Product:

Enterprise_linux

(Redhat)
Date Id Summary Products Score Patch Annotated
2021-03-09 CVE-2020-35524 A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Debian_linux, Fedora, Libtiff, Ontap_select_deploy_administration_utility, Enterprise_linux 7.8
2021-03-09 CVE-2021-3411 A flaw was found in the Linux kernel in versions prior to 5.10. A violation of memory access was found while detecting a padding of int3 in the linking state. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Linux_kernel, Enterprise_linux 6.7
2021-03-11 CVE-2021-20261 A race condition was found in the Linux kernels implementation of the floppy disk drive controller driver software. The impact of this issue is lessened by the fact that the default permissions on the floppy device (/dev/fd0) are restricted to root. If the permissions on the device have changed the impact changes greatly. In the default configuration root (or equivalent) permissions are required to attack this flaw. Linux_kernel, Enterprise_linux 6.4
2021-03-12 CVE-2021-20231 A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences. Fedora, Gnutls, Active_iq_unified_manager, E\-Series_performance_analyzer, Enterprise_linux 9.8
2021-03-12 CVE-2021-20232 A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences. Fedora, Gnutls, Enterprise_linux 9.8
2021-03-15 CVE-2021-20179 A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity. Dogtagpki, Fedora, Certificate_system, Enterprise_linux 8.1
2021-03-18 CVE-2020-27827 A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability. Fedora, Lldpd, Openvswitch, Enterprise_linux, Openshift_container_platform, Openstack, Virtualization, Simatic_hmi_unified_comfort_panels_firmware, Simatic_net_cp_1243\-1_firmware, Simatic_net_cp_1243\-8_irc_firmware, Simatic_net_cp_1542sp\-1_firmware, Simatic_net_cp_1542sp\-1_irc_firmware, Simatic_net_cp_1543\-1_firmware, Simatic_net_cp_1543sp\-1_firmware, Simatic_net_cp_1545\-1_firmware, Sinumerik_one_firmware, Tim_1531_irc_firmware 7.5
2021-03-15 CVE-2021-20286 A flaw was found in libnbd 1.7.3. An assertion failure in nbd_unlocked_opt_go in ilb/opt.c may lead to denial of service. Enterprise_linux, Libnbd 2.7
2021-03-18 CVE-2021-3416 A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario. Debian_linux, Fedora, Qemu, Enterprise_linux 6.0
2021-03-23 CVE-2021-20270 An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword. Debian_linux, Fedora, Pygments, Enterprise_linux, Openshift_container_platform, Openstack_platform, Software_collections 7.5