el8_6,firefox-0:115.9.1-1.el8_4,firefox-0:115.9.1-1.el9_3,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,
Full Details
CVE document
CVE-2024-2612
Severity: moderate
Released on: 19/03/2024
Advisory: RHSA-2024:1491, RHSA-2024:1490, RHSA-2024:1493, RHSA-2024:1492, RHSA-2024:1484, RHSA-2024:1495, RHSA-2024:1494, RHSA-2024:1483, RHSA-2024:1486, RHSA-2024:1497, RHSA-2024:1496, RHSA-2024:1485, RHSA-2024:1499, RHSA-2024:1488, RHSA-2024:1498, RHSA-2024:1487, RHSA-2024:1500, RHSA-2024:1489,
Bugzilla: 2270665
Bugzilla Description:
Mozilla: Self referencing object could have potentially led to a use-after-free
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-416
Affected Packages: firefox-0:115.9.1-1.el8_2,firefox-0:115.9.1-1.el9_2,firefox-0:115.9.1-1.el9_0,thunderbird-0:115.9.0-1.el8_9,thunderbird-0:115.9.0-1.el7_9,thunderbird-0:115.9.0-1.el8_8,thunderbird-0:115.9.0-1.el8_6,thunderbird-0:115.9.0-1.el8_4,thunderbird-0:115.9.0-1.el9_3,thunderbird-0:115.9.0-1.el9_2,thunderbird-0:115.9.0-1.el8_2,thunderbird-0:115.9.0-1.el9_0,firefox-0:115.9.1-1.el7_9,firefox-0:115.9.1-1.el8_8,firefox-0:115.9.1-1.el8_9,firefox-0:115.9.1-1.el8_6,firefox-0:115.9.1-1.el8_4,firefox-0:115.9.1-1.el9_3,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,
Full Details
CVE document
CVE-2024-2614
Severity: important
Released on: 19/03/2024
Advisory: RHSA-2024:1491, RHSA-2024:1490, RHSA-2024:1493, RHSA-2024:1492, RHSA-2024:1484, RHSA-2024:1495, RHSA-2024:1494, RHSA-2024:1483, RHSA-2024:1486, RHSA-2024:1497, RHSA-2024:1496, RHSA-2024:1485, RHSA-2024:1499, RHSA-2024:1488, RHSA-2024:1498, RHSA-2024:1487, RHSA-2024:1500, RHSA-2024:1489,
Bugzilla: 2270666
Bugzilla Description:
Mozilla: Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-120
Affected Packages: firefox-0:115.9.1-1.el8_2,firefox-0:115.9.1-1.el9_2,firefox-0:115.9.1-1.el9_0,thunderbird-0:115.9.0-1.el8_9,thunderbird-0:115.9.0-1.el7_9,thunderbird-0:115.9.0-1.el8_8,thunderbird-0:115.9.0-1.el8_6,thunderbird-0:115.9.0-1.el8_4,thunderbird-0:115.9.0-1.el9_3,thunderbird-0:115.9.0-1.el9_2,thunderbird-0:115.9.0-1.el8_2,thunderbird-0:115.9.0-1.el9_0,firefox-0:115.9.1-1.el7_9,firefox-0:115.9.1-1.el8_8,firefox-0:115.9.1-1.el8_9,firefox-0:115.9.1-1.el8_6,firefox-0:115.9.1-1.el8_4,firefox-0:115.9.1-1.el9_3,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,
Full Details
CVE document
CVE-2024-1013
Severity: moderate
Released on: 18/03/2024
Advisory:
Bugzilla: 2260823
Bugzilla Description:
unixODBC: out of bounds stack write due to pointer-to-integer types conversion
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-823
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-1753
Severity: important
Released on: 18/03/2024
Advisory:
Bugzilla: 2265513
Bugzilla Description:
buildah: full container escape at build time
CVSS Score:
CVSSv3 Score: 8.6
Vector:
CWE: CWE-269
Affected Packages:
Package States: Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2021-47154
Severity: moderate
Released on: 18/03/2024
Advisory:
Bugzilla: 2270058
Bugzilla Description:
Perl-Net-CIDR-Lite: improper handling of extraneous zero characters in an IP address string
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52614
Severity: low
Released on: 18/03/2024
Advisory:
Bugzilla: 2270071
Bugzilla Description:
kernel: PM / devfreq: Fix buffer overflow in trans_stat_show
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52613
Severity: low
Released on: 18/03/2024
Advisory:
Bugzilla: 2270073
Bugzilla Description:
kernel: drivers/thermal/loongson2_thermal: Fix incorrect PTR_ERR() judgment
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52612
Severity: moderate
Released on: 18/03/2024
Advisory:
Bugzilla: 2270075
Bugzilla Description:
kernel: crypto: scomp - fix req->dst buffer overflow
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52611
Severity: low
Released on: 18/03/2024
Advisory:
Bugzilla: 2270077
Bugzilla Description:
kernel: wifi: rtw88: sdio: Honor the host max_req_size in the RX path
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-118
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52610
Severity: moderate
Released on: 18/03/2024
Advisory:
Bugzilla: 2270080
Bugzilla Description:
kernel: net/sched: act_ct: fix skb leak and crash on ooo frags
CVSS Score:
CVSSv3 Score: 6.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52609
Severity: low
Released on: 18/03/2024
Advisory:
Bugzilla: 2270082
Bugzilla Description:
kernel: binder: fix race between mmput() and do_exit()
CVSS Score:
CVSSv3 Score: 4.1
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52619
Severity: moderate
Released on: 18/03/2024
Advisory:
Bugzilla: 2270084
Bugzilla Description:
kernel: pstore/ram: Fix crash when setting number of cpus to an odd number
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52618
Severity: low
Released on: 18/03/2024
Advisory:
Bugzilla: 2270086
Bugzilla Description:
kernel: block/rnbd-srv: Check for unlikely string overflow
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52617
Severity: moderate
Released on: 18/03/2024
Advisory:
Bugzilla: 2270088
Bugzilla Description:
kernel: PCI: switchtec: Fix stdev_release() crash after surprise hot remove
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52616
Severity: moderate
Released on: 18/03/2024
Advisory:
Bugzilla: 2270091
Bugzilla Description:
kernel: crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52615
Severity: moderate
Released on: 18/03/2024
Advisory:
Bugzilla: 2270093
Bugzilla Description:
kernel: hwrng: core - Fix page fault dead lock on mmap-ed hwrng
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26641
Severity: moderate
Released on: 18/03/2024
Advisory:
Bugzilla: 2270097
Bugzilla Description:
kernel: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26640
Severity: moderate
Released on: 18/03/2024
Advisory:
Bugzilla: 2270100
Bugzilla Description:
kernel: tcp: add sanity checks to rx zerocopy
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26639
Severity: moderate
Released on: 18/03/2024
Advisory:
Bugzilla: 2270102
Bugzilla Description:
kernel: mm, kmsan: fix infinite recursion due to RCU critical section
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-674
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26638
Severity: low
Released on: 18/03/2024
Advisory:
Bugzilla: 2270103
Bugzilla Description:
kernel: nbd: always initialize struct msghdr completely
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-456
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26637
Severity: moderate
Released on: 18/03/2024
Advisory:
Bugzilla: 2270106
Bugzilla Description:
kernel: wifi: ath11k: rely on mac80211 debugfs handling for vif
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26636
Severity: moderate
Released on: 18/03/2024
Advisory:
Bugzilla: 2270110
Bugzilla Description:
kernel: llc: make llc_ui_sendmsg() more robust against bonding changes
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26635
Severity: low
Released on: 18/03/2024
Advisory:
Bugzilla: 2270113
Bugzilla Description:
kernel: llc: Drop support for ETH_P_TR_802_2.
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-456
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26634
Severity: moderate
Released on: 18/03/2024
Advisory:
Bugzilla: 2270116
Bugzilla Description:
kernel: net: fix removing a namespace with conflicting altnames
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26633
Severity: low
Released on: 18/03/2024
Advisory:
Bugzilla: 2270118
Bugzilla Description:
kernel: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26632
Severity: moderate
Released on: 18/03/2024
Advisory:
Bugzilla: 2270131
Bugzilla Description:
kernel: block: Fix iterating over an empty bio with bio_for_each_folio_all
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26631
Severity: low
Released on: 18/03/2024
Advisory:
Bugzilla: 2270133
Bugzilla Description:
kernel: ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work
CVSS Score:
CVSSv3 Score: 2.5
Vector:
CWE: CWE-414
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-22257
Severity: important
Released on: 18/03/2024
Advisory:
Bugzilla: 2270158
Bugzilla Description:
spring-security: Broken Access Control With Direct Use of AuthenticatedVoter
CVSS Score:
CVSSv3 Score: 9.8
Vector:
CWE: CWE-284
Affected Packages:
Package States: A-MQ Clients 2,OpenShift Developer Tools and Services,Red Hat build of Apache Camel 4.0 for Spring Boot,Red Hat build of Apache Camel for Spring Boot,Red Hat build of Apache Camel - HawtIO,Red Hat Build of Keycloak,Red Hat Data Grid 8,Red Hat Integration Camel K,Red Hat JBoss A-MQ Streams,Red Hat JBoss Data Grid 7,Red Hat JBoss Fuse 7,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Dev Spaces,Red Hat Process Automation 7,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2024-21652
Severity: moderate
Released on: 18/03/2024
Advisory: RHSA-2024:1697, RHSA-2024:1752, RHSA-2024:1753, RHSA-2024:1700,
Bugzilla: 2270170
Bugzilla Description:
argo-cd: Bypassing Brute Force Protection via Application Crash and In-Memory Data Loss
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-307
Affected Packages: openshift-gitops-1/gitops-operator-bundle:v1.12.1-1,openshift-gitops-1/gitops-rhel8:v1.11.3-2,openshift-gitops-1/argo-rollouts-rhel8:v1.12.1-1,openshift-gitops-1/gitops-rhel8-operator:v1.10.4-1,openshift-gitops-1/must-gather-rhel8:v1.12.1-1,openshift-gitops-1/argocd-rhel8:v1.11.3-2,openshift-gitops-1/dex-rhel8:v1.10.4-1,openshift-gitops-1/console-plugin-rhel8:v1.11.3-2,openshift-gitops-1/dex-rhel8:v1.12.1-1,openshift-gitops-1/gitops-operator-bundle:v1.11.3-2,openshift-gitops-1/must-gather-rhel8:v1.11.3-2,openshift-gitops-1/kam-delivery-rhel8:v1.12.1-1,openshift-gitops-1/gitops-rhel8:v1.12.1-1,openshift-gitops-argocd-cli-0:1.12.1-5.el8,openshift-gitops-1/gitops-rhel8-operator:v1.11.3-2,openshift-gitops-1/kam-delivery-rhel8:v1.11.3-2,openshift-gitops-1/console-plugin-rhel8:v1.10.4-1,openshift-gitops-1/dex-rhel8:v1.11.3-2,openshift-gitops-1/console-plugin-rhel8:v1.12.1-1,openshift-gitops-1/gitops-operator-bundle:v1.10.4-1,openshift-gitops-1/argocd-rhel8:v1.12.1-1,openshift-gitops-1/argo-rollouts-rhel8:v1.10.4-1,openshift-gitops-1/must-gather-rhel8:v1.10.4-1,openshift-gitops-1/argo-rollouts-rhel8:v1.11.3-2,openshift-gitops-argocd-cli-0:1.12.1-4.el9,microshift-gitops-0:1.12.1-4.el9,openshift-gitops-1/gitops-rhel8-operator:v1.12.1-1,openshift-gitops-1/kam-delivery-rhel8:v1.10.4-1,openshift-gitops-1/gitops-rhel8:v1.10.4-1,openshift-gitops-argocd-rhel9-container-v1.12.1-2,openshift-gitops-1/argocd-rhel8:v1.10.4-1,
Package States: Red Hat Openshift Data Foundation 4,
Full Details
CVE document
CVE-2024-21661
Severity: important
Released on: 18/03/2024
Advisory: RHSA-2024:1697, RHSA-2024:1752, RHSA-2024:1753, RHSA-2024:1700,
Bugzilla: 2270173
Bugzilla Description:
argo-cd: Denial of Service Due to Unsafe Array Modification in Multi-threaded Environment
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-567
Affected Packages: openshift-gitops-1/gitops-operator-bundle:v1.12.1-1,openshift-gitops-1/gitops-rhel8:v1.11.3-2,openshift-gitops-1/argo-rollouts-rhel8:v1.12.1-1,openshift-gitops-1/gitops-rhel8-operator:v1.10.4-1,openshift-gitops-1/must-gather-rhel8:v1.12.1-1,openshift-gitops-1/argocd-rhel8:v1.11.3-2,openshift-gitops-1/dex-rhel8:v1.10.4-1,openshift-gitops-1/console-plugin-rhel8:v1.11.3-2,openshift-gitops-1/dex-rhel8:v1.12.1-1,openshift-gitops-1/gitops-operator-bundle:v1.11.3-2,openshift-gitops-1/must-gather-rhel8:v1.11.3-2,openshift-gitops-1/kam-delivery-rhel8:v1.12.1-1,openshift-gitops-1/gitops-rhel8:v1.12.1-1,openshift-gitops-argocd-cli-0:1.12.1-5.el8,openshift-gitops-1/gitops-rhel8-operator:v1.11.3-2,openshift-gitops-1/kam-delivery-rhel8:v1.11.3-2,openshift-gitops-1/console-plugin-rhel8:v1.10.4-1,openshift-gitops-1/dex-rhel8:v1.11.3-2,openshift-gitops-1/console-plugin-rhel8:v1.12.1-1,openshift-gitops-1/gitops-operator-bundle:v1.10.4-1,openshift-gitops-1/argocd-rhel8:v1.12.1-1,openshift-gitops-1/argo-rollouts-rhel8:v1.10.4-1,openshift-gitops-1/must-gather-rhel8:v1.10.4-1,openshift-gitops-1/argo-rollouts-rhel8:v1.11.3-2,openshift-gitops-argocd-cli-0:1.12.1-4.el9,microshift-gitops-0:1.12.1-4.el9,openshift-gitops-1/gitops-rhel8-operator:v1.12.1-1,openshift-gitops-1/kam-delivery-rhel8:v1.10.4-1,openshift-gitops-1/gitops-rhel8:v1.10.4-1,openshift-gitops-argocd-rhel9-container-v1.12.1-2,openshift-gitops-1/argocd-rhel8:v1.10.4-1,
Package States: Red Hat Openshift Data Foundation 4,
Full Details
CVE document
CVE-2024-21662
Severity: moderate
Released on: 18/03/2024
Advisory: RHSA-2024:1697, RHSA-2024:1752, RHSA-2024:1753, RHSA-2024:1700,
Bugzilla: 2270182
Bugzilla Description:
argo-cd: Bypassing Rate Limit and Brute Force Protection Using Cache Overflow
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-307
Affected Packages: openshift-gitops-1/gitops-operator-bundle:v1.12.1-1,openshift-gitops-1/gitops-rhel8:v1.11.3-2,openshift-gitops-1/argo-rollouts-rhel8:v1.12.1-1,openshift-gitops-1/gitops-rhel8-operator:v1.10.4-1,openshift-gitops-1/must-gather-rhel8:v1.12.1-1,openshift-gitops-1/argocd-rhel8:v1.11.3-2,openshift-gitops-1/dex-rhel8:v1.10.4-1,openshift-gitops-1/console-plugin-rhel8:v1.11.3-2,openshift-gitops-1/dex-rhel8:v1.12.1-1,openshift-gitops-1/gitops-operator-bundle:v1.11.3-2,openshift-gitops-1/must-gather-rhel8:v1.11.3-2,openshift-gitops-1/kam-delivery-rhel8:v1.12.1-1,openshift-gitops-1/gitops-rhel8:v1.12.1-1,openshift-gitops-argocd-cli-0:1.12.1-5.el8,openshift-gitops-1/gitops-rhel8-operator:v1.11.3-2,openshift-gitops-1/kam-delivery-rhel8:v1.11.3-2,openshift-gitops-1/console-plugin-rhel8:v1.10.4-1,openshift-gitops-1/dex-rhel8:v1.11.3-2,openshift-gitops-1/console-plugin-rhel8:v1.12.1-1,openshift-gitops-1/gitops-operator-bundle:v1.10.4-1,openshift-gitops-1/argocd-rhel8:v1.12.1-1,openshift-gitops-1/argo-rollouts-rhel8:v1.10.4-1,openshift-gitops-1/must-gather-rhel8:v1.10.4-1,openshift-gitops-1/argo-rollouts-rhel8:v1.11.3-2,openshift-gitops-argocd-cli-0:1.12.1-4.el9,microshift-gitops-0:1.12.1-4.el9,openshift-gitops-1/gitops-rhel8-operator:v1.12.1-1,openshift-gitops-1/kam-delivery-rhel8:v1.10.4-1,openshift-gitops-1/gitops-rhel8:v1.10.4-1,openshift-gitops-argocd-rhel9-container-v1.12.1-2,openshift-gitops-1/argocd-rhel8:v1.10.4-1,
Package States: Red Hat Openshift Data Foundation 4,
Full Details
CVE document
CVE-2024-22513
Severity: moderate
Released on: 16/03/2024
Advisory:
Bugzilla: 2269822
Bugzilla Description:
djangorestframework-simplejwt: information disclosure vulnerability
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-200
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,
Full Details
CVE document
CVE-2024-22259
Severity: important
Released on: 16/03/2024
Advisory:
Bugzilla: 2269846
Bugzilla Description:
springframework: URL Parsing with Host Validation
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-601
Affected Packages:
Package States: A-MQ Clients 2,Red Hat build of Apache Camel 4.0 for Spring Boot,Red Hat build of Apache Camel for Spring Boot,Red Hat build of Apache Camel - HawtIO,Red Hat Build of Keycloak,Red Hat build of OptaPlanner 8,Red Hat Data Grid 8,Red Hat Integration Camel K,Red Hat JBoss A-MQ 7,Red Hat JBoss A-MQ Streams,Red Hat JBoss Data Grid 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Fuse 7,Red Hat Process Automation 7,Red Hat Single Sign-On 7,Red Hat support for Spring Boot,
Full Details
CVE document
CVE-2023-6725
Severity: moderate
Released on: 15/03/2024
Advisory:
Bugzilla: 2249273
Bugzilla Description:
tripleo-ansible: bind keys are world readable
CVSS Score:
CVSSv3 Score: 6.6
Vector:
CWE: CWE-1220
Affected Packages:
Package States: Red Hat OpenStack Platform 16.1,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,
Full Details
CVE document
CVE-2024-3296
Severity: moderate
Released on: 15/03/2024
Advisory:
Bugzilla: 2269723
Bugzilla Description:
rust-openssl: timing based side-channel can lead to a Bleichenbacher style attack
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-208->CWE-203
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47135
Severity: low
Released on: 15/03/2024
Advisory:
Bugzilla: 2269812
Bugzilla Description:
kernel: mt76: mt7921: fix possible AOOB issue in mt7921_mcu_tx_rate_report
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47134
Severity: low
Released on: 15/03/2024
Advisory:
Bugzilla: 2269814
Bugzilla Description:
kernel: efi/fdt: fix panic when no valid fdt found
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47133
Severity: low
Released on: 15/03/2024
Advisory:
Bugzilla: 2269816
Bugzilla Description:
kernel: HID: amd_sfh: Fix memory leak in amd_sfh_work
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47132
Severity: moderate
Released on: 15/03/2024
Advisory:
Bugzilla: 2269818
Bugzilla Description:
kernel: mptcp: fix sk_forward_memory corruption on retransmission
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-414
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47131
Severity: moderate
Released on: 15/03/2024
Advisory:
Bugzilla: 2269820
Bugzilla Description:
kernel: net/tls: Fix use-after-free after the TLS device goes down and up
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47130
Severity: low
Released on: 15/03/2024
Advisory:
Bugzilla: 2269826
Bugzilla Description:
kernel: nvmet: fix freeing unallocated p2pmem
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47129
Severity: low
Released on: 15/03/2024
Advisory:
Bugzilla: 2269829
Bugzilla Description:
kernel: netfilter: nft_ct: skip expectations for confirmed conntrack
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47128
Severity: low
Released on: 15/03/2024
Advisory:
Bugzilla: 2269831
Bugzilla Description:
kernel: bpf, lockdown, audit: Fix buggy SELinux lockdown permission checks
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47127
Severity: low
Released on: 15/03/2024
Advisory:
Bugzilla: 2269834
Bugzilla Description:
kernel: ice: track AF_XDP ZC enabled queues in bitmap
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47126
Severity: moderate
Released on: 15/03/2024
Advisory:
Bugzilla: 2269836
Bugzilla Description:
kernel: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47125
Severity: moderate
Released on: 15/03/2024
Advisory:
Bugzilla: 2269839
Bugzilla Description:
kernel: sch_htb: fix refcount leak in htb_parent_to_leaf_offload
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47124
Severity: low
Released on: 15/03/2024
Advisory:
Bugzilla: 2269841
Bugzilla Description:
kernel: io_uring: fix link timeout refs
CVSS Score:
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47123
Severity: moderate
Released on: 15/03/2024
Advisory:
Bugzilla: 2269843
Bugzilla Description:
kernel: io_uring: fix ltout double free on completion race
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-415
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47122
Severity: low
Released on: 15/03/2024
Advisory:
Bugzilla: 2269845
Bugzilla Description:
kernel: net: caif: fix memory leak in caif_device_notify
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47121
Severity: low
Released on: 15/03/2024
Advisory:
Bugzilla: 2269848
Bugzilla Description:
kernel: net: caif: fix memory leak in cfusbl_device_notify
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47120
Severity: low
Released on: 15/03/2024
Advisory:
Bugzilla: 2269850
Bugzilla Description:
kernel: HID: magicmouse: fix NULL-deref on disconnect
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47119
Severity: moderate
Released on: 15/03/2024
Advisory:
Bugzilla: 2269854
Bugzilla Description:
kernel: ext4: fix memory leak in ext4_fill_super
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47118
Severity: moderate
Released on: 15/03/2024
Advisory:
Bugzilla: 2269856
Bugzilla Description:
kernel: pid: take a reference when initializing `cad_pid`
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47117
Severity: moderate
Released on: 15/03/2024
Advisory:
Bugzilla: 2269859
Bugzilla Description:
kernel: ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47116
Severity: low
Released on: 15/03/2024
Advisory:
Bugzilla: 2269861
Bugzilla Description:
kernel: ext4: fix memory leak in ext4_mb_init_backend on error path.
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47115
Severity:
Released on: 15/03/2024
Advisory:
Bugzilla: 2269863
Bugzilla Description:
kernel: nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47114
Severity: low
Released on: 15/03/2024
Advisory:
Bugzilla: 2269865
Bugzilla Description:
kernel: ocfs2: fix data corruption by fallocate
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47113
Severity: low
Released on: 15/03/2024
Advisory:
Bugzilla: 2269867
Bugzilla Description:
kernel: btrfs: abort in rename_exchange if we fail to insert the second ref
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47112
Severity: moderate
Released on: 15/03/2024
Advisory:
Bugzilla: 2269869
Bugzilla Description:
kernel: x86/kvm: Teardown PV features on boot CPU as well
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47111
Severity: low
Released on: 15/03/2024
Advisory:
Bugzilla: 2269871
Bugzilla Description:
kernel: xen-netback: take a reference to the RX task thread
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47110
Severity: moderate
Released on: 15/03/2024
Advisory:
Bugzilla: 2269873
Bugzilla Description:
kernel: x86/kvm: Disable kvmclock on all CPUs on shutdown
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47109
Severity: moderate
Released on: 15/03/2024
Advisory:
Bugzilla: 2269875
Bugzilla Description:
kernel: neighbour: allow NUD_NOARP entries to be forced GCed
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-29156
Severity: important
Released on: 14/03/2024
Advisory:
Bugzilla: 2269112
Bugzilla Description:
YAQL: OpenStack Murano Component Information Leakage
CVSS Score:
CVSSv3 Score: 8.4
Vector:
CWE: CWE-200
Affected Packages:
Package States: Red Hat OpenStack Platform 16.1,Red Hat OpenStack Platform 16.1,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,
Full Details
CVE document
CVE-2024-28849
Severity: moderate
Released on: 14/03/2024
Advisory: RHSA-2024:1474,
Bugzilla: 2269576
Bugzilla Description:
follow-redirects: Possible credential leak
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-200
Affected Packages: openshift-logging/log-file-metric-exporter-rhel9:v1.1.0-216,openshift-logging/logging-curator5-rhel9:v5.8.1-462,openshift-logging/loki-rhel9-operator:v5.8.5-12,openshift-logging/elasticsearch6-rhel9:v6.8.1-401,openshift-logging/cluster-logging-rhel9-operator:v5.8.5-7,openshift-logging/elasticsearch-operator-bundle:v5.8.5-7,openshift-logging/elasticsearch-proxy-rhel9:v1.0.0-471,openshift-logging/loki-operator-bundle:v5.8.5-23,openshift-logging/cluster-logging-operator-bundle:v5.8.5-17,openshift-logging/eventrouter-rhel9:v0.4.0-236,openshift-logging/lokistack-gateway-rhel9:v0.1.0-497,openshift-logging/elasticsearch-rhel9-operator:v5.8.5-3,openshift-logging/fluentd-rhel9:v5.8.5-3,openshift-logging/logging-loki-rhel9:v2.9.4-22,openshift-logging/logging-view-plugin-rhel9:v5.8.5-4,openshift-logging/opa-openshift-rhel9:v0.1.0-211,openshift-logging/vector-rhel9:v0.28.1-56,
Package States: Cryostat 2,Logging Subsystem for Red Hat OpenShift,Migration Toolkit for Applications 6,Migration Toolkit for Applications 6,Migration Toolkit for Applications 7,Migration Toolkit for Applications 7,Migration Toolkit for Containers,Migration Toolkit for Runtimes,Migration Toolkit for Virtualization,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Network Observability Operator,Node HealthCheck Operator,OpenShift Pipelines,OpenShift Serverless,OpenShift Service Mesh 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 3,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 1.2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO,Red Hat build of OptaPlanner 8,Red Hat Data Grid 8,Red Hat Discovery,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Integration Camel K,Red Hat Integration Service Registry,Red Hat JBoss Data Grid 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Fuse 7,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift distributed tracing 2,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Satellite 6,
Full Details
CVE document
CVE-2024-28752
Severity: important
Released on: 14/03/2024
Advisory:
Bugzilla: 2270732
Bugzilla Description:
cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding
CVSS Score:
CVSSv3 Score: 9.8
Vector:
CWE: CWE-918
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,Red Hat build of Apache Camel 4.0 for Spring Boot,Red Hat build of Apache Camel for Quarkus,Red Hat build of Apache Camel for Spring Boot,Red Hat Build of Keycloak,Red Hat Data Grid 8,Red Hat Integration Camel K,Red Hat Integration Camel Quarkus,Red Hat JBoss A-MQ Streams,Red Hat JBoss Data Grid 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Fuse 7,Red Hat Process Automation 7,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2024-28175
Severity: important
Released on: 13/03/2024
Advisory: RHSA-2024:1441, RHSA-2024:1345, RHSA-2024:1346,
Bugzilla: 2268518
Bugzilla Description:
argo-cd: XSS vulnerability in application summary component
CVSS Score:
CVSSv3 Score: 8.9
Vector:
CWE: CWE-79
Affected Packages: openshift-gitops-1/gitops-rhel8:v1.11.2-2,openshift-gitops-1/kam-delivery-rhel8:v1.11.2-2,openshift-gitops-1/gitops-rhel8-operator:v1.10.3-2,openshift-gitops-1/argocd-rhel8:v1.12.0-19,openshift-gitops-1/console-plugin-rhel8:v1.11.2-2,openshift-gitops-1/gitops-operator-bundle:v1.11.2-2,openshift-gitops-1/gitops-rhel8:v1.12.0-19,openshift-gitops-1/argocd-rhel8:v1.11.2-2,openshift-gitops-1/gitops-rhel8:v1.10.3-2,openshift-gitops-1/must-gather-rhel8:v1.11.2-2,openshift-gitops-1/argo-rollouts-rhel8:v1.11.2-2,openshift-gitops-1/gitops-rhel8-operator:v1.11.2-2,openshift-gitops-1/gitops-rhel8-operator:v1.12.0-19,openshift-gitops-1/argocd-rhel8:v1.10.3-2,openshift-gitops-1/dex-rhel8:v1.11.2-2,
Package States:
Full Details
CVE document
CVE-2023-52608
Severity: low
Released on: 13/03/2024
Advisory:
Bugzilla: 2269432
Bugzilla Description:
kernel: firmware: arm_scmi: Check mailbox/SMT channel for consistency
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26629
Severity: moderate
Released on: 13/03/2024
Advisory:
Bugzilla: 2269434
Bugzilla Description:
kernel: nfsd: fix RELEASE_LOCKOWNER
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-393
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26630
Severity: moderate
Released on: 13/03/2024
Advisory:
Bugzilla: 2269436
Bugzilla Description:
kernel: mm: cachestat: fix folio read-after-free in cache walk
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-50726
Severity: moderate
Released on: 13/03/2024
Advisory: RHSA-2024:1697, RHSA-2024:1752, RHSA-2024:1753, RHSA-2024:1700,
Bugzilla: 2269479
Bugzilla Description:
Argo CD: Users with `create` but not `override` privileges can perform local sync
CVSS Score:
CVSSv3 Score: 6.4
Vector:
CWE: CWE-269
Affected Packages: openshift-gitops-1/gitops-operator-bundle:v1.12.1-1,openshift-gitops-1/gitops-rhel8:v1.11.3-2,openshift-gitops-1/argo-rollouts-rhel8:v1.12.1-1,openshift-gitops-1/gitops-rhel8-operator:v1.10.4-1,openshift-gitops-1/must-gather-rhel8:v1.12.1-1,openshift-gitops-1/argocd-rhel8:v1.11.3-2,openshift-gitops-1/dex-rhel8:v1.10.4-1,openshift-gitops-1/console-plugin-rhel8:v1.11.3-2,openshift-gitops-1/dex-rhel8:v1.12.1-1,openshift-gitops-1/gitops-operator-bundle:v1.11.3-2,openshift-gitops-1/must-gather-rhel8:v1.11.3-2,openshift-gitops-1/kam-delivery-rhel8:v1.12.1-1,openshift-gitops-1/gitops-rhel8:v1.12.1-1,openshift-gitops-argocd-cli-0:1.12.1-5.el8,openshift-gitops-1/gitops-rhel8-operator:v1.11.3-2,openshift-gitops-1/kam-delivery-rhel8:v1.11.3-2,openshift-gitops-1/console-plugin-rhel8:v1.10.4-1,openshift-gitops-1/dex-rhel8:v1.11.3-2,openshift-gitops-1/console-plugin-rhel8:v1.12.1-1,openshift-gitops-1/gitops-operator-bundle:v1.10.4-1,openshift-gitops-1/argocd-rhel8:v1.12.1-1,openshift-gitops-1/argo-rollouts-rhel8:v1.10.4-1,openshift-gitops-1/must-gather-rhel8:v1.10.4-1,openshift-gitops-1/argo-rollouts-rhel8:v1.11.3-2,openshift-gitops-argocd-cli-0:1.12.1-4.el9,microshift-gitops-0:1.12.1-4.el9,openshift-gitops-1/gitops-rhel8-operator:v1.12.1-1,openshift-gitops-1/kam-delivery-rhel8:v1.10.4-1,openshift-gitops-1/gitops-rhel8:v1.10.4-1,openshift-gitops-argocd-rhel9-container-v1.12.1-2,openshift-gitops-1/argocd-rhel8:v1.10.4-1,
Package States:
Full Details
CVE document
CVE-2024-24549
Severity: important
Released on: 13/03/2024
Advisory: RHSA-2024:1318, RHSA-2024:1319, RHSA-2024:1325, RHSA-2024:1324,
Bugzilla: 2269607
Bugzilla Description:
: Apache Tomcat: HTTP/2 header handling DoS
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-20
Affected Packages: jws5-tomcat-native-0:1.2.31-17.redhat_17.el9jws,tomcat,jws5-tomcat-native-0:1.2.31-17.redhat_17.el7jws,jws5-tomcat-native-0:1.2.31-17.redhat_17.el8jws,jws5-tomcat-0:9.0.62-41.redhat_00020.1.el7jws,jws5-tomcat-0:9.0.62-41.redhat_00020.1.el8jws,jws5-tomcat-0:9.0.62-41.redhat_00020.1.el9jws,jws6-tomcat-0:10.1.8-6.redhat_00013.1.el9jws,jws6-tomcat-0:10.1.8-6.redhat_00013.1.el8jws,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-23672
Severity: important
Released on: 13/03/2024
Advisory:
Bugzilla: 2269608
Bugzilla Description:
Apache Tomcat: WebSocket DoS with incomplete closing handshake
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat JBoss Web Server 5,Red Hat JBoss Web Server 6,
Full Details
CVE document
CVE-2024-2193
Severity: moderate
Released on: 12/03/2024
Advisory:
Bugzilla: 2262051
Bugzilla Description:
hw: Spectre-SRC that is Speculative Race Conditions (SRCs) for synchronization primitives similar like Spectre V1 with possibility to bypass software features (e.g., IPIs, high-precision timers, etc)
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1300
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-2182
Severity: moderate
Released on: 12/03/2024
Advisory: RHSA-2024:1390, RHSA-2024:1392, RHSA-2024:1391, RHSA-2024:1394, RHSA-2024:1393, RHSA-2024:1385, RHSA-2024:1387, RHSA-2024:1386, RHSA-2024:1388,
Bugzilla: 2267840
Bugzilla Description:
ovn: insufficient validation of BFD packets may lead to denial of service
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-346
Affected Packages: ovn22.03-0:22.03.3-71.el8fdp,ovn23.03-0:23.03.1-100.el8fdp,ovn23.03-0:23.03.1-100.el9fdp,ovn22.12-0:22.12.1-94.el8fdp,ovn22.12-0:22.12.1-94.el9fdp,ovn22.03-0:22.03.3-71.el9fdp,ovn23.06-0:23.06.1-112.el8fdp,ovn23.09-0:23.09.0-136.el9fdp,ovn23.06-0:23.06.1-112.el9fdp,
Package States: Fast Datapath for RHEL 7,Fast Datapath for RHEL 7,Fast Datapath for RHEL 7,Fast Datapath for RHEL 8,Fast Datapath for RHEL 8,Fast Datapath for RHEL 8,Fast Datapath for RHEL 8,Fast Datapath for RHEL 8,Fast Datapath for RHEL 8,Fast Datapath for RHEL 9,Fast Datapath for RHEL 9,Fast Datapath for RHEL 9,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2024-21392
