Filtered by vendor Redhat
Subscriptions
Filtered by product Rhel Extras Rt
Subscriptions
Total
482 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-4569 | 4 Canonical, Linux, Novell and 1 more | 12 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 9 more | 2025-04-12 | N/A |
| The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface. | ||||
| CVE-2014-9584 | 7 Canonical, Debian, Linux and 4 more | 22 Ubuntu Linux, Debian Linux, Linux Kernel and 19 more | 2025-04-12 | N/A |
| The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference (ER) System Use Field, which allows local users to obtain sensitive information from kernel memory via a crafted iso9660 image. | ||||
| CVE-2014-7970 | 4 Canonical, Linux, Novell and 1 more | 5 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Server and 2 more | 2025-04-12 | 5.5 Medium |
| The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in both arguments to the pivot_root system call. | ||||
| CVE-2015-2666 | 3 Fedoraproject, Linux, Redhat | 4 Fedora, Linux Kernel, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to the initrd. | ||||
| CVE-2016-2384 | 3 Linux, Novell, Redhat | 4 Linux Kernel, Suse Linux Enterprise Real Time Extension, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor. | ||||
| CVE-2014-7975 | 3 Canonical, Linux, Redhat | 4 Ubuntu Linux, Linux Kernel, Enterprise Linux and 1 more | 2025-04-12 | 5.5 Medium |
| The do_umount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAP_SYS_ADMIN capability for do_remount_sb calls that change the root filesystem to read-only, which allows local users to cause a denial of service (loss of writability) by making certain unshare system calls, clearing the / MNT_LOCKED flag, and making an MNT_FORCE umount system call. | ||||
| CVE-2016-2847 | 3 Linux, Novell, Redhat | 12 Linux Kernel, Suse Linux Enterprise Debuginfo, Suse Linux Enterprise Desktop and 9 more | 2025-04-12 | N/A |
| fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes. | ||||
| CVE-2016-9806 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more | 2025-04-12 | 7.8 High |
| Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated. | ||||
| CVE-2014-9529 | 6 Canonical, Debian, Fedoraproject and 3 more | 14 Ubuntu Linux, Debian Linux, Fedora and 11 more | 2025-04-12 | N/A |
| Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key. | ||||
| CVE-2015-8845 | 4 Linux, Novell, Redhat and 1 more | 10 Linux Kernel, Suse Linux Enterprise Desktop, Suse Linux Enterprise Server and 7 more | 2025-04-12 | N/A |
| The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application. | ||||
| CVE-2016-2069 | 3 Canonical, Linux, Redhat | 4 Ubuntu Linux, Linux Kernel, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging structure by a different CPU. | ||||
| CVE-2015-8812 | 4 Canonical, Linux, Novell and 1 more | 5 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Real Time Extension and 2 more | 2025-04-12 | 9.8 Critical |
| drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets. | ||||
| CVE-2016-4578 | 5 Canonical, Debian, Linux and 2 more | 13 Ubuntu Linux, Debian Linux, Linux Kernel and 10 more | 2025-04-12 | N/A |
| sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions. | ||||
| CVE-2014-8559 | 7 Canonical, Linux, Novell and 4 more | 14 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Desktop and 11 more | 2025-04-12 | 5.5 Medium |
| The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application. | ||||
| CVE-2015-8830 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Extras Rt | 2025-04-12 | N/A |
| Integer overflow in the aio_setup_single_vector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of a CVE-2012-6701 regression. | ||||
| CVE-2014-9644 | 5 Canonical, Debian, Linux and 2 more | 7 Ubuntu Linux, Debian Linux, Linux Kernel and 4 more | 2025-04-12 | N/A |
| The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a parenthesized module template expression in the salg_name field, as demonstrated by the vfat(aes) expression, a different vulnerability than CVE-2013-7421. | ||||
| CVE-2016-4997 | 6 Canonical, Debian, Linux and 3 more | 14 Ubuntu Linux, Debian Linux, Linux Kernel and 11 more | 2025-04-12 | 7.8 High |
| The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement. | ||||
| CVE-2016-4565 | 4 Canonical, Debian, Linux and 1 more | 9 Ubuntu Linux, Debian Linux, Linux Kernel and 6 more | 2025-04-12 | 7.8 High |
| The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface. | ||||
| CVE-2013-4312 | 3 Linux, Oracle, Redhat | 4 Linux Kernel, Linux, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c. | ||||
| CVE-2015-2922 | 5 Debian, Fedoraproject, Linux and 2 more | 8 Debian Linux, Fedora, Linux Kernel and 5 more | 2025-04-12 | N/A |
| The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message. | ||||