Computer vulnerabilities of Red Hat Enterprise Linux

Linux kernel: information disclosure via L2CAP_PARSE_CONF_RSP
A local attacker can read a memory fragment via L2CAP_PARSE_CONF_RSP of the Linux kernel, in order to obtain sensitive information...
1103505, CERTFR-2019-AVI-071, CERTFR-2019-AVI-131, CERTFR-2019-AVI-145, CERTFR-2019-AVI-233, CERTFR-2019-AVI-354, CERTFR-2020-AVI-147, CVE-2019-3460, DLA-1771-1, DLA-1799-1, DLA-1799-2, FEDORA-2019-509c133845, FEDORA-2019-f812c9fb22, openSUSE-SU-2019:0140-1, openSUSE-SU-2019:0203-1, openSUSE-SU-2019:0274-1, RHSA-2019:2029-01, RHSA-2019:2043-01, RHSA-2019:3309-01, RHSA-2019:3517-01, RHSA-2020:0740-01, SUSE-SU-2019:0439-1, SUSE-SU-2019:0470-1, SUSE-SU-2019:0541-1, SUSE-SU-2019:0765-1, SUSE-SU-2019:0767-1, SUSE-SU-2019:0901-1, SUSE-SU-2019:1289-1, SUSE-SU-2019:14127-1, USN-3930-1, USN-3930-2, USN-3931-1, USN-3931-2, USN-3932-1, USN-3932-2, USN-3933-1, USN-3933-2, VIGILANCE-VUL-28250

Linux kernel: information disclosure via L2CAP_GET_CONF_OPT
A local attacker can read a memory fragment via L2CAP_GET_CONF_OPT of the Linux kernel, in order to obtain sensitive information...
1103505, CERTFR-2019-AVI-071, CERTFR-2019-AVI-131, CERTFR-2019-AVI-145, CERTFR-2019-AVI-233, CERTFR-2019-AVI-354, CERTFR-2020-AVI-147, CVE-2019-3459, DLA-1771-1, DLA-1799-1, DLA-1799-2, FEDORA-2019-509c133845, FEDORA-2019-f812c9fb22, openSUSE-SU-2019:0140-1, openSUSE-SU-2019:0203-1, openSUSE-SU-2019:0274-1, RHSA-2019:2029-01, RHSA-2019:2043-01, RHSA-2019:3309-01, RHSA-2019:3517-01, RHSA-2020:0740-01, SUSE-SU-2019:0439-1, SUSE-SU-2019:0470-1, SUSE-SU-2019:0541-1, SUSE-SU-2019:0765-1, SUSE-SU-2019:0767-1, SUSE-SU-2019:0901-1, SUSE-SU-2019:1289-1, SUSE-SU-2019:14127-1, USN-3930-1, USN-3930-2, USN-3931-1, USN-3931-2, USN-3932-1, USN-3932-2, USN-3933-1, USN-3933-2, VIGILANCE-VUL-28249

Exiv2: denial of service via CiffDirectory-readDirectory
An attacker can trigger a fatal error via CiffDirectory::readDirectory() of Exiv2, in order to trigger a denial of service...
CVE-2018-17581, DLA-1691-1, RHSA-2019:2101-01, RHSA-2020:1577-01, USN-3852-1, VIGILANCE-VUL-28242

HAProxy: out-of-bounds memory reading via dns_validate_dns_response
An attacker can force a read at an invalid address via dns_validate_dns_response() of HAProxy, in order to trigger a denial of service, or to obtain sensitive information...
CVE-2018-20102, FEDORA-2018-2abadd4469, FEDORA-2018-cb66bc33e6, openSUSE-SU-2019:0044-1, RHSA-2019:1436-01, SUSE-SU-2019:0061-1, USN-3858-1, VIGILANCE-VUL-28237