Severity: moderate
Released on: 12/03/2024
Advisory: RHSA-2024:1309, RHSA-2024:1308, RHSA-2024:1310, RHSA-2024:1311,
Bugzilla: 2268266
Bugzilla Description:
dotnet: DoS in .NET Core / YARP HTTP / 2 WebSocket support
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-400
Affected Packages: dotnet8.0-0:8.0.103-1.el8_9,dotnet7.0-0:7.0.117-1.el8_9,dotnet7.0-0:7.0.117-1.el9_3,dotnet8.0-0:8.0.103-2.el9_3,
Package States: .NET 6.0 on Red Hat Enterprise Linux,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-49453
Severity: important
Released on: 12/03/2024
Advisory:
Bugzilla: 2269172
Bugzilla Description:
racktables: XSS vulnerability allow local attackers to execute arbitrary code
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-80
Affected Packages:
Package States:
Full Details
CVE document
CVE-2024-27758
Severity: important
Released on: 12/03/2024
Advisory:
Bugzilla: 2269242
Bugzilla Description:
python-rpyc: Remote attacker can craft a class, resulting in remote code execution
CVSS Score:
CVSSv3 Score: 8.5
Vector:
CWE: CWE-358->CWE-913
Affected Packages:
Package States:
Full Details
CVE document
CVE-2024-28098
Severity: moderate
Released on: 12/03/2024
Advisory:
Bugzilla: 2269248
Bugzilla Description:
apache-pulsar: Improper Authorization For Topic-Level Policy Management
CVSS Score:
CVSSv3 Score: 6.4
Vector:
CWE: CWE-863
Affected Packages:
Package States: Red Hat build of Apache Camel 4.0 for Spring Boot,Red Hat build of Apache Camel for Spring Boot,Red Hat Integration Camel K,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Fuse 7,
Full Details
CVE document
CVE-2022-34321
Severity: moderate
Released on: 12/03/2024
Advisory:
Bugzilla: 2269250
Bugzilla Description:
apache-pulsar: Improper Authentication for Pulsar Proxy Statistics Endpoint
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-306
Affected Packages:
Package States: Red Hat build of Apache Camel 4.0 for Spring Boot,Red Hat build of Apache Camel for Spring Boot,Red Hat Integration Camel K,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Fuse 7,
Full Details
CVE document
CVE-2024-27135
Severity: important
Released on: 12/03/2024
Advisory:
Bugzilla: 2269254
Bugzilla Description:
apache-pulsar: Improper Input Validation in Pulsar Function Worker allows Remote Code Execution
CVSS Score:
CVSSv3 Score: 8.5
Vector:
CWE: CWE-20->CWE-913
Affected Packages:
Package States: Red Hat build of Apache Camel 4.0 for Spring Boot,Red Hat build of Apache Camel for Spring Boot,Red Hat Integration Camel K,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Fuse 7,
Full Details
CVE document
CVE-2024-27317
Severity: important
Released on: 12/03/2024
Advisory:
Bugzilla: 2269257
Bugzilla Description:
apache-pulsar: Pulsar Functions Worker's Archive Extraction Vulnerability Allows Unauthorized File Modification
CVSS Score:
CVSSv3 Score: 8.4
Vector:
CWE: CWE-22
Affected Packages:
Package States: Red Hat build of Apache Camel 4.0 for Spring Boot,Red Hat build of Apache Camel for Spring Boot,Red Hat Integration Camel K,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Fuse 7,
Full Details
CVE document
CVE-2024-27894
Severity: important
Released on: 12/03/2024
Advisory:
Bugzilla: 2269259
Bugzilla Description:
apache-pulsar: Pulsar Functions Worker Allows Unauthorized File Access and Unauthorized HTTP/HTTPS Proxying
CVSS Score:
CVSSv3 Score: 8.5
Vector:
CWE: CWE-20->CWE-552
Affected Packages:
Package States: Red Hat build of Apache Camel 4.0 for Spring Boot,Red Hat build of Apache Camel for Spring Boot,Red Hat Integration Camel K,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Fuse 7,
Full Details
CVE document
CVE-2024-2467
Severity: moderate
Released on: 12/03/2024
Advisory:
Bugzilla: 2269567
Bugzilla Description:
perl-Crypt-OpenSSL-RSA: side-channel attack in PKCS#1 v1.5 padding mode (Marvin Attack)
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-208->CWE-203
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-22655
Severity: moderate
Released on: 12/03/2024
Advisory:
Bugzilla: 2270698
Bugzilla Description:
kernel: local privilege escalation on Intel microcode on Intel(R) Xeon(R)
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-693
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-2357
Severity: moderate
Released on: 11/03/2024
Advisory:
Bugzilla: 2268952
Bugzilla Description:
libreswan: Missing PreSharedKey for connection can cause crash
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-400
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-28757
Severity: moderate
Released on: 10/03/2024
Advisory: RHSA-2024:1530,
Bugzilla: 2268766
Bugzilla Description:
expat: XML Entity Expansion
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-776
Affected Packages: expat-0:2.5.0-1.el9_3.1,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2024-2313
Severity: low
Released on: 10/03/2024
Advisory:
Bugzilla: 2269014
Bugzilla Description:
bpftrace: unprivileged users can force loading of compromised linux headers
CVSS Score:
CVSSv3 Score: 2.8
Vector:
CWE: CWE-284
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-2314
Severity: low
Released on: 10/03/2024
Advisory:
Bugzilla: 2269019
Bugzilla Description:
bcc: unprivileged users can force loading of compromised linux headers
CVSS Score:
CVSSv3 Score: 2.8
Vector:
CWE: CWE-284
Affected Packages:
Package States: Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-28122
Severity: moderate
Released on: 09/03/2024
Advisory:
Bugzilla: 2268761
Bugzilla Description:
jwx: denial of service attack using compressed JWE message
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-400
Affected Packages:
Package States: OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,
Full Details
CVE document
CVE-2024-28176
Severity: moderate
Released on: 09/03/2024
Advisory:
Bugzilla: 2268820
Bugzilla Description:
jose: resource exhaustion
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-400
Affected Packages:
Package States: cert-manager Operator for Red Hat OpenShift,Custom metric autoscaler Operator for Red Hat Openshift,Custom metric autoscaler Operator for Red Hat Openshift,Logging Subsystem for Red Hat OpenShift,Migration Toolkit for Applications 6,Migration Toolkit for Applications 6,Migration Toolkit for Containers,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift Developer Tools and Services,OpenShift Pipelines,OpenShift Serverless,OpenShift Service Mesh 2,OpenShift Service Mesh 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 3,Red Hat Advanced Cluster Security 4,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 7,Red Hat Developer Hub,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform Assisted Installer,Red Hat OpenShift Container Platform Assisted Installer,Red Hat Openshift Container Storage 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift distributed tracing 2,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift on AWS,Red Hat Openshift sandboxed containers,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenStack Platform 16.2,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Storage 3,
Full Details
CVE document
CVE-2024-28180
Severity: moderate
Released on: 09/03/2024
Advisory: RHSA-2024:1812, RHSA-2024:1859, RHSA-2024:1574, RHSA-2024:1563, RHSA-2024:1567, RHSA-2024:1456,
Bugzilla: 2268854
Bugzilla Description:
jose-go: improper handling of highly compressed data
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-409
Affected Packages: custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8:2.12.1-376,custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator:2.12.1-376,cri-o-0:1.26.5-10.rhaos4.13.gita08b329.el9,cri-o-0:1.28.4-8.rhaos4.15.git24f50b9.el9,custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle:2.12.1-376,custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8:2.12.1-376,cri-o-0:1.25.3-5.2.rhaos4.12.git44a2cb2.el9,oadp/oadp-velero-plugin-rhel9:1.3.1-16,cri-o-0:1.27.4-6.1.rhaos4.14.gitd09e4c0.el8,custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8:2.12.1-376,
Package States: cert-manager Operator for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Migration Toolkit for Applications 6,Migration Toolkit for Applications 6,Migration Toolkit for Containers,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift Developer Tools and Services,OpenShift Pipelines,OpenShift Serverless,OpenShift Service Mesh 2,OpenShift Service Mesh 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 3,Red Hat Advanced Cluster Security 4,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 7,Red Hat Developer Hub,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 3.11,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform Assisted Installer,Red Hat OpenShift Container Platform Assisted Installer,Red Hat Openshift Container Storage 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift distributed tracing 2,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift on AWS,Red Hat Openshift sandboxed containers,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenStack Platform 16.2,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Storage 3,
Full Details
CVE document
CVE-2024-28102
Severity: moderate
Released on: 08/03/2024
Advisory:
Bugzilla: 2268758
Bugzilla Description:
python-jwcrypto: malicious JWE token can cause denial of service
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-400
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-42843
Severity: moderate
Released on: 08/03/2024
Advisory:
Bugzilla: 2271717
Bugzilla Description:
webkit: visiting a malicious website may lead to address bar spoofing
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-42950
Severity: important
Released on: 08/03/2024
Advisory:
Bugzilla: 2271718
Bugzilla Description:
webkit: heap use-after-free may lead to arbitrary code execution
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-42956
Severity: moderate
Released on: 08/03/2024
Advisory:
Bugzilla: 2271719
Bugzilla Description:
webkit: processing malicious web content may lead to a denial of service
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-1931
Severity: moderate
Released on: 07/03/2024
Advisory:
Bugzilla: 2268418
Bugzilla Description:
unbound: Infinite loop due to improper EDE message size check
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-27289
Severity: moderate
Released on: 07/03/2024
Advisory: RHSA-2024:1321,
Bugzilla: 2268465
Bugzilla Description:
pgx: SQL Injection via Line Comment Creation
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-89
Affected Packages: advanced-cluster-security/rhacs-collector-slim-rhel8:4.3.5-1,advanced-cluster-security/rhacs-scanner-db-slim-rhel8:4.3.5-1,advanced-cluster-security/rhacs-operator-bundle:4.3.5-4,advanced-cluster-security/rhacs-rhel8-operator:4.3.5-3,advanced-cluster-security/rhacs-scanner-db-rhel8:4.3.5-3,advanced-cluster-security/rhacs-collector-rhel8:4.3.5-3,advanced-cluster-security/rhacs-roxctl-rhel8:4.3.5-3,advanced-cluster-security/rhacs-scanner-slim-rhel8:4.3.5-3,advanced-cluster-security/rhacs-main-rhel8:4.3.5-4,advanced-cluster-security/rhacs-scanner-rhel8:4.3.5-3,advanced-cluster-security/rhacs-central-db-rhel8:4.3.5-3,
Package States: Migration Toolkit for Applications 6,Migration Toolkit for Applications 6,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 3,Red Hat Advanced Cluster Security 3,Red Hat Advanced Cluster Security 3,Red Hat Advanced Cluster Security 3,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform Assisted Installer,Red Hat OpenShift Container Platform Assisted Installer,Red Hat OpenShift Container Platform Assisted Installer,Red Hat Openshift Container Storage 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift on AWS,Red Hat OpenStack Platform 16.2,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,
Full Details
CVE document
CVE-2024-1442
Severity: moderate
Released on: 07/03/2024
Advisory:
Bugzilla: 2268486
Bugzilla Description:
grafana: Improper priviledge managent for users with data source permissions
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-269
Affected Packages:
Package States: Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Ceph Storage 4,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 3.11,Red Hat Storage 3,
Full Details
CVE document
CVE-2024-23226
Severity: important
Released on: 07/03/2024
Advisory:
Bugzilla: 2270286
Bugzilla Description:
webkit: processing malicious web content may lead to arbitrary code execution
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-23252
Severity: moderate
Released on: 07/03/2024
Advisory:
Bugzilla: 2270288
Bugzilla Description:
webkit: processing malicious web content may lead to denial-of-service
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-23254
Severity: moderate
Released on: 07/03/2024
Advisory:
Bugzilla: 2270289
Bugzilla Description:
webkit: malicious website may exfiltrate audio data cross-origin
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-23263
Severity: moderate
Released on: 07/03/2024
Advisory:
Bugzilla: 2270290
Bugzilla Description:
webkit: processing malicious web content prevents Content Security Policy from being enforced
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-23280
Severity: moderate
Released on: 07/03/2024
Advisory:
Bugzilla: 2270291
Bugzilla Description:
webkit: maliciously crafted webpage may be able to fingerprint the user
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-23284
Severity: moderate
Released on: 07/03/2024
Advisory:
Bugzilla: 2270292
Bugzilla Description:
webkit: processing maliciously crafted web content prevents Content Security Policy from being enforced
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-2236
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2245218
Bugzilla Description:
libgcrypt: vulnerable to Marvin Attack
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-385->CWE-208
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-1725
Severity: important
Released on: 06/03/2024
Advisory: RHSA-2024:1559,
Bugzilla: 2265398
Bugzilla Description:
kubevirt-csi: PersistentVolume allows access to HCP's root node
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-501
Affected Packages: openshift4/kubevirt-csi-driver-rhel8:v4.15.0-202403220332.p0.gd3bdbce.assembly.stream.el8,
Package States:
Full Details
CVE document
CVE-2024-26628
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268212
Bugzilla Description:
kernel: drm/amdkfd: Fix lock dependency warning
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26627
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268214
Bugzilla Description:
kernel: scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26626
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268216
Bugzilla Description:
kernel: ipmr: fix kernel panic when forwarding mcast packets
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26625
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268218
Bugzilla Description:
kernel: llc: call sock_orphan() at release time
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26624
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268221
Bugzilla Description:
kernel: af_unix: fix lockdep positive in sk_diag_dump_icons()
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26623
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268223
Bugzilla Description:
kernel: pds_core: Prevent race issues involving the adminq
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-28152
