Red hat Extra Packages For Enterprise Linux 7 Vulnerabilities

Indent Vulnerability Could Lead to Application Crash

CVE-2024-0911

Red Hatindent5.5MEDIUM

Sqlite: use-after-free bug in jsonparseaddnodearray

CVE-2024-0232

Red HatSqlite5.5MEDIUM

Libssh: missing checks for return values for digests

CVE-2023-6918

Red Hatlibssh5.3MEDIUM

Qemu: 9pfs: improper access control on special files

CVE-2023-2861

Red HatQemu7.1HIGH

Imagemagick: heap use-after-free in coders/bmp.c

CVE-2023-5341

Red HatImagemagick5.5MEDIUM

Memory leak on tls connections

CVE-2022-4132

Red HatJss5.9MEDIUM

Local variable `ch_type` in function `bfd_init_section_decompress_status` can be uninitialized

CVE-2023-25586

Red Hatbinutils5.5MEDIUM

Field `the_bfd` of `asymbol` is uninitialized in function `bfd_mach_o_get_synthetic_symtab`

CVE-2023-25588

Red Hatbinutils5.5MEDIUM

Field `file_table` of `struct module *module` is uninitialized

CVE-2023-25585

Red Hatbinutils5.5MEDIUM

Out of bounds read in parse_module function in bfd/vms-alpha.c

CVE-2023-25584

Red HatBinutils6.3MEDIUM

Gvariant deserialisation does not match spec for non-normal data

CVE-2023-32665

Red HatGlib25.5MEDIUM

Gvariant offset table entry size is not checked in is_normal()

CVE-2023-29499

Red Hatglib27.5HIGH

G_variant_byteswap() can take a long time with some non-normal inputs

CVE-2023-32611

Red Hatglib25.5MEDIUM

Dma reentrancy issue (incomplete fix for cve-2021-3750)

CVE-2023-2680

Red Hatqemu8.2HIGH

Triggerable assertion due to race condition in hot-unplug

CVE-2023-3301

Red Hatqemu5.6MEDIUM

Out-of-bounds read information disclosure vulnerability

CVE-2023-4135

Red Hatqemu-kvm6.5MEDIUM

Heap buffer overflow in virtio_crypto_sym_op_helper()

CVE-2023-3180

Red Hatqemu6.5MEDIUM

Qemu: 9pfs: suid/sgid bits not dropped on file write

CVE-2023-1386

Red HatQemu7.8HIGH

Processing sftp server read may cause null dereference

CVE-2023-3603

Red HatLibssh3.1LOW

Improper i/o watch removal in tls handshake can lead to remote unauthenticated denial of service

CVE-2023-3354

Red HatQemu7.5HIGH

Heap-buffer-overflow in src/formats_i.c

CVE-2023-34432

Red HatSox7.8HIGH

Floating point exception in src/voc.c

CVE-2023-32627

Red HatSox6.2MEDIUM

Heap-buffer-overflow in src/hcom.c

CVE-2023-34318

Red HatSox7.8HIGH

Floating point exception in src/aiff.c

CVE-2023-26590

Red HatSox6.2MEDIUM

Vulnerability Published:

Sort By:

6 February 2024

Indent Vulnerability Could Lead to Application Crash

16 January 2024

Sqlite: use-after-free bug in jsonparseaddnodearray

19 December 2023

Libssh: missing checks for return values for digests

6 December 2023

Qemu: 9pfs: improper access control on special files

19 November 2023

Imagemagick: heap use-after-free in coders/bmp.c

4 October 2023

Memory leak on tls connections

14 September 2023

Local variable `ch_type` in function `bfd_init_section_decompress_status` can be uninitialized

Field `the_bfd` of `asymbol` is uninitialized in function `bfd_mach_o_get_synthetic_symtab`

Field `file_table` of `struct module *module` is uninitialized

Out of bounds read in parse_module function in bfd/vms-alpha.c

Gvariant deserialisation does not match spec for non-normal data

Gvariant offset table entry size is not checked in is_normal()

G_variant_byteswap() can take a long time with some non-normal inputs

13 September 2023

Dma reentrancy issue (incomplete fix for cve-2021-3750)

Triggerable assertion due to race condition in hot-unplug

4 August 2023

Out-of-bounds read information disclosure vulnerability

3 August 2023

Heap buffer overflow in virtio_crypto_sym_op_helper()

24 July 2023

Qemu: 9pfs: suid/sgid bits not dropped on file write

21 July 2023

Processing sftp server read may cause null dereference

11 July 2023

Improper i/o watch removal in tls handshake can lead to remote unauthenticated denial of service

10 July 2023

Heap-buffer-overflow in src/formats_i.c

Floating point exception in src/voc.c

Heap-buffer-overflow in src/hcom.c

Floating point exception in src/aiff.c