Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_linux
(Redhat)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-03-23 | CVE-2023-1513 | A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak. | Fedora, Linux_kernel, Enterprise_linux | 3.3 | ||
| 2023-03-27 | CVE-2021-3923 | A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms. | Fedora, Linux_kernel, Enterprise_linux | 2.3 | ||
| 2023-03-29 | CVE-2023-0664 | A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their privileges on the system. | Fedora, Qemu, Enterprise_linux | 7.8 | ||
| 2023-05-08 | CVE-2023-2513 | A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors. | Linux_kernel, Enterprise_linux | 6.7 | ||
| 2023-05-10 | CVE-2023-32573 | In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled. | Qt, Enterprise_linux | 6.5 | ||
| 2023-05-30 | CVE-2023-34152 | A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured. | Extra_packages_for_enterprise_linux, Fedora, Imagemagick, Enterprise_linux | 9.8 | ||
| 2023-05-30 | CVE-2023-34153 | A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding. | Extra_packages_for_enterprise_linux, Fedora, Imagemagick, Enterprise_linux | 7.8 | ||
| 2023-06-01 | CVE-2023-2977 | A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or... | Opensc, Enterprise_linux | 7.1 | ||
| 2023-07-10 | CVE-2023-26590 | A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service. | Extra_packages_for_enterprise_linux, Fedora, Enterprise_linux, Sox | 5.5 | ||
| 2023-07-10 | CVE-2023-32627 | A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service. | Extra_packages_for_enterprise_linux, Fedora, Enterprise_linux, Sox | 5.5 |