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268226
Bugzilla Description:
jenkins-2-plugins: Incorrect trust policy behavior for pull requests from forks in Bitbucket Branch Source Plugin
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-501
Affected Packages:
Package States: OpenShift Developer Tools and Services,Red Hat OpenShift Container Platform 3.11,
Full Details
CVE document
CVE-2024-28149
Severity: important
Released on: 06/03/2024
Advisory:
Bugzilla: 2268227
Bugzilla Description:
jenkins-2-plugins: Improper input sanitization in HTML Publisher Plugin
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-20
Affected Packages:
Package States: OpenShift Developer Tools and Services,Red Hat OpenShift Container Platform 3.11,
Full Details
CVE document
CVE-2024-28150
Severity: important
Released on: 06/03/2024
Advisory:
Bugzilla: 2268228
Bugzilla Description:
jenkins-2-plugins: Stored XSS vulnerability in HTML Publisher Plugin
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-79
Affected Packages:
Package States: OpenShift Developer Tools and Services,Red Hat OpenShift Container Platform 3.11,
Full Details
CVE document
CVE-2024-28151
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268229
Bugzilla Description:
jenkins-2-plugins: Path traversal vulnerability in HTML Publisher Plugin
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-22
Affected Packages:
Package States: OpenShift Developer Tools and Services,Red Hat OpenShift Container Platform 3.11,
Full Details
CVE document
CVE-2024-27304
Severity: moderate
Released on: 06/03/2024
Advisory: RHSA-2024:1321,
Bugzilla: 2268269
Bugzilla Description:
pgx: SQL Injection via Protocol Message Size Overflow
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-89
Affected Packages: advanced-cluster-security/rhacs-collector-slim-rhel8:4.3.5-1,advanced-cluster-security/rhacs-scanner-db-slim-rhel8:4.3.5-1,advanced-cluster-security/rhacs-operator-bundle:4.3.5-4,advanced-cluster-security/rhacs-rhel8-operator:4.3.5-3,advanced-cluster-security/rhacs-scanner-db-rhel8:4.3.5-3,advanced-cluster-security/rhacs-collector-rhel8:4.3.5-3,advanced-cluster-security/rhacs-roxctl-rhel8:4.3.5-3,advanced-cluster-security/rhacs-scanner-slim-rhel8:4.3.5-3,advanced-cluster-security/rhacs-main-rhel8:4.3.5-4,advanced-cluster-security/rhacs-scanner-rhel8:4.3.5-3,advanced-cluster-security/rhacs-central-db-rhel8:4.3.5-3,
Package States: Migration Toolkit for Applications 6,Migration Toolkit for Applications 6,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 3,Red Hat Advanced Cluster Security 3,Red Hat Advanced Cluster Security 3,Red Hat Advanced Cluster Security 3,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform Assisted Installer,Red Hat OpenShift Container Platform Assisted Installer,Red Hat OpenShift Container Platform Assisted Installer,Red Hat Openshift Container Storage 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift on AWS,Red Hat OpenStack Platform 16.2,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,
Full Details
CVE document
CVE-2023-52607
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268291
Bugzilla Description:
kernel: powerpc/mm: Fix null-pointer dereference in pgtable_cache_add
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-395
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52606
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268293
Bugzilla Description:
kernel: powerpc/lib: Validate size for vector operations
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52605
Severity: low
Released on: 06/03/2024
Advisory:
Bugzilla: 2268295
Bugzilla Description:
kernel: ACPI: extlog: fix NULL pointer dereference check
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52604
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268297
Bugzilla Description:
kernel: FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52603
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268299
Bugzilla Description:
kernel: UBSAN: array-index-out-of-bounds in dtSplitRoot
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52602
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268301
Bugzilla Description:
kernel: jfs: fix slab-out-of-bounds Read in dtSearch
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52601
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268303
Bugzilla Description:
kernel: jfs: fix array-index-out-of-bounds in dbAdjTree
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52600
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268305
Bugzilla Description:
kernel: jfs: fix uaf in jfs_evict_inode
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52599
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268307
Bugzilla Description:
kernel: jfs: fix array-index-out-of-bounds in diNewExt
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52598
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268309
Bugzilla Description:
kernel: s390/ptrace: handle setting of fpc register correctly
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52597
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268311
Bugzilla Description:
kernel: KVM: s390: fix setting of fpc register
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52596
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268313
Bugzilla Description:
kernel: sysctl: Fix out of bounds access for empty sysctl registers
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52595
Severity: low
Released on: 06/03/2024
Advisory:
Bugzilla: 2268315
Bugzilla Description:
kernel: wifi: rt2x00: restart beacon queue when hardware reset
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52594
Severity: low
Released on: 06/03/2024
Advisory:
Bugzilla: 2268317
Bugzilla Description:
kernel: wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52593
Severity: low
Released on: 06/03/2024
Advisory:
Bugzilla: 2268319
Bugzilla Description:
kernel: wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52592
Severity: low
Released on: 06/03/2024
Advisory:
Bugzilla: 2268321
Bugzilla Description:
kernel: libbpf: Fix NULL pointer dereference in bpf_object__collect_prog_relos
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52591
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268323
Bugzilla Description:
kernel: reiserfs: Avoid touching renamed directory if parent does not change
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52590
Severity: low
Released on: 06/03/2024
Advisory:
Bugzilla: 2268325
Bugzilla Description:
kernel: ocfs2: Avoid touching renamed directory if parent does not change
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52589
Severity: low
Released on: 06/03/2024
Advisory:
Bugzilla: 2268327
Bugzilla Description:
kernel: media: rkisp1: Fix IRQ disable race issue
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52588
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268329
Bugzilla Description:
kernel: f2fs: fix to tag gcing flag on page during block migration
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52587
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268331
Bugzilla Description:
kernel: IB/ipoib: Fix mcast list locking
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52586
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268333
Bugzilla Description:
kernel: drm/msm/dpu: Add mutex lock in control vblank irq
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52585
Severity: low
Released on: 06/03/2024
Advisory:
Bugzilla: 2268335
Bugzilla Description:
kernel: drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52584
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268337
Bugzilla Description:
kernel: spmi: mediatek: Fix UAF on device remove
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52583
Severity: moderate
Released on: 06/03/2024
Advisory:
Bugzilla: 2268339
Bugzilla Description:
kernel: ceph: fix deadlock or deadcode of misusing dget()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-25111
Severity: important
Released on: 06/03/2024
Advisory: RHSA-2024:1515, RHSA-2024:1376, RHSA-2024:1375, RHSA-2024:1479, RHSA-2024:1833, RHSA-2024:1832,
Bugzilla: 2268366
Bugzilla Description:
squid: Denial of Service in HTTP Chunked Decoding
CVSS Score:
CVSSv3 Score: 8.6
Vector:
CWE: CWE-674
Affected Packages: squid-7:5.2-1.el9_0.6,squid:4-8060020240312145037.ad008a3a,squid-7:5.5-6.el9_3.8,squid:4-8040020240312224211.522a0ee4,squid:4-8090020240314114525.a75119d5,squid-7:5.5-5.el9_2.6,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document
CVE-2024-27307
Severity: important
Released on: 06/03/2024
Advisory:
Bugzilla: 2268370
Bugzilla Description:
jsonata: malicious expression can pollute the "Object" prototype
CVSS Score:
CVSSv3 Score: 8.6
Vector:
CWE: CWE-1321
Affected Packages:
Package States: OpenShift Serverless,Red Hat Developer Hub,
Full Details
CVE document
CVE-2024-28110
Severity: moderate
Released on: 06/03/2024
Advisory: RHSA-2024:1333,
Bugzilla: 2268372
Bugzilla Description:
cloudevents/sdk-go: usage of WithRoundTripper to create a Client leaks credentials
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-522
Affected Packages: openshift-serverless-1/eventing-kafka-broker-post-install-rhel8:1.11.0-4,openshift-serverless-1/serverless-operator-bundle:1.32.0-9,openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8:1.11.0-4,openshift-serverless-1/func-utils-rhel8:1.32.0-3,openshift-serverless-1/eventing-mtping-rhel8:1.11.0-4,openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8:1.11.0-3,openshift-serverless-1/net-istio-webhook-rhel8:1.11.0-2,openshift-serverless-1/eventing-istio-controller-rhel8:1.11.0-2,openshift-serverless-1/net-istio-controller-rhel8:1.11.0-2,openshift-serverless-1/client-kn-rhel8:1.11.2-4,openshift-serverless-1/eventing-controller-rhel8:1.11.0-4,openshift-serverless-1/eventing-mtbroker-filter-rhel8:1.11.0-4,openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8:1.11.0-4,openshift-serverless-1/knative-rhel8-operator:1.32.0-2,openshift-serverless-1/eventing-kafka-broker-controller-rhel8:1.11.0-4,openshift-serverless-1/eventing-storage-version-migration-rhel8:1.11.0-4,openshift-serverless-1/serving-autoscaler-hpa-rhel8:1.11.0-2,openshift-serverless-1/svls-must-gather-rhel8:1.32.0-2,openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8:1.11.0-4,openshift-serverless-1/ingress-rhel8-operator:1.32.0-2,openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8:1.32.0-4,openshift-serverless-1/eventing-kafka-broker-webhook-rhel8:1.11.0-4,openshift-serverless-1/serving-autoscaler-rhel8:1.11.0-2,openshift-serverless-1/eventing-in-memory-channel-controller-rhel8:1.11.0-4,openshift-serverless-1/serving-storage-version-migration-rhel8:1.11.0-2,openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8:1.11.0-2,openshift-serverless-1-tech-preview/logic-data-index-ephemeral-rhel8:1.32.0-5,openshift-serverless-1-tech-preview/logic-rhel8-operator:1.32.0-8,openshift-serverless-1/kourier-control-rhel8:1.11.0-2,openshift-serverless-1/eventing-mtbroker-ingress-rhel8:1.11.0-4,openshift-serverless-1/serving-controller-rhel8:1.11.0-2,openshift-serverless-1-tech-preview/logic-operator-bundle:1.32.0-8,openshift-serverless-1/kn-cli-artifacts-rhel8:1.11.2-3,openshift-serverless-1/serving-queue-rhel8:1.11.0-2,openshift-serverless-1/eventing-mtchannel-broker-rhel8:1.11.0-4,openshift-serverless-1/eventing-webhook-rhel8:1.11.0-4,openshift-serverless-1/serving-activator-rhel8:1.11.0-2,openshift-serverless-1/serving-webhook-rhel8:1.11.0-2,openshift-serverless-1/eventing-kafka-broker-receiver-rhel8:1.11.0-4,openshift-serverless-1-tech-preview/logic-swf-builder-rhel8:1.32.0-5,openshift-serverless-1/serverless-rhel8-operator:1.32.0-2,
Package States: OpenShift Pipelines,OpenShift Serverless,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2023-5685
Severity: important
Released on: 05/03/2024
Advisory:
Bugzilla: 2241822
Bugzilla Description:
xnio: StackOverflowException when the chain of notifier states becomes problematically big
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-400
Affected Packages:
Package States: Red Hat build of Apache Camel 4.0 for Spring Boot,Red Hat build of Apache Camel for Spring Boot,Red Hat build of Apache Camel - HawtIO,Red Hat Build of Keycloak,Red Hat Data Grid 8,Red Hat Integration Camel K,Red Hat JBoss Data Grid 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Fuse Service Works 6,Red Hat Process Automation 7,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2022-48629
Severity: low
Released on: 05/03/2024
Advisory:
Bugzilla: 2267958
Bugzilla Description:
kernel: crypto: qcom-rng - ensure buffer for generate is completely filled
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-48630
Severity: low
Released on: 05/03/2024
Advisory:
Bugzilla: 2267959
Bugzilla Description:
kernel: crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-45290
Severity: moderate
Released on: 05/03/2024
Advisory:
Bugzilla: 2268017
Bugzilla Description:
golang: net/http: memory exhaustion in Request.ParseMultipartForm
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-20
Affected Packages:
Package States: cert-manager Operator for Red Hat OpenShift,Cost Management,Cryostat 2,Custom metric autoscaler Operator for Red Hat Openshift,Fence Agents Remediation Operator,Kube Descheduler Operator,Logging Subsystem for Red Hat OpenShift,Logical Volume Manager Storage,Machine Deletion Remediation Operator,Migration Toolkit for Applications 6,Migration Toolkit for Applications 7,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Multicluster Engine for Kubernetes,NBDE Tang Server,Network Observability Operator,Node HealthCheck Operator,Node Maintenance Operator,OpenShift API for Data Protection,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Pipelines,OpenShift Run Once Duration Override Operator,OpenShift Secondary Scheduler Operator,OpenShift Serverless,OpenShift Serverless,OpenShift Source-to-Image (S2I) Builder Image,Power monitoring for Red Hat OpenShift,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 3,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 7,Red Hat Certification for Red Hat Enterprise Linux 8,Red Hat Certification for Red Hat Enterprise Linux 9,Red Hat Developer Tools,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform Assisted Installer,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift distributed tracing 2,Red Hat OpenShift GitOps,Red Hat OpenShift on AWS,Red Hat Openshift sandboxed containers,Red Hat OpenShift Virtualization 4,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat Quay 3,Red Hat Service Interconnect 1,Red Hat Storage 3,Red Hat Storage 3,Red Hat Web Terminal,Self Node Remediation Operator,Service Telemetry Framework 1.5 for RHEL 8,
Full Details
CVE document
CVE-2023-45289
Severity: moderate
Released on: 05/03/2024
Advisory:
Bugzilla: 2268018
Bugzilla Description:
golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-200
Affected Packages:
