Redhat: >> Virtualization Host >> 4.0 Security Vulnerabilities
A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.
CVSS Score
7.1
EPSS Score
0.0
Published
2024-04-18
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service.
CVSS Score
6.5
EPSS Score
0.0
Published
2024-02-07
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.
CVSS Score
6.5
EPSS Score
0.0
Published
2024-02-07
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.
CVSS Score
6.5
EPSS Score
0.0
Published
2024-02-07
CVE-2023-4911
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
Known exploited
CVSS Score
7.8
EPSS Score
0.755
Published
2023-10-03
A race condition was found in vdsm. Functionality to obfuscate sensitive values in log files that may lead to values being stored in clear text.
CVSS Score
4.7
EPSS Score
0.0
Published
2022-08-26
A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-08-26
A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share.
CVSS Score
6.8
EPSS Score
0.004
Published
2022-08-23
A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-08-22
A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-03-25
Page 1