U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.2:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 12 matching records.
Displaying matches 1 through 12.
Vuln ID Summary CVSS Severity
CVE-2022-0435

A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network.

Published: March 25, 2022; 3:15:10 PM -0400
V3.1: 8.8 HIGH
V2.0: 9.0 HIGH
CVE-2022-0330

A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system.

Published: March 25, 2022; 3:15:10 PM -0400
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2022-0847

A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.

Published: March 10, 2022; 12:44:57 PM -0500
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-3656

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.

Published: March 04, 2022; 2:15:08 PM -0500
V3.1: 8.8 HIGH
V2.0: 7.2 HIGH
CVE-2022-0492

A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.

Published: March 03, 2022; 2:15:08 PM -0500
V3.1: 7.8 HIGH
V2.0: 4.4 MEDIUM
CVE-2021-3609

.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.

Published: March 03, 2022; 2:15:08 PM -0500
V3.1: 7.0 HIGH
V2.0: 6.9 MEDIUM
CVE-2019-14816

There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

Published: September 20, 2019; 3:15:11 PM -0400
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2019-14814

There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

Published: September 20, 2019; 3:15:11 PM -0400
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2019-10126

A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.

Published: June 14, 2019; 10:29:00 AM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2019-3460

A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.

Published: April 11, 2019; 12:29:02 PM -0400
V3.1: 6.5 MEDIUM
V2.0: 3.3 LOW
CVE-2019-3459

A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.

Published: April 11, 2019; 12:29:02 PM -0400
V3.1: 6.5 MEDIUM
V2.0: 3.3 LOW
CVE-2019-3887

A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash the host kernel resulting in DoS issue. Kernel versions from 4.16 and newer are vulnerable to this issue.

Published: April 09, 2019; 12:29:01 PM -0400
V3.1: 5.6 MEDIUM
V2.0: 4.7 MEDIUM