Package States: cert-manager Operator for Red Hat OpenShift,Custom metric autoscaler Operator for Red Hat Openshift,Logging Subsystem for Red Hat OpenShift,Migration Toolkit for Applications 6,Migration Toolkit for Applications 7,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Multicluster Engine for Kubernetes,Network Observability Operator,OpenShift API for Data Protection,OpenShift Developer Tools and Services,OpenShift Pipelines,OpenShift Serverless,OpenShift Serverless,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 3,Red Hat Advanced Cluster Security 4,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 7,Red Hat Certification for Red Hat Enterprise Linux 8,Red Hat Certification for Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform Assisted Installer,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift distributed tracing 2,Red Hat OpenShift GitOps,Red Hat OpenShift on AWS,Red Hat Openshift sandboxed containers,Red Hat OpenShift Virtualization 4,Red Hat Quay 3,Red Hat Service Interconnect 1,Red Hat Storage 3,
Full Details
CVE document
CVE-2024-24783
Severity: moderate
Released on: 05/03/2024
Advisory:
Bugzilla: 2268019
Bugzilla Description:
golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-20->CWE-400
Affected Packages:
Package States: cert-manager Operator for Red Hat OpenShift,Cost Management,Cryostat 2,Custom metric autoscaler Operator for Red Hat Openshift,Fence Agents Remediation Operator,Kube Descheduler Operator,Logging Subsystem for Red Hat OpenShift,Logical Volume Manager Storage,Machine Deletion Remediation Operator,Migration Toolkit for Applications 6,Migration Toolkit for Applications 7,Migration Toolkit for Containers,Migration Toolkit for Virtualization,mirror registry for Red Hat OpenShift,Multicluster Engine for Kubernetes,NBDE Tang Server,Network Observability Operator,Node HealthCheck Operator,Node Maintenance Operator,OpenShift API for Data Protection,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Pipelines,OpenShift Run Once Duration Override Operator,OpenShift Secondary Scheduler Operator,OpenShift Serverless,OpenShift Serverless,OpenShift Source-to-Image (S2I) Builder Image,Power monitoring for Red Hat OpenShift,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 3,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 7,Red Hat Certification for Red Hat Enterprise Linux 8,Red Hat Certification for Red Hat Enterprise Linux 9,Red Hat Developer Tools,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform Assisted Installer,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift distributed tracing 2,Red Hat OpenShift GitOps,Red Hat OpenShift on AWS,Red Hat Openshift sandboxed containers,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat Quay 3,Red Hat Service Interconnect 1,Red Hat Storage 3,Red Hat Storage 3,Red Hat Web Terminal,Self Node Remediation Operator,Service Telemetry Framework 1.5 for RHEL 8,
Full Details
CVE document
CVE-2024-24784
Severity: moderate
Released on: 05/03/2024
Advisory:
Bugzilla: 2268021
Bugzilla Description:
golang: net/mail: comments in display names are incorrectly handled
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-115
Affected Packages:
Package States: cert-manager Operator for Red Hat OpenShift,Kube Descheduler Operator,Logging Subsystem for Red Hat OpenShift,Logical Volume Manager Storage,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Multicluster Engine for Kubernetes,OpenShift API for Data Protection,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Pipelines,OpenShift Run Once Duration Override Operator,OpenShift Secondary Scheduler Operator,OpenShift Serverless,OpenShift Serverless,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 3,Red Hat Advanced Cluster Security 4,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 7,Red Hat Certification for Red Hat Enterprise Linux 8,Red Hat Certification for Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform Assisted Installer,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift distributed tracing 2,Red Hat OpenShift GitOps,Red Hat Openshift sandboxed containers,Red Hat OpenShift Virtualization 4,Red Hat Quay 3,Red Hat Service Interconnect 1,Red Hat Storage 3,
Full Details
CVE document
CVE-2024-24785
Severity: moderate
Released on: 05/03/2024
Advisory:
Bugzilla: 2268022
Bugzilla Description:
golang: html/template: errors returned from MarshalJSON methods may break template escaping
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-74
Affected Packages:
Package States: cert-manager Operator for Red Hat OpenShift,Cost Management,Custom metric autoscaler Operator for Red Hat Openshift,Kube Descheduler Operator,Logging Subsystem for Red Hat OpenShift,Logical Volume Manager Storage,Migration Toolkit for Applications 6,Migration Toolkit for Applications 7,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Multicluster Engine for Kubernetes,Network Observability Operator,Node Maintenance Operator,OpenShift API for Data Protection,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Pipelines,OpenShift Run Once Duration Override Operator,OpenShift Secondary Scheduler Operator,OpenShift Serverless,OpenShift Serverless,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 3,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 7,Red Hat Certification for Red Hat Enterprise Linux 8,Red Hat Certification for Red Hat Enterprise Linux 9,Red Hat Developer Tools,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform Assisted Installer,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift distributed tracing 2,Red Hat OpenShift GitOps,Red Hat OpenShift on AWS,Red Hat Openshift sandboxed containers,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat Quay 3,Red Hat Service Interconnect 1,Red Hat Storage 3,Self Node Remediation Operator,
Full Details
CVE document
CVE-2024-24786
Severity: moderate
Released on: 05/03/2024
Advisory: RHSA-2024:1363, RHSA-2024:1362, RHSA-2024:1461, RHSA-2024:1538, RHSA-2024:1537, RHSA-2024:1559, RHSA-2024:1859, RHSA-2024:1507, RHSA-2024:1508, RHSA-2024:1574, RHSA-2024:1563, RHSA-2024:1474, RHSA-2024:1795, RHSA-2024:1665, RHSA-2024:1874, RHSA-2024:1456,
Bugzilla: 2268046
Bugzilla Description:
golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-835
Affected Packages: openshift-logging/logging-curator5-rhel9:v5.8.1-462,openshift4/noderesourcetopology-scheduler-container-rhel8:v4.13.5-1,openshift-logging/loki-rhel9-operator:v5.8.5-12,openshift4/numaresources-must-gather-rhel9:v4.14.3-39,openshift-logging/elasticsearch6-rhel9:v6.8.1-401,openshift4/numaresources-rhel9-operator:v4.14.3-3,cri-o-0:1.26.5-10.rhaos4.13.gita08b329.el9,openshift-logging/elasticsearch-proxy-rhel9:v1.0.0-471,openshift-logging/eventrouter-rhel9:v0.4.0-236,openshift4/numaresources-rhel8-operator:v4.12.8-8,openshift-logging/vector-rhel8:v0.21.0-126,openshift4/numaresources-operator-bundle:v4.12.8-28,openshift-logging/logging-loki-rhel8:v2.9.4-23,openshift-logging/logging-loki-rhel8:v2.9.4-24,cri-o-0:1.25.3-5.2.rhaos4.12.git44a2cb2.el9,openshift4/numaresources-must-gather-rhel9:v4.15.1-24,rhacm2/volsync-rhel9:v0.9.1-2,openshift-logging/loki-rhel8-operator:v5.6.17-16,openshift-logging/cluster-logging-rhel8-operator:v5.7.12-8,openshift-logging/eventrouter-rhel8:v0.4.0-234,rhacm2/acm-volsync-addon-controller-rhel8:v2.8.6-4,cri-o-0:1.27.4-5.rhaos4.14.git8d40fed.el8,openshift-logging/loki-operator-bundle:v5.7.12-46,openshift4/dpdk-base-rhel8:v4.14.3-2,openshift-logging/eventrouter-rhel8:v0.4.0-235,oadp/oadp-velero-rhel9:1.3.1-16,openshift4/dpdk-base-rhel8:v4.13.5-1,openshift4/performance-addon-operator-must-gather-rhel8:v4.13.5-1,oadp/oadp-velero-plugin-for-gcp-rhel9:1.3.1-11,openshift-logging/vector-rhel8:v0.28.1-55,openshift-logging/fluentd-rhel8:v1.14.6-213,openshift-logging/fluentd-rhel8:v1.14.6-214,openshift4/dpdk-base-rhel8:v4.15.1-2,openshift-logging/cluster-logging-operator-bundle:v5.6.17-18,openshift-logging/elasticsearch-operator-bundle:v5.6.17-8,openshift-logging/fluentd-rhel9:v5.8.5-3,oadp/oadp-velero-plugin-rhel9:1.3.1-16,openshift4/cnf-tests-rhel8:v4.12.8-8,openshift-logging/logging-loki-rhel9:v2.9.4-22,oadp/oadp-rhel9-operator:1.3.1-40,openshift4/numaresources-operator-bundle:v4.15.1-4,openshift4/numaresources-operator-bundle:v4.14.3-4,openshift-logging/elasticsearch-rhel8-operator:v5.6.17-3,openshift4/numaresources-rhel8-operator:v4.13.5-1,rhc-worker-script-0:0.7-1.el7_9,openshift4/dpdk-base-rhel8:v4.12.8-8,openshift-logging/elasticsearch-operator-bundle:v5.7.12-11,openshift-logging/cluster-logging-rhel8-operator:v5.6.17-7,openshift-logging/cluster-logging-operator-bundle:v5.7.12-18,openshift-logging/kibana6-rhel8:v6.8.1-427,openshift4/cnf-tests-rhel8:v4.14.3-4,openshift-logging/logging-view-plugin-rhel8:v5.7.12-3,openshift-logging/kibana6-rhel8:v6.8.1-428,oadp/oadp-velero-plugin-for-csi-rhel9:1.3.1-11,openshift-logging/cluster-logging-rhel9-operator:v5.8.5-7,openshift-logging/elasticsearch-operator-bundle:v5.8.5-7,openshift-logging/cluster-logging-operator-bundle:v5.8.5-17,openshift-logging/lokistack-gateway-rhel9:v0.1.0-497,openshift4/ose-baremetal-cluster-api-controllers-rhel9:v4.15.0-202403220332.p0.g298f47e.assembly.stream.el9,rhacm2/volsync-operator-bundle:v0.9.1-2,openshift4/performance-addon-operator-must-gather-rhel8:v4.12.8-16,openshift4/numaresources-operator-bundle:v4.13.5-1,openshift-logging/elasticsearch6-rhel8:v6.8.1-399,openshift-logging/vector-rhel9:v0.28.1-56,openshift4/cnf-tests-rhel8:v4.15.1-3,openshift4/numaresources-rhel9-operator:v4.15.1-3,openshift4/noderesourcetopology-scheduler-rhel9:v4.15.1-3,openshift-logging/logging-view-plugin-rhel8:v5.6.17-3,openshift-logging/log-file-metric-exporter-rhel9:v1.1.0-216,openshift-logging/elasticsearch-proxy-rhel8:v1.0.0-472,openshift-logging/loki-operator-bundle:v5.6.17-44,openshift-logging/elasticsearch-proxy-rhel8:v1.0.0-473,openshift-logging/elasticsearch-rhel8-operator:v5.7.12-3,openshift-logging/loki-rhel8-operator:v5.7.12-18,openshift-logging/opa-openshift-rhel8:v0.1.0-212,openshift-logging/opa-openshift-rhel8:v0.1.0-213,openshift4/noderesourcetopology-scheduler-rhel9:v4.14.3-3,openshift-logging/logging-curator5-rhel8:v5.8.1-460,openshift4/noderesourcetopology-scheduler-container-rhel8:v4.12.8-8,cri-o-0:1.28.4-8.rhaos4.15.git24f50b9.el9,openshift-logging/logging-curator5-rhel8:v5.8.1-461,openshift-logging/loki-operator-bundle:v5.8.5-23,openshift-logging/elasticsearch-rhel9-operator:v5.8.5-3,openshift-logging/lokistack-gateway-rhel8:v0.1.0-498,openshift4/cnf-tests-rhel8:v4.13.5-1,openshift-logging/lokistack-gateway-rhel8:v0.1.0-496,oadp/oadp-velero-plugin-for-microsoft-azure-rhel9:1.3.1-11,openshift-logging/elasticsearch6-rhel8:v6.8.1-400,openshift-logging/log-file-metric-exporter-rhel8:v1.1.0-215,openshift-logging/logging-view-plugin-rhel9:v5.8.5-4,openshift-logging/opa-openshift-rhel9:v0.1.0-211,openshift-logging/log-file-metric-exporter-rhel8:v1.1.0-214,
Package States: cert-manager Operator for Red Hat OpenShift,cert-manager Operator for Red Hat OpenShift,Custom metric autoscaler Operator for Red Hat Openshift,Kube Descheduler Operator,Kube Descheduler Operator,Logical Volume Manager Storage,Logical Volume Manager Storage,Migration Toolkit for Applications 7,Migration Toolkit for Applications 7,Migration Toolkit for Applications 7,Migration Toolkit for Applications 7,Migration Toolkit for Containers,Migration Toolkit for Containers,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,OpenShift API for Data Protection,OpenShift Developer Tools and Services,OpenShift Pipelines,OpenShift Run Once Duration Override Operator,OpenShift Run Once Duration Override Operator,OpenShift Secondary Scheduler Operator,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 3,Red Hat Advanced Cluster Security 3,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 6,Red Hat Ceph Storage 7,Red Hat Ceph Storage 7,Red Hat Certification for Red Hat Enterprise Linux 8,Red Hat Certification for Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Data Science (RHODS),Red Hat OpenShift Dev Spaces,Red Hat OpenShift distributed tracing 2,Red Hat OpenShift distributed tracing 2,Red Hat OpenShift distributed tracing 2,Red Hat OpenShift distributed tracing 2,Red Hat OpenShift distributed tracing 2,Red Hat OpenShift distributed tracing 2,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat Openshift sandboxed containers,Red Hat Openshift sandboxed containers,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenStack Platform 16.1,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Self Node Remediation Operator,
Full Details
CVE document
CVE-2024-27351
Severity: moderate
Released on: 04/03/2024
Advisory: RHSA-2024:1878, RHSA-2024:1640,
Bugzilla: 2266045
Bugzilla Description:
python-django: Potential regular expression denial-of-service in django.utils.text.Truncator.words()
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-1333
Affected Packages: python3x-django-0:4.2.11-1.el8ap,python-django-0:4.2.11-1.el8ui,python-django-0:4.2.11-1.el9ap,
Package States: Red Hat Ansible Automation Platform 1.2,Red Hat Ansible Automation Platform 2,Red Hat Certification for Red Hat Enterprise Linux 7,Red Hat Certification for Red Hat Enterprise Linux 8,Red Hat Certification for Red Hat Enterprise Linux 9,Red Hat Discovery,Red Hat OpenStack Platform 16.1,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat Satellite 6,Red Hat Storage 3,
Full Details
CVE document
CVE-2024-26622
Severity: moderate
Released on: 04/03/2024
Advisory:
Bugzilla: 2267721
Bugzilla Description:
kernel: tomoyo: fix UAF write bug in tomoyo_write_control()
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52579
Severity:
Released on: 04/03/2024
Advisory:
Bugzilla: 2267759
Bugzilla Description:
kernel: ipv4: NULL pointer dereference in ipv4_link_failure()
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47104
Severity: moderate
Released on: 04/03/2024
Advisory:
Bugzilla: 2267828
Bugzilla Description:
kernel: IB/qib: Fix memory leak in qib_user_sdma_queue_pkts()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47106
Severity: moderate
Released on: 04/03/2024
Advisory:
Bugzilla: 2267829
Bugzilla Description:
kernel: netfilter: nf_tables: fix use-after-free in nft_set_catchall_destroy()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47108
Severity: low
Released on: 04/03/2024
Advisory:
Bugzilla: 2267910
Bugzilla Description:
kernel: drm/mediatek: hdmi: Perform NULL pointer check for mtk_hdmi_conf
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47107
Severity: moderate
Released on: 04/03/2024
Advisory:
Bugzilla: 2267911
Bugzilla Description:
kernel: NFSD: Fix READDIR buffer overflow
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47105
Severity: moderate
Released on: 04/03/2024
Advisory:
Bugzilla: 2267912
Bugzilla Description:
kernel: ice: xsk: return xsk buffers back to pool when cleaning the ring
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47103
Severity: moderate
Released on: 04/03/2024
Advisory:
Bugzilla: 2267914
Bugzilla Description:
kernel: inet: fully convert sk->sk_rx_dst to RCU rules
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47102
Severity: moderate
Released on: 04/03/2024
Advisory:
Bugzilla: 2267915
Bugzilla Description:
kernel: net: marvell: prestera: fix incorrect structure access
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47101
Severity: low
Released on: 04/03/2024
Advisory:
Bugzilla: 2267916
Bugzilla Description:
kernel: asix: fix uninit-value in asix_mdio_read()
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-457
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47100
Severity: moderate
Released on: 04/03/2024
Advisory:
Bugzilla: 2267918
Bugzilla Description:
kernel: ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47099
Severity: moderate
Released on: 04/03/2024
Advisory: RHSA-2024:1877,
Bugzilla: 2267919
Bugzilla Description:
kernel: veth: ensure skb entering GRO are not cloned.
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-20
Affected Packages: kernel-0:4.18.0-372.100.1.el8_6,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47098
Severity: moderate
Released on: 04/03/2024
Advisory:
Bugzilla: 2267920
Bugzilla Description:
kernel: hwmon: (lm90) Prevent integer overflow/underflow in hysteresis calculations
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47097
Severity: moderate
Released on: 04/03/2024
Advisory:
Bugzilla: 2267925
Bugzilla Description:
kernel: Input: elantech - fix stack out of bound access in elantech_change_report_id()
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47096
Severity: moderate
Released on: 04/03/2024
Advisory:
Bugzilla: 2267927
Bugzilla Description:
kernel: ALSA: rawmidi - fix the uninitalized user_pversion
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-457
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47095
Severity: moderate
Released on: 04/03/2024
Advisory:
Bugzilla: 2267928
Bugzilla Description:
kernel: ipmi: ssif: initialize ssif_info->client early
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47094
Severity: moderate
Released on: 04/03/2024
Advisory:
Bugzilla: 2267929
Bugzilla Description:
kernel: KVM: x86/mmu: Don't advance iterator after restart due to yielding
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47093
Severity: low
Released on: 04/03/2024
Advisory:
Bugzilla: 2267931
Bugzilla Description:
kernel: platform/x86: intel_pmc_core: fix memleak on registration failure
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47092
Severity: moderate
Released on: 04/03/2024
Advisory:
Bugzilla: 2267932
Bugzilla Description:
kernel: KVM: VMX: Always clear vmx->fail on emulation_required
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47091
Severity: moderate
Released on: 04/03/2024
Advisory:
Bugzilla: 2267934
Bugzilla Description:
kernel: mac80211: fix locking in ieee80211_start_ap error path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47090
Severity: moderate
Released on: 04/03/2024
Advisory:
Bugzilla: 2267935
Bugzilla Description:
kernel: mm/hwpoison: clear MF_COUNT_INCREASED before retrying get_any_page()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47089
Severity: moderate
Released on: 04/03/2024
Advisory:
Bugzilla: 2267936
Bugzilla Description:
kernel: kfence: fix memory leak when cat kfence objects
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47088
Severity: moderate
Released on: 04/03/2024
Advisory:
Bugzilla: 2267937
Bugzilla Description:
kernel: mm/damon/dbgfs: protect targets destructions with kdamond_lock
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47087
Severity: moderate
Released on: 04/03/2024
Advisory:
Bugzilla: 2267938
Bugzilla Description:
kernel: tee: optee: Fix incorrect page free bug
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47086
Severity: moderate
Released on: 04/03/2024
Advisory:
Bugzilla: 2267939
Bugzilla Description:
kernel: phonet/pep: refuse to enable an unbound pipe
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47085
Severity: moderate
Released on: 04/03/2024
Advisory:
Bugzilla: 2267940
Bugzilla Description:
kernel: hamradio: improve the incomplete fix to avoid NPD
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47084
Severity: moderate
Released on: 04/03/2024
Advisory:
Bugzilla: 2267941
Bugzilla Description:
kernel: hamradio: defer ax25 kfree after unregister_netdev
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47083
Severity: moderate
Released on: 04/03/2024
Advisory:
Bugzilla: 2267942
Bugzilla Description:
kernel: pinctrl: mediatek: fix global-out-of-bounds issue
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47082
Severity: low
Released on: 04/03/2024
Advisory:
Bugzilla: 2267943
Bugzilla Description:
kernel: tun: avoid double free in tun_free_netdev
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-415
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-1936
Severity: important
Released on: 04/03/2024
Advisory: RHSA-2024:1493, RHSA-2024:1492, RHSA-2024:1495, RHSA-2024:1494, RHSA-2024:1497, RHSA-2024:1496, RHSA-2024:1499, RHSA-2024:1498, RHSA-2024:1500,
Bugzilla: 2268171
Bugzilla Description:
Mozilla: Leaking of encrypted email subjects to other conversations
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-311
Affected Packages: thunderbird-0:115.9.0-1.el8_9,thunderbird-0:115.9.0-1.el7_9,thunderbird-0:115.9.0-1.el8_8,thunderbird-0:115.9.0-1.el8_6,thunderbird-0:115.9.0-1.el8_4,thunderbird-0:115.9.0-1.el9_3,thunderbird-0:115.9.0-1.el9_2,thunderbird-0:115.9.0-1.el8_2,thunderbird-0:115.9.0-1.el9_0,
Package States: Red Hat Enterprise Linux 6,
Full Details
CVE document
CVE-2019-25210
Severity: moderate
Released on: 03/03/2024
Advisory: RHSA-2024:1549, RHSA-2024:1570,
Bugzilla: 2268201
Bugzilla Description:
helm: shows secrets with --dry-run option in clear text
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-201
Affected Packages: advanced-cluster-security/rhacs-scanner-db-slim-rhel8:4.4.0-2,advanced-cluster-security/rhacs-scanner-rhel8:4.4.0-11,advanced-cluster-security/rhacs-operator-bundle:4.3.6-4,advanced-cluster-security/rhacs-rhel8-operator:4.3.6-2,advanced-cluster-security/rhacs-scanner-slim-rhel8:4.4.0-11,advanced-cluster-security/rhacs-rhel8-operator:4.4.0-9,advanced-cluster-security/rhacs-main-rhel8:4.3.6-4,advanced-cluster-security/rhacs-scanner-rhel8:4.3.6-3,advanced-cluster-security/rhacs-roxctl-rhel8:4.4.0-9,advanced-cluster-security/rhacs-central-db-rhel8:4.3.6-2,advanced-cluster-security/rhacs-scanner-db-rhel8:4.4.0-11,advanced-cluster-security/rhacs-collector-slim-rhel8:4.3.6-1,advanced-cluster-security/rhacs-collector-rhel8:4.3.6-3,advanced-cluster-security/rhacs-collector-slim-rhel8:4.4.0-2,advanced-cluster-security/rhacs-operator-bundle:4.4.0-17,advanced-cluster-security/rhacs-scanner-v4-db-rhel8:4.4.0-8,advanced-cluster-security/rhacs-scanner-db-slim-rhel8:4.3.6-1,advanced-cluster-security/rhacs-scanner-v4-rhel8:4.4.0-13,advanced-cluster-security/rhacs-scanner-db-rhel8:4.3.6-3,advanced-cluster-security/rhacs-main-rhel8:4.4.0-17,advanced-cluster-security/rhacs-scanner-slim-rhel8:4.3.6-3,advanced-cluster-security/rhacs-roxctl-rhel8:4.3.6-2,advanced-cluster-security/rhacs-collector-rhel8:4.4.0-2,advanced-cluster-security/rhacs-central-db-rhel8:4.4.0-9,
Package States: cert-manager Operator for Red Hat OpenShift,OpenShift Service Mesh 2,OpenShift Service Mesh 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 3,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenStack Platform 16.2,
Full Details
CVE document
CVE-2024-26621
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267505
Bugzilla Description:
kernel: mm: huge_memory: don't force huge page alignment on 32 bit
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-48628
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267507
Bugzilla Description:
kernel: ceph: drop messages from MDS when unmounting
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-311
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-48627
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267509
Bugzilla Description:
kernel: vt: fix memory overlapping when deleting chars in the buffer
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-1260
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52566
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267719
Bugzilla Description:
kernel: nilfs2: potential use after free in nilfs_gccache_submit_read_data()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52565
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267724
Bugzilla Description:
kernel: media: uvcvideo: out-of-bounds read in uvc_query_v4l2_menu()
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52563
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267728
Bugzilla Description:
kernel: drm/meson: memory leak on ->hpd_notify callback
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52560
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267730
Bugzilla Description:
kernel: mm/damon/vaddr-test: memory leak in damon_do_test_apply_three_regions()
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52559
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267733
Bugzilla Description:
kernel: iommu/vt-d: memory allocation in iommu_suspend() leading to intermittent suspend/hibernation
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52561
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267736
Bugzilla Description:
kernel: arm64: dts: qcom: sdm845-db845c: unreserved cont splash memory region leads to kernel panic
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-188
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52562
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267737
Bugzilla Description:
kernel: mm/slab_common: slab_caches list corruption after kmem_cache_destroy()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52564
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267738
Bugzilla Description:
kernel: tty: n_gsm: use-after-free in gsm_cleanup_mux()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52567
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267739
Bugzilla Description:
kernel: serial: 8250_port: IRQ data NULL pointer dereference
CVSS Score:
CVSSv3 Score: 4.1
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52568
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267740
Bugzilla Description:
kernel: x86/sgx: SECS reclaim vs. page fault for EAUG race
CVSS Score:
CVSSv3 Score: 4.1
Vector:
CWE: CWE-362->CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52569
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267741
Bugzilla Description:
kernel: btrfs: improper BUG() call after failure to insert delayed dir index item
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-755
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52570
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267744
Bugzilla Description:
kernel: vfio/mdev: fault injection leading to NULL pointer dereference in mdev_unregister_parent()
CVSS Score:
CVSSv3 Score: 4.1
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52571
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267745
Bugzilla Description:
kernel: power: supply: rk817: refcount leak in rk817_charger_probe()
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52572
Severity:
Released on: 02/03/2024
Advisory:
Bugzilla: 2267746
Bugzilla Description:
kernel: cifs: use-after-free in cifs_demultiplex_thread()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52573
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267748
Bugzilla Description:
kernel: net: rds: NULL pointer dereference in rds_rdma_cm_event_handler_cmn()
CVSS Score:
CVSSv3 Score: 4.1
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52574
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267750
Bugzilla Description:
kernel: team: NULL pointer dereference when team device type is changed
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52575
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267751
Bugzilla Description:
kernel: x86/srso: SBPB enablement for spec_rstack_overflow=off
CVSS Score:
CVSSv3 Score: 5.6
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52576
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267755
Bugzilla Description:
kernel: x86/mm, kexec, ima: potential use-after-free in memblock_isolate_range()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52577
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267757
Bugzilla Description:
kernel: dccp: out-of-bounds access in dccp_v4_err() and dccp_v6_err()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52578
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267758
Bugzilla Description:
kernel: net: bridge: data races indata-races in br_handle_frame_finish()
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52580
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267760
Bugzilla Description:
kernel: net/core: kernel crash in ETH_P_1588 flow dissector
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52581
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267761
Bugzilla Description:
kernel: netfilter: nf_tables: memory leak when more than 255 elements expired
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52582
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267762
Bugzilla Description:
kernel: netfs: improper loop in netfs_rreq_unlock_folios()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-606
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52512
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267771
Bugzilla Description:
kernel: pinctrl: nuvoton: wpcm450: fix out of bounds write
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52511
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267772
Bugzilla Description:
kernel: spi: sun6i: reduce DMA RX transfer width to single byte
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52510
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267773
Bugzilla Description:
kernel: ieee802154: ca8210: Fix a potential UAF in ca8210_probe
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52509
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267774
Bugzilla Description:
kernel: ravb: Fix use-after-free issue in ravb_tx_timeout_work()
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52508
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267775
Bugzilla Description:
kernel: nvme-fc: Prevent null pointer dereference in nvme_fc_io_getuuid()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52507
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267776
Bugzilla Description:
kernel: nfc: nci: assert requested protocol is valid
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52506
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267777
Bugzilla Description:
kernel: LoongArch: Set all reserved memblocks on Node#0 at initialization
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52505
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267778
Bugzilla Description:
kernel: phy: lynx-28g: serialize concurrent phy_set_mode_ext() calls to shared registers
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-414
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52504
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267779
Bugzilla Description:
kernel: x86/alternatives: Disable KASAN in apply_alternatives()
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52503
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267780
Bugzilla Description:
kernel: tee: amdtee: fix use-after-free vulnerability in amdtee_close_session
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52502
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267781
Bugzilla Description:
kernel: net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn()
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52501
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267782
Bugzilla Description:
kernel: ring-buffer: Do not attempt to read past "commit"
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52500
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267783
Bugzilla Description:
kernel: scsi: pm80xx: Avoid leaking tags when processing OPC_INB_SET_CONTROLLER_CONFIG command
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52499
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267784
Bugzilla Description:
kernel: powerpc/47x: Fix 47x syscall return crash
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52532
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267785
Bugzilla Description:
kernel: net: mana: Fix TX CQE error handling
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52531
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267786
Bugzilla Description:
kernel: wifi: iwlwifi: mvm: Fix a memory corruption issue
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-400
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52530
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267787
Bugzilla Description:
kernel: wifi: mac80211: fix potential key use-after-free
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52529
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267788
Bugzilla Description:
kernel: HID: sony: Fix a potential memory leak in sony_probe()
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52528
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267789
Bugzilla Description:
kernel: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-252
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52527
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267790
Bugzilla Description:
kernel: ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data()
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52526
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267791
Bugzilla Description:
kernel: erofs: fix memory leak of LZMA global compressed deduplication
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52525
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267792
Bugzilla Description:
kernel: wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52524
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267793
Bugzilla Description:
kernel: net: nfc: llcp: Add lock when modifying device list
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-414
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52523
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267794
Bugzilla Description:
kernel: bpf, sockmap: Reject sk_msg egress redirects to non-TCP sockets
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52522
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267795
Bugzilla Description:
kernel: net: fix possible store tearing in neigh_periodic_work()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52521
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267796
Bugzilla Description:
kernel: bpf: Annotate bpf_long_memcpy with data_race
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52520
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267797
Bugzilla Description:
kernel: platform/x86: think-lmi: Fix reference leak
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52519
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267798
Bugzilla Description:
kernel: HID: intel-ish-hid: ipc: Disable and reenable ACPI GPE bit
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52518
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267799
Bugzilla Description:
kernel: Bluetooth: hci_codec: Fix leaking content of local_codecs
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52517
Severity: moderate
Released on: 02/03/2024
Advisory:
Bugzilla: 2267800
Bugzilla Description:
kernel: spi: sun6i: fix race between DMA RX transfer completion and RX FIFO drain
CVSS Score:
CVSSv3 Score: 5.7
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52516
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267801
Bugzilla Description:
kernel: dma-debug: don't call __dma_entry_alloc_check_leak() under free_entries_lock
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52515
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267802
Bugzilla Description:
kernel: RDMA/srp: Do not call scsi_done() from srp_abort()
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52514
Severity:
Released on: 02/03/2024
Advisory:
Bugzilla: 2267803
Bugzilla Description:
kernel: x86/reboot: VMCLEAR active VMCSes before emergency reboot
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52513
Severity: low
Released on: 02/03/2024
Advisory:
Bugzilla: 2267804
Bugzilla Description:
kernel: RDMA/siw: Fix connection failure handling
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-1441
Severity: moderate
Released on: 01/03/2024
Advisory:
Bugzilla: 2263841
Bugzilla Description:
libvirt: off-by-one error in udevListInterfacesByStatus()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-193
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8 Advanced Virtualization,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47072
Severity: moderate
Released on: 01/03/2024
Advisory:
Bugzilla: 2267370
Bugzilla Description:
kernel: btrfs: fix removed dentries still existing after log is synced
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47071
Severity: low
Released on: 01/03/2024
Advisory:
Bugzilla: 2267373
Bugzilla Description:
kernel: uio_hv_generic: Fix a memory leak in error handling paths
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47069
Severity: moderate
Released on: 01/03/2024
Advisory:
Bugzilla: 2267513
Bugzilla Description:
kernel: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47070
Severity: low
Released on: 01/03/2024
Advisory:
Bugzilla: 2267516
Bugzilla Description:
kernel: uio_hv_generic: Fix another memory leak in error handling paths
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47073
Severity: low
Released on: 01/03/2024
Advisory:
Bugzilla: 2267518
Bugzilla Description:
kernel: platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios
CVSS Score:
CVSSv3 Score: 2.3
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47074
Severity: low
Released on: 01/03/2024
Advisory:
Bugzilla: 2267521
Bugzilla Description:
kernel: nvme-loop: fix memory leak in nvme_loop_create_ctrl()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47075
Severity: low
Released on: 01/03/2024
Advisory:
Bugzilla: 2267523
Bugzilla Description:
kernel: nvmet: fix memory leak in nvmet_alloc_ctrl()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47076
Severity: low
Released on: 01/03/2024
Advisory:
Bugzilla: 2267525
Bugzilla Description:
kernel: RDMA/rxe: Return CQE error if invalid lkey was supplied
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47077
Severity: low
Released on: 01/03/2024
Advisory:
Bugzilla: 2267527
Bugzilla Description:
kernel: scsi: qedf: Add pointer checks in qedf_update_link_speed()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47078
Severity: moderate
Released on: 01/03/2024
Advisory:
Bugzilla: 2267529
Bugzilla Description:
kernel: RDMA/rxe: Clear all QP fields if creation failed
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47079
Severity: low
Released on: 01/03/2024
Advisory:
Bugzilla: 2267531
Bugzilla Description:
kernel: platform/x86: ideapad-laptop: fix a NULL pointer dereference
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47080
Severity: low
Released on: 01/03/2024
Advisory:
Bugzilla: 2267533
Bugzilla Description:
kernel: RDMA/core: Prevent divide-by-zero error triggered by the user
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-369
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47081
Severity: moderate
Released on: 01/03/2024
Advisory:
Bugzilla: 2267535
Bugzilla Description:
kernel: habanalabs/gaudi: Fix a potential use after free in gaudi_memset_device_memory
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-1657
Severity: important
Released on: 29/02/2024
Advisory: RHSA-2024:1057,
Bugzilla: 2265085
Bugzilla Description:
ansible automation platform: Insecure websocket used when interacting with EDA server
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-923->CWE-1385
Affected Packages: ansible-automation-platform-installer-0:2.4-6.el9ap,ansible-automation-platform-installer-0:2.4-6.el8ap,ansible-rulebook-0:1.0.5-1.el9ap,ansible-rulebook-0:1.0.5-1.el8ap,automation-eda-controller-0:1.0.5-1.el9ap,automation-eda-controller-0:1.0.5-1.el8ap,
Package States:
Full Details
CVE document
CVE-2023-52475
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2266916
Bugzilla Description:
kernel: use-after-free in powermate_config_complete
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-51775
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2266921
Bugzilla Description:
jose4j: denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: OpenShift Developer Tools and Services,OpenShift Serverless,Red Hat build of Apache Camel 4.0 for Spring Boot,Red Hat build of Apache Camel for Spring Boot,Red Hat build of Apache Camel - HawtIO,Red Hat Build of Keycloak,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Integration Camel K,Red Hat Integration Change Data Capture,Red Hat Integration Service Registry,Red Hat JBoss A-MQ Streams,Red Hat JBoss Data Grid 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Fuse 7,Red Hat OpenShift Container Platform 3.11,Red Hat Process Automation 7,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2023-51774
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2266922
Bugzilla Description:
json-jwt: bypass of identity checks via a sign/encryption confusion attack
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,
Full Details
CVE document
CVE-2023-52484
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2267023
Bugzilla Description:
kernel: iommu/arm-smmu-v3: Fix soft lockup triggered by arm_smmu_mm_invalidate_range
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-400
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52483
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2267026
Bugzilla Description:
kernel: mctp: perform route lookups under a RCU read-side lock
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52482
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2267028
Bugzilla Description:
kernel: x86/srso: Add SRSO mitigation for Hygon processors
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-562
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52481
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2267030
Bugzilla Description:
kernel: arm64: errata: Add Cortex-A520 speculative unprivileged load workaround
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-1300
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52480
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2267032
Bugzilla Description:
kernel: ksmbd: fix race condition between session lookup and expire
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52479
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2267034
Bugzilla Description:
kernel: ksmbd: fix uaf in smb20_oplock_break_ack
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52478
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2267036
Bugzilla Description:
kernel: HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52477
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2267038
Bugzilla Description:
kernel: usb: hub: Guard against accesses to uninitialized BOS descriptors
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52476
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2267041
Bugzilla Description:
kernel: perf/x86/lbr: Filter vsyscall addresses
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-404
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26607
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2267080
Bugzilla Description:
kernel: drm/bridge: sii902x: Fix probing race issue
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47066
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2267162
Bugzilla Description:
kernel: async_xor: increase src_offs when dropping destination page cause data corruption
CVSS Score:
CVSSv3 Score: 3.4
Vector:
CWE: CWE-222
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47065
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2267165
Bugzilla Description:
kernel: rtw88: Fix array overrun in rtw_get_tx_power_params()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47064
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2267167
Bugzilla Description:
kernel: mt76: fix potential DMA mapping leak
CVSS Score:
CVSSv3 Score: 2.3
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47063
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2267169
Bugzilla Description:
kernel: drm: bridge/panel: UAF while Cleanup connector on bridge detach
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47062
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2267171
Bugzilla Description:
kernel: KVM: SVM: null pointer in online_vcpus, not created_vcpus, to iterate over vCPUs
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47061
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2267173
Bugzilla Description:
kernel: KVM: use-after-free while destroy I/O bus devices on unregister failure
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47060
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2267175
Bugzilla Description:
kernel: KVM: use-after-free while looking for coalesced MMIO zones if the bus is destroyed
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47059
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2267177
Bugzilla Description:
kernel: crypto: sun8i-ss - fix result memory leak on error path
CVSS Score:
CVSSv3 Score: 2.3
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47058
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2267179
Bugzilla Description:
kernel: use-after-free regmap: set debugfs_name to NULL after it is freed
CVSS Score:
CVSSv3 Score: 3.4
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47057
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2267181
Bugzilla Description:
kernel: crypto: sun8i-ss - Fix memory leak of object d when dma_iv fails to map
CVSS Score:
CVSSv3 Score: 2.3
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47056
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2267183
Bugzilla Description:
kernel: crypto: denial-of-service in ADF_STATUS_PF_RUNNING should be set after adf_dev_init
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47055
Severity:
Released on: 29/02/2024
Advisory:
Bugzilla: 2267185
Bugzilla Description:
kernel: mtd: require write permissions for locking and badblock ioctls
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47054
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2267187
Bugzilla Description:
kernel: bus: qcom: memory leak while put child node before return
CVSS Score:
CVSSv3 Score: 2.3
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47068
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2267190
Bugzilla Description:
kernel: net/nfc: fix use-after-free llcp_sock_bind/connect
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47067
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2267192
Bugzilla Description:
kernel: soc/tegra: regulators: Fix locking up when voltage-spread is out of range
CVSS Score:
CVSSv3 Score: 2.3
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52485
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2267195
Bugzilla Description:
kernel: drm/amd/display: Wake DMCUB before sending a command cause deadlock
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46959
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2267198
Bugzilla Description:
kernel: spi: Fix use-after-free with devm_spi_alloc_*
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47016
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2267200
Bugzilla Description:
kernel: m68k: mvme147,mvme16x: Don't wipe PCC timer config bits
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47020
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2267202
Bugzilla Description:
kernel: soundwire: stream: fix memory leak in stream config error path
CVSS Score:
CVSSv3 Score: 2.3
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-24246
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2267204
Bugzilla Description:
qpdf: Heap Buffer Overflow vulnerability in qpdf
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-126
Affected Packages:
Package States: Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52497
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2267333
Bugzilla Description:
kernel: erofs: fix lz4 inplace decompression
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26616
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2267352
Bugzilla Description:
kernel: btrfs: scrub: avoid use-after-free when chunk length is not 64K aligned
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26615
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2267355
Bugzilla Description:
kernel: net/smc: fix illegal rmb_desc access in SMC-D connection dump
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52496
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2268451
Bugzilla Description:
kernel: mtd: maps: vmu-flash: Fix the (mtd core) switch to ref counters
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52488
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2268455
Bugzilla Description:
kernel: serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52498
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2269063
Bugzilla Description:
kernel: PM: sleep: Fix possible deadlocks in core system-wide PM code
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52487
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2269067
Bugzilla Description:
kernel: net/mlx5e: Fix peer flow lists handling
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52486
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2269070
Bugzilla Description:
kernel: drm: Don't unref the same fb many times by mistake due to deadlock handling
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52495
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2269177
Bugzilla Description:
kernel: soc: qcom: pmic_glink_altmode: fix port sanity check
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52494
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2269179
Bugzilla Description:
kernel: bus: mhi: host: Add alignment check for event ring read pointer
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52493
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2269181
Bugzilla Description:
kernel: bus: mhi: host: Drop chan lock before queuing buffers
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-414
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52492
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2269183
Bugzilla Description:
kernel: dmaengine: fix NULL pointer in channel unregistration function
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52491
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2269185
Bugzilla Description:
kernel: media: mtk-jpeg: Fix use after free bug due to error path handling in mtk_jpeg_dec_device_run
CVSS Score:
CVSSv3 Score: 4.1
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52490
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2269187
Bugzilla Description:
kernel: mm: migrate: fix getting incorrect page mapping during page migration
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52489
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2269189
Bugzilla Description:
kernel: mm/sparsemem: fix race in accessing memory_section->usage
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26618
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2269192
Bugzilla Description:
hw: arm64/sme: Always exit sme_alloc() early with existing storage
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26617
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2269194
Bugzilla Description:
kernel: fs/proc/task_mmu: move mmu notification mechanism inside mm lock
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26619
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2269197
Bugzilla Description:
kernel: riscv: Fix module loading free order
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26613
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2269199
Bugzilla Description:
kernel: net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26612
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2269201
Bugzilla Description:
kernel: netfs, fscache: Prevent Oops in fscache_put_cache()
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26611
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2269203
Bugzilla Description:
kernel: xsk: fix usage of multi-buffer BPF helpers for ZC XDP
CVSS Score:
CVSSv3 Score: 2.3
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26608
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2269206
Bugzilla Description:
kernel: ksmbd: fix global oob in ksmbd_nl_policy
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26614
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2269211
Bugzilla Description:
kernel: tcp: make sure init the accept_queue's spinlocks once
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26610
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2269213
Bugzilla Description:
kernel: wifi: iwlwifi: fix a memory corruption
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-680
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26609
Severity: moderate
Released on: 29/02/2024
Advisory:
Bugzilla: 2269217
Bugzilla Description:
kernel: netfilter: nf_tables: reject QUEUE/DROP verdict parameters
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26620
Severity: low
Released on: 29/02/2024
Advisory:
Bugzilla: 2269235
Bugzilla Description:
kernel: s390/vfio-ap: always filter entire AP matrix
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-0560
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2258456
Bugzilla Description:
apicast: use_3scale_oidc_issuer_endpoint of Token Introspection policy isn't compatible with RH-SSO 7.5 or later versions
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-280
Affected Packages:
Package States: Red Hat 3scale API Management Platform 2,
Full Details
CVE document
CVE-2021-47017
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266588
Bugzilla Description:
kernel: use after free in ath10k_htc_send_bundle
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47018
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266594
Bugzilla Description:
kernel: ensure definition of the fixmap area is in a limit
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47019
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266597
Bugzilla Description:
kernel: mt76: possible invalid register access
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47048
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266614
Bugzilla Description:
kernel: spi: spi-zynqmp-gqspi: fix use-after-free in zynqmp_qspi_exec_op
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47053
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266720
Bugzilla Description:
kernel: crypto: sun8i-ss - Fix memory leak of pad
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47052
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266722
Bugzilla Description:
kernel: crypto: sa2ul - Fix memory leak of rxd
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47045
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266724
Bugzilla Description:
kernel: scsi: lpfc: Fix null pointer dereference in lpfc_prep_els_iocb()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47051
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266728
Bugzilla Description:
kernel: spi: fsl-lpspi: Fix PM reference leak in lpspi_prepare_xfer_hardware()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26458
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266731
Bugzilla Description:
krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47050
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266735
Bugzilla Description:
kernel: memory: renesas-rpc-if: fix possible NULL pointer dereference of resource
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47014
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266738
Bugzilla Description:
kernel: net/sched: act_ct: fix wild memory access when clearing fragments
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-119
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26461
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266740
Bugzilla Description:
krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-26462
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266742
Bugzilla Description:
krb5: Memory leak at /krb5/src/kdc/ndr.c
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46984
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266750
Bugzilla Description:
kernel: kyber: fix out of bounds access when preempted
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46987
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266752
Bugzilla Description:
kernel: btrfs: fix deadlock when cloning inline extents and using qgroups
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47009
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266756
Bugzilla Description:
kernel: KEYS: trusted: Fix memory leak on object td
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47047
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266758
Bugzilla Description:
kernel: spi: spi-zynqmp-gqspi: return -ENOMEM if dma_map_single fails
CVSS Score:
CVSSv3 Score: 5.6
Vector:
CWE: CWE-253
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47015
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266760
Bugzilla Description:
kernel: bnxt_en: Fix RX consumer index logic in the error path
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-612
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47013
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266841
Bugzilla Description:
kernel: net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send
CVSS Score:
CVSSv3 Score: 5.1
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47012
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266844
Bugzilla Description:
kernel: RDMA/siw: Fix a use after free in siw_alloc_mr
CVSS Score:
CVSSv3 Score: 5.1
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47011
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266847
Bugzilla Description:
kernel: mm: memcontrol: slab: fix obtain a reference to a freeing memcg
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47010
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266849
Bugzilla Description:
kernel: net: Only allow init netns to set default tcp cong to a restricted algo
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47008
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266851
Bugzilla Description:
kernel: KVM: SVM: Make sure GHCB is mapped before updating
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47007
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266854
Bugzilla Description:
kernel: f2fs: fix panic during f2fs_resize_fs()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-789
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47006
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266857
Bugzilla Description:
kernel: ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-253
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47005
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266861
Bugzilla Description:
kernel: PCI: endpoint: Fix NULL pointer dereference for ->get_features()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47004
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266863
Bugzilla Description:
kernel: f2fs: fix to avoid touching checkpointed data in get_victim()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47003
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266865
Bugzilla Description:
kernel: dmaengine: idxd: Fix potential null dereference on pointer status
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47002
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266867
Bugzilla Description:
kernel: SUNRPC: Fix null pointer dereference in svc_rqst_free()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47001
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266869
Bugzilla Description:
kernel: xprtrdma: Fix cwnd update ordering
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47000
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266871
Bugzilla Description:
kernel: ceph: fix inode leak on getattr error in __fh_to_dentry
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46999
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266874
Bugzilla Description:
kernel: sctp: do asoc update earlier in sctp_sf_do_dupcook_a
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46998
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266877
Bugzilla Description:
kernel: ethernet:enic: Fix a use after free bug in enic_hard_start_xmit
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46997
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266879
Bugzilla Description:
kernel: arm64: entry: always set GIC_PRIO_PSR_I_SET during entry
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46996
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266881
Bugzilla Description:
kernel: netfilter: nftables: Fix a memleak from userdata error path in new objects
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46995
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266883
Bugzilla Description:
kernel: can: mcp251xfd: mcp251xfd_probe(): fix an error pointer dereference in probe
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-822
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46994
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266885
Bugzilla Description:
kernel: can: mcp251x: fix resume from sleep before interface was brought up
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46993
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266888
Bugzilla Description:
kernel: sched: Fix out-of-bound access in uclamp
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46992
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266890
Bugzilla Description:
kernel: netfilter: nftables: avoid overflows in nft_hash_buckets()
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46991
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266894
Bugzilla Description:
kernel: i40e: Fix use-after-free in i40e_client_subtask()
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46990
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266896
Bugzilla Description:
kernel: powerpc/64s: Fix crashes when toggling entry flush barrier
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46989
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266898
Bugzilla Description:
kernel: hfsplus: prevent corruption in shrinking truncate
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-229
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46988
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266900
Bugzilla Description:
kernel: userfaultfd: release page in error path to avoid BUG_ON
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46986
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266902
Bugzilla Description:
kernel: usb: dwc3: gadget: Free gadget structure only after freeing endpoints
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46985
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266904
Bugzilla Description:
kernel: ACPI: scan: Fix a memory leak in an error handling path
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46983
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266906
Bugzilla Description:
kernel: nvmet-rdma: Fix NULL deref when SEND is completed with error
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46982
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266908
Bugzilla Description:
kernel: f2fs: compress: fix race condition of overwrite vs truncate
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46981
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266911
Bugzilla Description:
kernel: nbd: Fix NULL pointer in flush_workqueue
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46980
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266914
Bugzilla Description:
kernel: usb: typec: ucsi: Retrieve all the PDOs instead of just the first 4
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46979
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266917
Bugzilla Description:
kernel: iio: core: fix ioctl handlers removal
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-415
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46978
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266919
Bugzilla Description:
kernel: KVM: nVMX: Always make an attempt to map eVMCS after migration
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46977
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266924
Bugzilla Description:
kernel: KVM: VMX: Disable preemption when probing user return MSRs
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-400
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46976
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266928
Bugzilla Description:
kernel: drm/i915: Fix crash in auto_retire
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2020-36778
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266940
Bugzilla Description:
kernel: i2c: xiic: fix reference leak when pm_runtime_get_sync fails
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2020-36779
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266942
Bugzilla Description:
kernel: i2c: stm32f7: fix reference leak when pm_runtime_get_sync fails
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2020-36780
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266944
Bugzilla Description:
kernel: i2c: sprd: fix reference leak when pm_runtime_get_sync fails
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2020-36781
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266946
Bugzilla Description:
kernel: i2c: imx: fix reference leak when pm_runtime_get_sync fails
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2020-36782
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266948
Bugzilla Description:
kernel: i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2020-36783
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266950
Bugzilla Description:
kernel: i2c: img-scb: fix reference leak when pm_runtime_get_sync fails
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2020-36784
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266952
Bugzilla Description:
kernel: i2c: cadence: fix reference leak when pm_runtime_get_sync fails
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2020-36785
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266954
Bugzilla Description:
kernel: media: atomisp: Fix use after free in atomisp_alloc_css_stat_bufs()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2020-36786
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266956
Bugzilla Description:
kernel: media: [next] staging: media: atomisp: fix memory leak of object flash
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2020-36787
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266958
Bugzilla Description:
kernel: media: aspeed: fix clock handling logic
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47021
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266961
Bugzilla Description:
kernel: mt76: mt7915: fix memleak when mt7915_unregister_device()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47022
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266963
Bugzilla Description:
kernel: mt76: mt7615: fix memleak when mt7615_unregister_device()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47023
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266965
Bugzilla Description:
kernel: net: marvell: prestera: fix port event handling on init
CVSS Score:
CVSSv3 Score: 2.3
Vector:
CWE: CWE-400
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47024
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266967
Bugzilla Description:
kernel: vsock/virtio: free queued packets when closing socket
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47025
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266969
Bugzilla Description:
kernel: iommu/mediatek: Always enable the clk on resume
CVSS Score:
CVSSv3 Score: 2.3
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47026
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266971
Bugzilla Description:
kernel: RDMA/rtrs-clt: destroy sysfs after removing session from active list
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47027
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266973
Bugzilla Description:
kernel: mt76: mt7921: fix kernel crash when the firmware fails to download
CVSS Score:
CVSSv3 Score: 2.3
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47028
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266975
Bugzilla Description:
kernel: mt76: mt7915: fix txrate reporting
CVSS Score:
CVSSv3 Score: 2.3
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47029
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266977
Bugzilla Description:
kernel: mt76: connac: fix kernel warning adding monitor interface
CVSS Score:
CVSSv3 Score: 2.3
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47030
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266980
Bugzilla Description:
kernel: mt76: mt7615: fix memory leak in mt7615_coredump_work
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47031
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266982
Bugzilla Description:
kernel: mt76: mt7921: fix memory leak in mt7921_coredump_work
CVSS Score:
CVSSv3 Score: 2.3
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47032
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266984
Bugzilla Description:
kernel: mt76: mt7915: fix tx skb dma unmap
CVSS Score:
CVSSv3 Score: 2.3
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47033
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266988
Bugzilla Description:
kernel: mt76: mt7615: fix tx skb dma unmap
CVSS Score:
CVSSv3 Score: 2.3
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47034
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266990
Bugzilla Description:
kernel: powerpc/64s: Fix pte update for kernel memory on radix
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-400
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47035
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266992
Bugzilla Description:
kernel: iommu/vt-d: Remove WO permissions on second-level paging entries
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47036
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266994
Bugzilla Description:
kernel: udp: skip L4 aggregation for UDP tunnel packets
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47037
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2266996
Bugzilla Description:
kernel: ASoC: q6afe-clocks: fix reprobing of the driver
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-400
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47038
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2266998
Bugzilla Description:
kernel: Bluetooth: avoid deadlock between hci_dev->lock and socket lock
CVSS Score:
CVSSv3 Score: 5.7
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47039
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2267001
Bugzilla Description:
kernel: ataflop: potential out of bounds in do_format()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47040
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2267003
Bugzilla Description:
kernel: io_uring: fix overflows checks in provide buffers
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47041
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2267006
Bugzilla Description:
kernel: nvmet-tcp: fix incorrect locking in state_change sk callback
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47042
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2267008
Bugzilla Description:
kernel: drm/amd/display: Free local data after use
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47043
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2267010
Bugzilla Description:
kernel: media: venus: core: Fix some resource leaks in the error path of 'venus_probe()'
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47044
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2267012
Bugzilla Description:
kernel: sched/fair: Fix shift-out-of-bounds in load_balance()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47046
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2267014
Bugzilla Description:
kernel: drm/amd/display: Fix off by one in hdmi_14_process_transaction()
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47049
Severity: low
Released on: 28/02/2024
Advisory:
Bugzilla: 2267016
Bugzilla Description:
kernel: Drivers: hv: vmbus: Use after free in __vmbus_open()
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-27285
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2267244
Bugzilla Description:
yard: Cross-site scripting in the frams.erb template file
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-79
Affected Packages:
Package States: Red Hat OpenStack Platform 16.1,Red Hat OpenStack Platform 16.2,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document
CVE-2024-27913
Severity: moderate
Released on: 28/02/2024
Advisory:
Bugzilla: 2267347
Bugzilla Description:
frr: Denial of service via malformed OSPF LSA packet
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-703
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46923
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266312
Bugzilla Description:
kernel: fs/mount_setattr: always cleanup mount_kattr
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46932
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266318
Bugzilla Description:
kernel: Input: appletouch - initialize work before device registration
CVSS Score:
CVSSv3 Score: 2.3
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46931
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266337
Bugzilla Description:
kernel: net/mlx5e: Wrap the tx reporter dump callback to extract the sq
CVSS Score:
CVSSv3 Score: 5.1
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46930
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266345
Bugzilla Description:
kernel: usb: mtu3: fix list_head check warning
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46929
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266357
Bugzilla Description:
kernel: sctp: use call_rcu to free endpoint
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46927
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266365
Bugzilla Description:
kernel: nitro_enclaves: Use get_user_pages_unlocked() call to handle mmap assert
CVSS Score:
CVSSv3 Score: 2.3
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46926
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266370
Bugzilla Description:
kernel: ALSA: hda: intel-sdw-acpi: harden detection of controller
CVSS Score:
CVSSv3 Score: 2.3
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46916
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266371
Bugzilla Description:
kernel: NULL pointer dereference in ethtool loopback test
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46918
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266373
Bugzilla Description:
kernel: MSIX permission entry on shutdown
CVSS Score:
CVSSv3 Score: 2.3
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46925
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266375
Bugzilla Description:
kernel: net/smc: fix kernel panic caused by race of smc_sock
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46917
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266376
Bugzilla Description:
kernel: wq reset does not clear WQCFG registers
CVSS Score:
CVSSv3 Score: 2.3
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46937
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266378
Bugzilla Description:
kernel: fix 'struct pid' leaks in 'dbgfs_target_ids_write()'
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46913
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266386
Bugzilla Description:
kernel: netfilter: nftables: clone set element expression template
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46919
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266397
Bugzilla Description:
kernel: wq size store permission state
CVSS Score:
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46920
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266398
Bugzilla Description:
kernel: clobbering of SWERR overflow bit on writeback
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-353
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-27507
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266401
Bugzilla Description:
liblas: memory leak may lead to DoS
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document
CVE-2021-46907
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266406
Bugzilla Description:
kernel: KVM: internal.ndata could be updated by the user process at anytime
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-200
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46908
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266407
Bugzilla Description:
kernel: unknown scalars with mixed signed bounds masking mitigation
CVSS Score:
CVSSv3 Score: 5.1
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46909
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266408
Bugzilla Description:
kernel: PCI interrupt mapping cause oops
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-391
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46910
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266414
Bugzilla Description:
kernel: kmap_local() doubles the number of per-CPU
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-118
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46912
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266421
Bugzilla Description:
kernel: namespace leak into all other net namespaces
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46911
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266422
Bugzilla Description:
kernel: denial of service in ch_ktls
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46915
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266423
Bugzilla Description:
kernel: netfilter: divide error in nft_limit_init
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-369
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46914
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266427
Bugzilla Description:
kernel: unbalanced device enable/disable in suspend/resume
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46935
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266436
Bugzilla Description:
kernel: binder: fix async_free_space accounting for empty parcels
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46921
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266440
Bugzilla Description:
kernel: locking/qrwlock: Fix ordering in queued_write_lock_slowpath()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-402
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46936
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266443
Bugzilla Description:
kernel: net: fix use-after-free in tw_timer_handler
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46934
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266446
Bugzilla Description:
kernel: i2c: validate user data in compat ioctl
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-703
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46933
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266448
Bugzilla Description:
kernel: usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear.
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46928
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266453
Bugzilla Description:
kernel: parisc: Clear stale IIR value on instruction access rights trap
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-274
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46924
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266455
Bugzilla Description:
kernel: NFC: st21nfca: Fix memory leak in device probe and remove
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46922
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266457
Bugzilla Description:
kernel: KEYS: trusted: Fix TPM reservation for seal/unseal
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46958
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266461
Bugzilla Description:
kernel: btrfs: fix race between transaction aborts and fsyncs leading to use-after-free
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46957
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266463
Bugzilla Description:
kernel: riscv/kprobe: fix kernel panic when invoking sys_read traced by kprobe
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46956
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266466
Bugzilla Description:
kernel: virtiofs: fix memory leak in virtio_fs_probe()
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46955
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266468
Bugzilla Description:
kernel: openvswitch: fix stack OOB read while fragmenting IPv4 packets
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46953
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266471
Bugzilla Description:
kernel: ACPI: GTDT: Don't corrupt interrupt mappings on watchdow probe failure
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46951
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266475
Bugzilla Description:
kernel: tpm: efi: Use local variable for calculating final log size
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-191
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46949
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266477
Bugzilla Description:
kernel: sfc: farch: fix TX queue lookup in TX flush done handling
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46948
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266479
Bugzilla Description:
kernel: sfc: farch: fix TX queue lookup in TX event handling
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46947
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266481
Bugzilla Description:
kernel: sfc: adjust efx->xdp_tx_queue_count with the real number of initialized queues
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46946
Severity:
Released on: 27/02/2024
Advisory:
Bugzilla: 2266484
Bugzilla Description:
kernel: ext4: fix check to prevent false positive report of incorrect used inodes
CVSS Score:
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46945
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266486
Bugzilla Description:
kernel: ext4: always panic when errors=panic is specified
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46944
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266488
Bugzilla Description:
kernel: media: staging/intel-ipu3: Fix memory leak in imu_fmt
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46943
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266490
Bugzilla Description:
kernel: media: staging/intel-ipu3: Fix set_fmt error handling
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46941
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266492
Bugzilla Description:
kernel: usb: dwc3: core: Do core softreset when switch mode
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46940
Severity:
Released on: 27/02/2024
Advisory:
Bugzilla: 2266494
Bugzilla Description:
kernel: tools/power turbostat: Fix offset overflow issue in index converting
CVSS Score:
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46939
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266497
Bugzilla Description:
kernel: tracing: Restructure trace_clock_global() to never block
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46938
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266499
Bugzilla Description:
kernel: dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-415
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46954
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266501
Bugzilla Description:
kernel: net/sched: sch_frag: fix stack OOB read while fragmenting IPv4 packets
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46950
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266504
Bugzilla Description:
kernel: md/raid1: properly indicate failure when ending a failed write request
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46942
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266507
Bugzilla Description:
kernel: io_uring: fix shared sqpoll cancellation hangs
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-46952
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266510
Bugzilla Description:
kernel: NFS: fs_context: validate UDP retrans to prevent shift out-of-bounds
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-21742
Severity: moderate
Released on: 27/02/2024
Advisory:
Bugzilla: 2266612
Bugzilla Description:
: Apache James Mime4J: Mime4J DOM header injection
CVSS Score:
CVSSv3 Score: 5.6
Vector:
CWE: CWE-20
Affected Packages:
Package States:
Full Details
CVE document
CVE-2020-36777
Severity: low
Released on: 27/02/2024
Advisory:
Bugzilla: 2266746
Bugzilla Description:
kernel: media: dvbdev: Fix memory leak in dvb_media_device_free()
CVSS Score:
CVSSv3 Score: 3.4
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document