Filtered by vendor Redhat
Subscriptions
Filtered by product Rhev Hypervisor
Subscriptions
Total
333 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-45886 | 3 Linux, Netapp, Redhat | 14 Linux Kernel, H300s, H300s Firmware and 11 more | 2024-11-21 | 7.0 High |
| An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free. | ||||
| CVE-2022-45884 | 3 Linux, Netapp, Redhat | 14 Linux Kernel, H300s, H300s Firmware and 11 more | 2024-11-21 | 7.0 High |
| An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops. | ||||
| CVE-2022-45047 | 2 Apache, Redhat | 13 Sshd, Camel Spring Boot, Jboss Data Grid and 10 more | 2024-11-21 | 9.8 Critical |
| Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD <= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys of an SSH server. | ||||
| CVE-2022-42722 | 4 Debian, Fedoraproject, Linux and 1 more | 6 Debian Linux, Fedora, Linux Kernel and 3 more | 2024-11-21 | 5.5 Medium |
| In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices. | ||||
| CVE-2022-42703 | 2 Linux, Redhat | 5 Linux Kernel, Enterprise Linux, Rhel Eus and 2 more | 2024-11-21 | 5.5 Medium |
| mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse. | ||||
| CVE-2022-41974 | 4 Debian, Fedoraproject, Opensvc and 1 more | 7 Debian Linux, Fedora, Multipath-tools and 4 more | 2024-11-21 | 7.8 High |
| multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to local privilege escalation to root. This occurs because an attacker can repeat a keyword, which is mishandled because arithmetic ADD is used instead of bitwise OR. | ||||
| CVE-2022-40133 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2024-11-21 | 6.3 Medium |
| A use-after-free(UAF) vulnerability was found in function 'vmw_execbuf_tie_context' in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in Linux kernel's vmwgfx driver with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS). | ||||
| CVE-2022-3640 | 4 Debian, Fedoraproject, Linux and 1 more | 6 Debian Linux, Fedora, Linux Kernel and 3 more | 2024-11-21 | 5.5 Medium |
| A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211944. | ||||
| CVE-2022-3625 | 3 Debian, Linux, Redhat | 5 Debian Linux, Linux Kernel, Enterprise Linux and 2 more | 2024-11-21 | 4.6 Medium |
| A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability. | ||||
| CVE-2022-3564 | 4 Debian, Linux, Netapp and 1 more | 17 Debian Linux, Linux Kernel, H300s and 14 more | 2024-11-21 | 5.5 Medium |
| A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087. | ||||
| CVE-2022-3239 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2024-11-21 | 7.8 High |
| A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. | ||||
| CVE-2022-3028 | 4 Debian, Fedoraproject, Linux and 1 more | 6 Debian Linux, Fedora, Linux Kernel and 3 more | 2024-11-21 | 7.0 High |
| A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. | ||||
| CVE-2022-39188 | 3 Debian, Linux, Redhat | 5 Debian Linux, Linux Kernel, Enterprise Linux and 2 more | 2024-11-21 | 4.7 Medium |
| An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs. | ||||
| CVE-2022-38457 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2024-11-21 | 6.3 Medium |
| A use-after-free(UAF) vulnerability was found in function 'vmw_cmd_res_check' in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in Linux kernel's vmwgfx driver with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS). | ||||
| CVE-2022-38096 | 2 Linux, Redhat | 8 Linux Kernel, Enterprise Linux, Logging and 5 more | 2024-11-21 | 6.3 Medium |
| A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS). | ||||
| CVE-2022-36402 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2024-11-21 | 6.3 Medium |
| An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS). | ||||
| CVE-2022-32742 | 2 Redhat, Samba | 4 Enterprise Linux, Rhev Hypervisor, Storage and 1 more | 2024-11-21 | 4.3 Medium |
| A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file (or printer) instead of client-supplied data. The client cannot control the area of the server memory written to the file (or printer). | ||||
| CVE-2022-32250 | 5 Debian, Fedoraproject, Linux and 2 more | 20 Debian Linux, Fedora, Linux Kernel and 17 more | 2024-11-21 | 7.8 High |
| net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. | ||||
| CVE-2022-30594 | 4 Debian, Linux, Netapp and 1 more | 24 Debian Linux, Linux Kernel, 8300 and 21 more | 2024-11-21 | 7.8 High |
| The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag. | ||||
| CVE-2022-2964 | 3 Linux, Netapp, Redhat | 18 Linux Kernel, H300s, H300s Firmware and 15 more | 2024-11-21 | 7.8 High |
| A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes. | ||||