Red Hat Codeready Linux Builder For Power Little Endian 8.0 Ppc64le

CPE Details

Red Hat Codeready Linux Builder For Power Little Endian 8.0 Ppc64le
redhat
codeready_linux_builder_for_power_little_endian
8.0_ppc64le
2023-11-25
02h54 +00:00
2023-11-25
02h54 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*

Informations

Vendor

redhat

Product

codeready_linux_builder_for_power_little_endian

Version

8.0_ppc64le

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-4641 2023-12-27 15h43 +00:00 A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory.
5.5
Medium
CVE-2023-5633 2023-10-23 21h58 +00:00 The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.
7.8
High
CVE-2023-4732 2023-10-03 16h55 +00:00 A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmd_t x.
4.7
Medium
CVE-2023-4042 2023-08-23 12h19 +00:00 A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8.
5.5
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.