Computer vulnerabilities of RHEL

libxml2: three vulnerabilities
An attacker can use several vulnerabilities of libxml2...
1989337, 1991909, 1991910, 1991911, 1991913, 1991997, CERTFR-2017-AVI-012, cpujan2018, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449, DLA-503-1, DSA-2019-197, DSA-3593-1, FEDORA-2017-a3a47973eb, FEDORA-2017-be8574d593, HT206902, HT206903, JSA10770, JSA10916, K24322529, K41103561, openSUSE-SU-2016:1595-1, RHSA-2016:1292-01, SA129, SB10170, SOL41103561, SPL-119440, SPL-121159, SPL-123095, SSA:2016-148-01, SUSE-SU-2016:1538-1, SUSE-SU-2016:1604-1, TNS-2017-03, USN-2994-1, USN-3235-1, VIGILANCE-VUL-19694

libgd2: denial of service via imagefilltoborder
An attacker can generate a fatal error via imagefilltoborder() of libgd2, in order to trigger a denial of service...
CERTFR-2017-AVI-237, CVE-2015-8874, DLA-482-1, DSA-3587-1, FEDORA-2016-a4d48d6fd6, FEDORA-2016-d126bb1b74, FG-IR-17-051, openSUSE-SU-2016:1524-1, openSUSE-SU-2016:1553-1, RHSA-2016:2750-01, SUSE-SU-2016:1581-1, SUSE-SU-2016:1638-1, USN-2987-1, VIGILANCE-VUL-19670

Linux kernel: information disclosure via get_rock_ridge_filename
A local attacker can read a memory fragment via get_rock_ridge_filename() of the Linux kernel, in order to obtain sensitive information...
CERTFR-2016-AVI-220, CERTFR-2016-AVI-267, CERTFR-2017-AVI-034, CVE-2016-4913, DLA-516-1, DSA-3607-1, FEDORA-2016-06f1572324, FEDORA-2016-2363b37a98, FEDORA-2016-c1faf6005c, openSUSE-SU-2016:2144-1, RHSA-2018:3083-01, RHSA-2018:3096-01, SUSE-SU-2016:1672-1, SUSE-SU-2016:1985-1, SUSE-SU-2016:2245-1, SUSE-SU-2017:0333-1, USN-3016-1, USN-3016-2, USN-3016-3, USN-3016-4, USN-3017-1, USN-3017-2, USN-3017-3, USN-3018-1, USN-3018-2, USN-3019-1, USN-3020-1, USN-3021-1, USN-3021-2, VIGILANCE-VUL-19650

Expat: buffer overflow
An attacker can generate a buffer overflow of Expat, in order to trigger a denial of service, and possibly to run code...
1988026, 1990421, 1990658, 2000347, bulletinjul2016, CERTFR-2018-AVI-288, cpujul2018, CVE-2016-0718, DSA-3582-1, FEDORA-2016-0fd6ca526a, FEDORA-2016-60889583ab, FEDORA-2016-7c6e7a9265, HT206903, K52320548, openSUSE-SU-2016:1441-1, openSUSE-SU-2016:1523-1, RHSA-2016:2824-01, SSA:2016-359-01, SSA:2017-266-02, SSA:2018-124-01, SUSE-SU-2016:1508-1, SUSE-SU-2016:1512-1, SUSE-SU-2020:0497-1, TNS-2016-11, TNS-2018-08, USN-2983-1, USN-3013-1, VIGILANCE-VUL-19644

libndp: Man-in-the-Middle
An attacker can act as a Man-in-the-Middle on libndp, in order to read or write data in the session...
CVE-2016-3698, DSA-3581-1, FEDORA-2016-2be4263b24, FEDORA-2016-5cbcaebaf2, RHSA-2016:1086-01, USN-2980-1, VIGILANCE-VUL-19631

Linux kernel RT: denial of service via Ping SysRq
An attacker can send a Ping packet to use a SysRq command on the Linux kernel with the RT patch, in order to trigger a denial of service...
CERTFR-2016-AVI-267, CERTFR-2016-AVI-275, CVE-2016-3707, RHSA-2016:1341-01, SUSE-SU-2016:1764-1, SUSE-SU-2016:1937-1, SUSE-SU-2016:1985-1, VIGILANCE-VUL-19618

Docker: privilege escalation via Numeric UID
A local attacker can in some cases use an uid on Docker, in order to escalate his privileges...
1329450, 2004947, CVE-2016-3697, FEDORA-2016-6a0d540088, openSUSE-SU-2016:1417-1, RHSA-2016:1034-01, RHSA-2016:2634-01, VIGILANCE-VUL-19615

Google Chrome: five vulnerabilities
An attacker can use several vulnerabilities of Google Chrome...
CERTFR-2016-AVI-166, CVE-2016-1667, CVE-2016-1668, CVE-2016-1669, CVE-2016-1670, CVE-2016-1671, DSA-3590-1, openSUSE-SU-2016:1304-1, openSUSE-SU-2016:1319-1, openSUSE-SU-2016:1655-1, RHSA-2016:1080-01, USN-2960-1, VIGILANCE-VUL-19611

Linux kernel: use after free via pcpu_extend_area_map
An attacker can force the usage of a freed memory area in pcpu_extend_area_map() via BPF on the Linux kernel, in order to trigger a denial of service, and possibly to run code...
CERTFR-2016-AVI-278, CVE-2016-4794, openSUSE-SU-2016:1798-1, RHSA-2016:2574-02, RHSA-2016:2584-02, USN-3049-1, USN-3050-1, USN-3051-1, USN-3052-1, USN-3053-1, USN-3054-1, USN-3055-1, USN-3056-1, USN-3057-1, VIGILANCE-VUL-19608

Linux kernel: memory corruption via asn1_find_indefinite_length
An attacker can generate a memory corruption in asn1_find_indefinite_length() on the Linux kernel, in order to trigger a denial of service, and possibly to run code...
1300257, CERTFR-2016-AVI-171, CERTFR-2016-AVI-267, CVE-2016-0758, FEDORA-2016-06f1572324, FEDORA-2016-84fdc82b74, openSUSE-SU-2016:1641-1, openSUSE-SU-2016:2144-1, openSUSE-SU-2016:2184-1, RHSA-2016:1033-01, RHSA-2016:1051-01, RHSA-2016:1055-01, SUSE-SU-2016:1672-1, SUSE-SU-2016:1690-1, SUSE-SU-2016:1937-1, SUSE-SU-2016:1985-1, SUSE-SU-2016:2105-1, SUSE-SU-2016:2245-1, USN-2975-1, USN-2975-2, USN-2976-1, USN-2977-1, USN-2978-1, USN-2978-2, USN-2978-3, USN-2979-1, USN-2979-2, USN-2979-3, USN-2979-4, VIGILANCE-VUL-19607

Our database contains other pages. You can request a free trial to read them.

Display information about RHEL:

https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux