English
Français
Light
Dark
System

Alert System

Stay informed at all times
Create an account Open a free account Login Manage your alerts

Red Hat Enterprise Linux For Real Time For NFV 7

CPE Details

Red Hat Enterprise Linux For Real Time For NFV 7
redhat
enterprise_linux_for_real_time_for_nfv
7
2016-08-24 12:02 +00:00
2021-05-24 13:02 +00:00
CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.
Alert management

CPE Name: cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:7:*:*:*:*:*:*:*

Informations

Vendor

redhat

Product

enterprise_linux_for_real_time_for_nfv

Version

7

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-0330 2022-03-24 23:00 +00:00 A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system.
7.8
HIGH
CVE-2021-3656 2022-03-04 17:41 +00:00 A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.
8.8
HIGH
CVE-2021-3752 2022-02-16 17:35 +00:00 A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
7.1
HIGH
CVE-2019-14816 2019-09-20 16:25 +00:00 There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
7.8
HIGH
CVE-2019-9506 2019-08-13 22:00 +00:00 The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.
8.1
HIGH
CVE-2019-10126 2019-06-14 11:56 +00:00 A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.
9.8
CRITICAL
CVE-2019-11833 2019-05-15 10:19 +00:00 fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.
5.5
MEDIUM
CVE-2019-3460 2019-04-11 14:00 +00:00 A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.
6.5
MEDIUM
CVE-2019-3459 2019-04-11 13:53 +00:00 A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.
6.5
MEDIUM
CVE-2019-7222 2019-03-17 17:52 +00:00 The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
5.5
MEDIUM
CVE-2018-10881 2018-07-26 16:00 +00:00 A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.
5.5
MEDIUM
CVE-2017-15129 2018-01-09 18:00 +00:00 A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely.
4.7
MEDIUM
CVE-2017-18017 2018-01-03 05:00 +00:00 The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.
9.8
CRITICAL
CVE-2016-3707 2016-06-27 08:00 +00:00 The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.
8.1
HIGH

More information
Click on the button to the left (OFF), to authorize the inscription of cookie improving the functionalities of the site. Click on the button to the left (Accept all), to unauthorize the inscription of cookie improving the functionalities of the site.