The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of RedHat Fedora

Xen: privilege escalation via CPU Hotplug IST Settings
An attacker, inside a guest system, can bypass restrictions via CPU Hotplug IST Settings of Xen, in order to escalate his privileges on the host system...
CERTFR-2017-AVI-351, CTX228867, CVE-2017-15594, DLA-1559-1, DSA-4050-1, FEDORA-2017-5bcddc1984, FEDORA-2017-d4709b0d8b, openSUSE-SU-2017:2821-1, openSUSE-SU-2017:2916-1, SUSE-SU-2017:2812-1, SUSE-SU-2017:2815-1, SUSE-SU-2017:2856-1, SUSE-SU-2017:2864-1, SUSE-SU-2017:2873-1, VIGILANCE-VUL-24125, XSA-244
Xen: privilege escalation via Self-linear Shadow Mappings
An attacker, inside a guest system, can bypass restrictions via Self-linear Shadow Mappings of Xen, in order to escalate his privileges on the host system...
CERTFR-2017-AVI-351, CERTFR-2017-AVI-444, CTX228867, CTX230138, CVE-2017-15592, DLA-1181-1, DLA-1559-1, DSA-4050-1, FEDORA-2017-2500a024ef, FEDORA-2017-5bcddc1984, FEDORA-2017-c31799ee4a, FEDORA-2017-d4709b0d8b, FEDORA-2017-f2577f2108, openSUSE-SU-2017:2821-1, openSUSE-SU-2017:2916-1, SUSE-SU-2017:2812-1, SUSE-SU-2017:2815-1, SUSE-SU-2017:2856-1, SUSE-SU-2017:2864-1, SUSE-SU-2017:2873-1, SUSE-SU-2017:3212-1, SUSE-SU-2017:3236-1, SUSE-SU-2017:3239-1, SUSE-SU-2017:3242-1, VIGILANCE-VUL-24124, XSA-243
Xen: memory leak via Page Type Reference
An attacker, inside a guest system, can create a memory leak via Page Type Reference of Xen, in order to trigger a denial of service on the host system...
CERTFR-2017-AVI-351, CTX228867, CVE-2017-15593, DLA-1181-1, DLA-1559-1, DSA-4050-1, FEDORA-2017-5bcddc1984, FEDORA-2017-d4709b0d8b, openSUSE-SU-2017:2821-1, openSUSE-SU-2017:2916-1, SUSE-SU-2017:2812-1, SUSE-SU-2017:2815-1, SUSE-SU-2017:2856-1, SUSE-SU-2017:2864-1, SUSE-SU-2017:2873-1, VIGILANCE-VUL-24123, XSA-242
Xen: privilege escalation via Stale TLB Entry
An attacker, inside a guest system, can bypass restrictions via Stale TLB Entry of Xen, in order to escalate his privileges on the host system...
CERTFR-2017-AVI-351, CTX228867, CVE-2017-15588, DLA-1181-1, DLA-1549-1, DSA-4050-1, FEDORA-2017-5bcddc1984, FEDORA-2017-d4709b0d8b, openSUSE-SU-2017:2821-1, openSUSE-SU-2017:2916-1, SUSE-SU-2017:2812-1, SUSE-SU-2017:2815-1, SUSE-SU-2017:2856-1, SUSE-SU-2017:2864-1, SUSE-SU-2017:2873-1, VIGILANCE-VUL-24122, XSA-241
Xen: privilege escalation via Linear Pagetable De-typing
An attacker, inside a guest system, can bypass restrictions via Linear Pagetable De-typing of Xen, in order to escalate his privileges on the host system...
1359, CERTFR-2017-AVI-351, CTX228867, CVE-2017-15595, DLA-1181-1, DLA-1559-1, DSA-4050-1, FEDORA-2017-2500a024ef, FEDORA-2017-5bcddc1984, FEDORA-2017-c31799ee4a, FEDORA-2017-d4709b0d8b, FEDORA-2017-f2577f2108, openSUSE-SU-2017:2821-1, openSUSE-SU-2017:2916-1, openSUSE-SU-2018:0459-1, SUSE-SU-2017:2812-1, SUSE-SU-2017:2815-1, SUSE-SU-2017:2856-1, SUSE-SU-2017:2864-1, SUSE-SU-2017:2873-1, SUSE-SU-2017:3212-1, SUSE-SU-2017:3236-1, SUSE-SU-2017:3239-1, SUSE-SU-2017:3242-1, SUSE-SU-2018:0438-1, SUSE-SU-2018:0472-1, SUSE-SU-2018:0601-1, SUSE-SU-2018:0609-1, SUSE-SU-2018:0638-1, SUSE-SU-2018:0678-1, VIGILANCE-VUL-24121, XSA-240
Xen: information disclosure via X86 I/O Intercept Code
A local attacker, inside a guest system, can read a memory fragment via X86 I/O Intercept Code of Xen, in order to obtain sensitive information on the host system...
