CPE Details
Red Hat Codeready Linux Builder 9.0
9.0
2023-10-25
03h38 +00:00
03h38 +00:00
2023-10-25
03h38 +00:00
03h38 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
CPE Name: cpe:2.3:a:redhat:codeready_linux_builder:9.0:*:*:*:*:*:*:*
Informations
Vendor
redhatProduct
codeready_linux_builderVersion
9.0Related CVE
| CVE ID | Publié | Description | Score | Gravité |
|---|---|---|---|---|
| A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether. | 8 |
Haute |
||
| A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory. | 5.5 |
Moyen |
||
| The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges. | 7.8 |
Haute |
||
| A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges. | 7.8 |
Haute |
2025©
tesweb SA
