Redhat: >> Codeready Linux Builder >> 8.0 Security Vulnerabilities
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
CVSS Score
7.8
EPSS Score
0.093
Published
2022-03-03
An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition.
CVSS Score
6.5
EPSS Score
0.0
Published
2022-02-18
There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application availability.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-01-05
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
CVSS Score
6.5
EPSS Score
0.004
Published
2019-11-14
A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-04-11
A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-04-11
Page 2