PHP: multiple vulnerabilities
An attacker can use several vulnerabilities of PHP...
3143907, CERTFR-2019-AVI-016, CVE-2019-9020, CVE-2019-9021, CVE-2019-9022, CVE-2019-9023, CVE-2019-9024, CVE-2019-9025, DLA-1679-1, DSA-4398-1, FEDORA-2019-a6511b0eed, FEDORA-2019-aa6036fcb3, openSUSE-SU-2019:0207-1, openSUSE-SU-2019:0276-1, openSUSE-SU-2019:1256-1, openSUSE-SU-2019:1293-1, openSUSE-SU-2019:1572-1, openSUSE-SU-2019:1573-1, RHSA-2019:2519-01, RHSA-2019:3299-01, RHSA-2020:1112-01, RHSA-2020:1624-01, SSA:2019-038-01, SUSE-SU-2019:0333-1, SUSE-SU-2019:0449-1, SUSE-SU-2019:0985-1, SUSE-SU-2019:13961-1, SUSE-SU-2019:14013-1, SUSE-SU-2019:1461-1, USN-3902-1, USN-3902-2, VIGILANCE-VUL-28216

Microsoft .NET: vulnerabilities of January 2019
An attacker can use several vulnerabilities of Microsoft products...
10, 12, CERTFR-2019-AVI-010, CVE-2019-0545, CVE-2019-0548, CVE-2019-0564, RHSA-2019:0040-01, VIGILANCE-VUL-28187

Source-to-Image: directory traversal via ExtractTarStreamFromTarReader
An attacker can traverse directories via ExtractTarStreamFromTarReader() of Source-to-Image, in order to create a file outside the service root path...
CVE-2018-1102, RHSA-2019:0036-01, VIGILANCE-VUL-28184

Linux kernel: information disclosure via mincore
An attacker can bypass access restrictions to data via mincore() of the Linux kernel, in order to obtain sensitive information...
1103505, 1901.01161, CERTFR-2019-AVI-277, CERTFR-2019-AVI-390, CERTFR-2019-AVI-451, CERTFR-2019-AVI-458, CERTFR-2019-AVI-592, CERTFR-2019-AVI-603, CERTFR-2019-AVI-621, CERTFR-2019-AVI-644, CERTFR-2020-AVI-056, CVE-2019-5489, DLA-1823-1, DLA-1824-1, DSA-4465-1, JSA10993, openSUSE-SU-2019:1479-1, openSUSE-SU-2019:1570-1, openSUSE-SU-2019:1579-1, RHSA-2019:2029-01, RHSA-2019:2043-01, RHSA-2019:2473-01, RHSA-2019:2808-01, RHSA-2019:2809-01, RHSA-2019:2837-01, RHSA-2019:3309-01, RHSA-2019:3517-01, RHSA-2019:3967-01, RHSA-2019:4056-01, RHSA-2019:4057-01, RHSA-2019:4058-01, RHSA-2019:4159-01, RHSA-2019:4164-01, RHSA-2019:4255-01, RHSA-2020:0204-01, SUSE-SU-2019:14089-1, SUSE-SU-2019:1527-1, SUSE-SU-2019:1529-1, SUSE-SU-2019:1530-1, SUSE-SU-2019:1532-1, SUSE-SU-2019:1533-1, SUSE-SU-2019:1534-1, SUSE-SU-2019:1535-1, SUSE-SU-2019:1536-1, SUSE-SU-2019:1550-1, SUSE-SU-2019:1692-1, SUSE-SU-2019:2430-1, VIGILANCE-VUL-28182

RHEL 7 Kernel: out-of-bounds memory reading via memcpy_fromiovecend
An attacker can force a read at an invalid address via memcpy_fromiovecend() of RHEL 7 Kernel, in order to trigger a denial of service, or to obtain sensitive information...
1103505, 1661503, CVE-2018-16885, RHSA-2019:2029-01, RHSA-2019:2043-01, VIGILANCE-VUL-28164

wget: information disclosure via set_file_metadata
An attacker can bypass access restrictions to data via set_file_metadata() of wget, in order to obtain sensitive information...
bulletinjul2019, CVE-2018-20483, FEDORA-2019-088875c43a, FEDORA-2019-427a0ba9e3, FEDORA-2019-d1b5cf0055, openSUSE-SU-2019:0057-1, RHSA-2019:3701-01, SUSE-SU-2019:0093-1, USN-3943-1, USN-3943-2, VIGILANCE-VUL-28162

Our database contains other pages. You can request a free trial to read them.

Display information about Red Hat Enterprise Linux:

https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux