Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:x86:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2015-2877 |
Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection (CAIN) attack. NOTE: the vendor states "Basically if you care about this attack vector, disable deduplication." Share-until-written approaches for memory conservation among mutually untrusting tenants are inherently detectable for information disclosure, and can be classified as potentially misunderstood behaviors rather than vulnerabilities Published: March 03, 2017; 6:59:00 AM -0500 |
V3.1: 3.3 LOW V2.0: 2.1 LOW |
CVE-2016-2568 |
pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. Published: February 13, 2017; 1:59:00 PM -0500 |
V3.1: 7.8 HIGH V2.0: 4.4 MEDIUM |
CVE-2016-9921 |
Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process instance on the host, resulting in DoS. Published: December 23, 2016; 5:59:00 PM -0500 |
V3.1: 6.5 MEDIUM V2.0: 2.1 LOW |
CVE-2016-9911 |
Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehci_init_transfer'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host. Published: December 23, 2016; 5:59:00 PM -0500 |
V3.1: 6.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2016-9907 |
Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while destroying the USB redirector in 'usbredir_handle_destroy'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host. Published: December 23, 2016; 5:59:00 PM -0500 |
V3.1: 6.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2016-9675 |
openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially execute arbitrary code. Published: December 22, 2016; 4:59:00 PM -0500 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2016-7091 |
sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files with elevated privileges provided by sudo. Published: December 22, 2016; 4:59:00 PM -0500 |
V3.0: 4.4 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2016-7466 |
Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator), when the xhci uses msix, allows local guest OS administrators to cause a denial of service (memory consumption and possibly QEMU process crash) by repeatedly unplugging a USB device. Published: December 09, 2016; 7:59:19 PM -0500 |
V3.1: 6.0 MEDIUM V2.0: 1.9 LOW |
CVE-2016-7422 |
The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via a large I/O descriptor buffer length value. Published: December 09, 2016; 7:59:18 PM -0500 |
V3.1: 6.0 MEDIUM V2.0: 2.1 LOW |
CVE-2016-6888 |
Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU process crash) via the maximum fragmentation count, which triggers an unchecked multiplication and NULL pointer dereference. Published: December 09, 2016; 7:59:09 PM -0500 |
V3.1: 4.4 MEDIUM V2.0: 2.1 LOW |
CVE-2016-6835 |
The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (buffer over-read) by leveraging failure to check IP header length. Published: December 09, 2016; 7:59:06 PM -0500 |
V3.1: 6.0 MEDIUM V2.0: 2.1 LOW |
CVE-2016-5195 |
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW." Published: November 10, 2016; 4:59:00 PM -0500 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2016-8910 |
The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count. Published: November 04, 2016; 5:59:10 PM -0400 |
V3.1: 6.0 MEDIUM V2.0: 2.1 LOW |
CVE-2016-8909 |
The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position. Published: November 04, 2016; 5:59:09 PM -0400 |
V3.1: 6.0 MEDIUM V2.0: 2.1 LOW |
CVE-2016-8669 |
The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater than baud base. Published: November 04, 2016; 5:59:06 PM -0400 |
V3.1: 6.0 MEDIUM V2.0: 2.1 LOW |
CVE-2016-8576 |
The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit the number of link Transfer Request Blocks (TRB) to process. Published: November 04, 2016; 5:59:00 PM -0400 |
V3.1: 6.0 MEDIUM V2.0: 2.1 LOW |
CVE-2016-1000033 |
Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks. Published: October 25, 2016; 10:29:03 AM -0400 |
V3.1: 3.7 LOW V2.0: 4.3 MEDIUM |
CVE-2016-6325 |
The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1) /etc/sysconfig/tomcat and (2) /etc/tomcat/tomcat.conf, which allows local users to gain privileges by leveraging membership in the tomcat group. Published: October 13, 2016; 10:59:09 AM -0400 |
V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2016-5432 |
The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization (RHEV) Engine 4.0 allows local users to obtain sensitive database provisioning information by reading log files. Published: October 03, 2016; 2:59:07 PM -0400 |
V3.0: 3.3 LOW V2.0: 2.1 LOW |
CVE-2016-5406 |
The domain controller in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2 allows remote authenticated users to gain privileges by leveraging failure to propagate administrative RBAC configuration to all slaves. Published: September 26, 2016; 10:59:05 AM -0400 |
V3.0: 8.8 HIGH V2.0: 6.5 MEDIUM |