CERTFR-2017-AVI-351, CTX228867, CVE-2017-15589, DLA-1181-1, DLA-1549-1, DSA-4050-1, FEDORA-2017-5bcddc1984, FEDORA-2017-d4709b0d8b, openSUSE-SU-2017:2821-1, openSUSE-SU-2017:2916-1, SUSE-SU-2017:2812-1, SUSE-SU-2017:2815-1, SUSE-SU-2017:2856-1, SUSE-SU-2017:2864-1, SUSE-SU-2017:2873-1, VIGILANCE-VUL-24120, XSA-239
Xen: denial of service via DMOP map/unmap
An attacker, inside a guest system, can generate a fatal error via DMOP map/unmap of Xen, in order to trigger a denial of service on the host system...
CERTFR-2017-AVI-351, CVE-2017-15591, FEDORA-2017-5bcddc1984, FEDORA-2017-d4709b0d8b, openSUSE-SU-2017:2916-1, SUSE-SU-2017:2864-1, SUSE-SU-2017:2873-1, VIGILANCE-VUL-24119, XSA-238
Xen: privilege escalation via PCI MSI Interrupts
An attacker, inside a guest system, can bypass restrictions via PCI MSI Interrupts of Xen, in order to escalate his privileges on the host system...
CERTFR-2017-AVI-351, CTX228867, CVE-2017-15590, DLA-1549-1, DSA-4050-1, FEDORA-2017-5bcddc1984, FEDORA-2017-d4709b0d8b, openSUSE-SU-2017:2821-1, openSUSE-SU-2017:2916-1, SUSE-SU-2017:2812-1, SUSE-SU-2017:2815-1, SUSE-SU-2017:2856-1, SUSE-SU-2017:2864-1, SUSE-SU-2017:2873-1, VIGILANCE-VUL-24118, XSA-237
QEMU: memory leak via VNC Websock
An attacker, inside a guest system, can create a memory leak via VNC Websock of QEMU, in order to trigger a denial of service on the host system...
CVE-2017-15268, DSA-4213-1, FEDORA-2017-9149114fba, openSUSE-SU-2017:2938-1, openSUSE-SU-2017:2941-1, RHSA-2018:0816-01, SUSE-SU-2017:2924-1, SUSE-SU-2017:2936-1, USN-3575-1, USN-3575-2, VIGILANCE-VUL-24112
Linux kernel: use after free via /dev/snd/seq
An attacker can force the usage of a freed memory area via /dev/snd/seq of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
1062520, CERTFR-2017-AVI-379, CERTFR-2017-AVI-383, CERTFR-2017-AVI-390, CERTFR-2017-AVI-424, CERTFR-2017-AVI-426, CERTFR-2017-AVI-441, CERTFR-2018-AVI-014, CERTFR-2018-AVI-048, CERTFR-2018-AVI-321, CERTFR-2018-AVI-386, cpuapr2019, CVE-2017-15265, DLA-1200-1, FEDORA-2017-c110ac0eb1, FEDORA-2017-cafcdbdde5, FEDORA-2018-884a105c04, JSA10917, openSUSE-SU-2017:2846-1, openSUSE-SU-2017:2905-1, RHSA-2018:0676-01, RHSA-2018:1062-01, RHSA-2018:1130-01, RHSA-2018:1170-01, RHSA-2018:2390-01, RHSA-2018:3822-01, RHSA-2018:3823-01, SUSE-SU-2017:2847-1, SUSE-SU-2017:2908-1, SUSE-SU-2017:2920-1, SUSE-SU-2017:3165-1, SUSE-SU-2017:3265-1, SUSE-SU-2017:3267-1, SUSE-SU-2017:3410-1, SUSE-SU-2018:0040-1, SUSE-SU-2018:0171-1, USN-3485-1, USN-3485-2, USN-3485-3, USN-3487-1, USN-3698-1, USN-3698-2, VIGILANCE-VUL-24102
Our database contains other pages. You can request a free trial to read them.

Display information about RedHat Fedora: