Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-19339

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-17 Jan, 2020 | 18:08
Updated At-05 Aug, 2024 | 02:16
Rejected At-
Credits

It was found that the Red Hat Enterprise Linux 8 kpatch update did not include the complete fix for CVE-2018-12207. A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local cache and system software's Paging structure entries. A privileged guest user may use this flaw to induce a hardware Machine Check Error on the host processor, resulting in a severe DoS scenario by halting the processor. System software like OS OR Virtual Machine Monitor (VMM) use virtual memory system for storing program instructions and data in memory. Virtual Memory system uses Paging structures like Page Tables and Page Directories to manage system memory. The processor's Memory Management Unit (MMU) uses Paging structure entries to translate program's virtual memory addresses to physical memory addresses. The processor stores these address translations into its local cache buffer called - Translation Lookaside Buffer (TLB). TLB has two parts, one for instructions and other for data addresses. System software can modify its Paging structure entries to change address mappings OR certain attributes like page size etc. Upon such Paging structure alterations in memory, system software must invalidate the corresponding address translations in the processor's TLB cache. But before this TLB invalidation takes place, a privileged guest user may trigger an instruction fetch operation, which could use an already cached, but now invalid, virtual to physical address translation from Instruction TLB (ITLB). Thus accessing an invalid physical memory address and resulting in halting the processor due to the Machine Check Error (MCE) on Page Size Change.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:17 Jan, 2020 | 18:08
Updated At:05 Aug, 2024 | 02:16
Rejected At:
▼CVE Numbering Authority (CNA)

It was found that the Red Hat Enterprise Linux 8 kpatch update did not include the complete fix for CVE-2018-12207. A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local cache and system software's Paging structure entries. A privileged guest user may use this flaw to induce a hardware Machine Check Error on the host processor, resulting in a severe DoS scenario by halting the processor. System software like OS OR Virtual Machine Monitor (VMM) use virtual memory system for storing program instructions and data in memory. Virtual Memory system uses Paging structures like Page Tables and Page Directories to manage system memory. The processor's Memory Management Unit (MMU) uses Paging structure entries to translate program's virtual memory addresses to physical memory addresses. The processor stores these address translations into its local cache buffer called - Translation Lookaside Buffer (TLB). TLB has two parts, one for instructions and other for data addresses. System software can modify its Paging structure entries to change address mappings OR certain attributes like page size etc. Upon such Paging structure alterations in memory, system software must invalidate the corresponding address translations in the processor's TLB cache. But before this TLB invalidation takes place, a privileged guest user may trigger an instruction fetch operation, which could use an already cached, but now invalid, virtual to physical address translation from Instruction TLB (ITLB). Thus accessing an invalid physical memory address and resulting in halting the processor due to the Machine Check Error (MCE) on Page Size Change.

Affected Products
Vendor
Red Hat, Inc.Red Hat
Product
kpatch:
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
CWECWE-805CWE-805
Type: CWE
CWE ID: CWE-805
Description: CWE-805
Metrics
VersionBase scoreBase severityVector
3.06.5MEDIUM
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Version: 3.0
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19339
x_refsource_CONFIRM
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19339
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19339
x_refsource_CONFIRM
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19339
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:17 Jan, 2020 | 19:15
Updated At:19 Oct, 2020 | 19:52

It was found that the Red Hat Enterprise Linux 8 kpatch update did not include the complete fix for CVE-2018-12207. A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local cache and system software's Paging structure entries. A privileged guest user may use this flaw to induce a hardware Machine Check Error on the host processor, resulting in a severe DoS scenario by halting the processor. System software like OS OR Virtual Machine Monitor (VMM) use virtual memory system for storing program instructions and data in memory. Virtual Memory system uses Paging structures like Page Tables and Page Directories to manage system memory. The processor's Memory Management Unit (MMU) uses Paging structure entries to translate program's virtual memory addresses to physical memory addresses. The processor stores these address translations into its local cache buffer called - Translation Lookaside Buffer (TLB). TLB has two parts, one for instructions and other for data addresses. System software can modify its Paging structure entries to change address mappings OR certain attributes like page size etc. Upon such Paging structure alterations in memory, system software must invalidate the corresponding address translations in the processor's TLB cache. But before this TLB invalidation takes place, a privileged guest user may trigger an instruction fetch operation, which could use an already cached, but now invalid, virtual to physical address translation from Instruction TLB (ITLB). Thus accessing an invalid physical memory address and resulting in halting the processor due to the Machine Check Error (MCE) on Page Size Change.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Secondary3.06.5MEDIUM
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Primary2.04.9MEDIUM
AV:L/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Type: Secondary
Version: 3.0
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 4.9
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
Red Hat, Inc.
redhat
>>enterprise_linux>>8.0
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_eus>>8.1
cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE-805Secondarysecalert@redhat.com
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-805
Type: Secondary
Source: secalert@redhat.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19339secalert@redhat.com
Issue Tracking
Vendor Advisory
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19339
Source: secalert@redhat.com
Resource:
Issue Tracking
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

101Records found
CVE-2006-5701
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.85% / 53.47%
||
7 Day CHG~0.00%
Published-03 Nov, 2006 | 23:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free vulnerability in squashfs module in the Linux kernel 2.6.x, as used in Fedora Core 5 and possibly other distributions, allows local users to cause a denial of service by mounting a crafted squashfs filesystem.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncRed Hat, Inc.
Product-linux_kernelfedora_coren/a
CVE-2006-2932
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.38% / 30.11%
||
7 Day CHG~0.00%
Published-23 Aug, 2006 | 19:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A regression error in the restore_all code path of the 4/4GB split support for non-hugemem Linux kernels on Red Hat Linux Desktop and Enterprise Linux 4 allows local users to cause a denial of service (panic) via unspecified vectors.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linux_desktoplinux_kerneln/a
CVE-2017-15121
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.40% / 31.49%
||
7 Day CHG~0.00%
Published-06 Dec, 2017 | 16:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A non-privileged user is able to mount a fuse filesystem on RHEL 6 or 7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary.

Action-Not Available
Vendor-Red Hat, Inc.
Product-enterprise_linux_workstationenterprise_linux_serverenterprise_linux_server_tusenterprise_linux_desktopenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linuxRed Hat Enterprise Linux
CWE ID-CWE-20
Improper Input Validation
CVE-2002-2185
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-2.49% / 82.59%
||
7 Day CHG~0.00%
Published-16 Nov, 2005 | 21:17
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.

Action-Not Available
Vendor-n/aDebian GNU/LinuxMicrosoft CorporationMandriva (Mandrakesoft)Silicon Graphics, Inc.Red Hat, Inc.SUSE
Product-debian_linuxwindows_98irixlinuxlinux_advanced_workstationmandrake_linuxsuse_linuxwindows_98seenterprise_linux_desktopwindows_xpenterprise_linuxn/a
CVE-2018-16885
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.42% / 33.81%
||
7 Day CHG~0.00%
Published-03 Jan, 2019 | 16:00
Updated-05 Aug, 2024 | 10:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel that allows the userspace to call memcpy_fromiovecend() and similar functions with a zero offset and buffer length which causes the read beyond the buffer boundaries, in certain cases causing a memory access fault and a system halt by accessing invalid memory address. This issue only affects kernel version 3.10.x as shipped with Red Hat Enterprise Linux 7.

Action-Not Available
Vendor-Linux Kernel Organization, IncRed Hat, Inc.The Linux Foundation
Product-enterprise_linux_serverlinux_kernelkernel
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-14646
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.39% / 30.97%
||
7 Day CHG~0.00%
Published-26 Nov, 2018 | 19:00
Updated-05 Aug, 2024 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. A local attacker could exploit this when a net namespace with a netnsid is assigned to cause a kernel panic and a denial of service.

Action-Not Available
Vendor-[UNKNOWN]Linux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linux_serverlinux_kernelenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linux_workstationenterprise_linux_server_tusenterprise_linux_desktopkernel:
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-4144
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.28% / 19.69%
||
7 Day CHG~0.00%
Published-29 Nov, 2022 | 00:00
Updated-14 Apr, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address, potentially reading past the end of the bar space into adjacent pages. A malicious guest user could use this flaw to crash the QEMU process on the host causing a denial of service condition.

Action-Not Available
Vendor-n/aQEMURed Hat, Inc.Fedora Project
Product-enterprise_linuxqemuextra_packages_for_enterprise_linuxfedoraQEMU (QXL device)
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-1130
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.50% / 38.54%
||
7 Day CHG~0.00%
Published-10 May, 2018 | 13:00
Updated-05 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.

Action-Not Available
Vendor-unspecifiedLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxlinux_kernelenterprise_linux_workstationenterprise_linux_desktopkernel
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-10882
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.8||MEDIUM
EPSS-0.72% / 49.00%
||
7 Day CHG~0.00%
Published-27 Jul, 2018 | 18:00
Updated-05 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image.

Action-Not Available
Vendor-[UNKNOWN]Linux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.Red Hat, Inc.
Product-ubuntu_linuxdebian_linuxlinux_kernelenterprise_linuxkernel
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-10872
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.46% / 36.72%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 19:00
Updated-05 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction after the stack switch is executed. An unprivileged system user could use this flaw to crash the system kernel resulting in DoS. This CVE-2018-10872 was assigned due to regression of CVE-2018-8897 in Red Hat Enterprise Linux 6.10 GA kernel. No other versions are affected by this CVE.

Action-Not Available
Vendor-Linux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linux_serverenterprise_linux_desktopenterprise_linux_workstationenterprise_linuxkernel
CWE ID-CWE-250
Execution with Unnecessary Privileges
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-1070
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.85% / 53.35%
||
7 Day CHG~0.00%
Published-12 Jun, 2018 | 13:00
Updated-05 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

routing before version 3.10 is vulnerable to an improper input validation of the Openshift Routing configuration which can cause an entire shard to be brought down. A malicious user can use this vulnerability to cause a Denial of Service attack for other users of the router shard.

Action-Not Available
Vendor-[UNKNOWN]Red Hat, Inc.
Product-openshift_container_platformrouting
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8379
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.41% / 32.92%
||
7 Day CHG~0.00%
Published-23 May, 2017 | 03:56
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events.

Action-Not Available
Vendor-n/aRed Hat, Inc.Debian GNU/LinuxQEMU
Product-openstackdebian_linuxqemun/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2022-34678
Matching Score-8
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-8
Assigner-NVIDIA Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.24% / 15.05%
||
7 Day CHG~0.00%
Published-30 Dec, 2022 | 00:00
Updated-10 Apr, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged user can cause a null-pointer dereference, which may lead to denial of service.

Action-Not Available
Vendor-NVIDIA CorporationRed Hat, Inc.VMware (Broadcom Inc.)Citrix (Cloud Software Group, Inc.)Microsoft CorporationLinux Kernel Organization, Inc
Product-virtual_gpulinux_kernelwindowscloud_gamingenterprise_linux_kernel-based_virtual_machinehypervisorvspherevGPU software (guest driver) - Windows, Linux and vGPU software (Virtual GPU Manager), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (guest driver), NVIDIA Cloud Gaming (Virtual GPU Manager)
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-7560
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.25% / 16.30%
||
7 Day CHG~0.00%
Published-13 Sep, 2017 | 17:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

It was found that rhnsd PID files are created as world-writable that allows local attackers to fill the disks or to kill selected processes.

Action-Not Available
Vendor-Red Hat, Inc.
Product-rhnsdrhnsd
CWE ID-CWE-377
Insecure Temporary File
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-10883
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.8||MEDIUM
EPSS-0.53% / 40.56%
||
7 Day CHG~0.00%
Published-30 Jul, 2018 | 15:00
Updated-05 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.

Action-Not Available
Vendor-[UNKNOWN]Linux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxlinux_kernelenterprise_linux_workstationenterprise_linuxenterprise_linux_desktopkernel
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-0665
Matching Score-8
Assigner-Fedora Project
ShareView Details
Matching Score-8
Assigner-Fedora Project
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 3.91%
||
7 Day CHG~0.00%
Published-18 Feb, 2026 | 20:50
Updated-19 Feb, 2026 | 15:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qemu-kvm: heap off-by-one in kvm xen physdevop_map_pirq

An off-by-one error was found in QEMU's KVM Xen guest support. A malicious guest could use this flaw to trigger out-of-bounds heap accesses in the QEMU process via the emulated Xen physdev hypercall interface, leading to a denial of service or potential memory corruption.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat OpenShift Container Platform 4Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 9Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8
CWE ID-CWE-787
Out-of-bounds Write
CVE-2003-0859
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.37% / 28.84%
||
7 Day CHG~0.00%
Published-18 Nov, 2003 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.

Action-Not Available
Vendor-quaggan/aSilicon Graphics, Inc.GNUIntel CorporationRed Hat, Inc.
Product-zebralinux_advanced_workstationquagga_routing_software_suitepropackglibcia64enterprise_linuxn/a
CVE-2018-12207
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.92% / 55.46%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 19:08
Updated-05 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.

Action-Not Available
Vendor-n/aopenSUSEOracle CorporationF5, Inc.Fedora ProjectDebian GNU/LinuxIntel CorporationRed Hat, Inc.Canonical Ltd.
Product-xeon_3040xeon_l7555_firmwarexeon_e7-8893_v3xeon_e7420_firmwarexeon_e5-1620_v2_firmwarexeon_e3-1558l_v5xeon_5140_firmwarexeon_e5-2608l_v4_firmwarexeon_e5-2660_v3xeon_e5-2450_v2core_i5-1035g7xeon_e7450core_i3-8350k_firmwarecore_i3-9350k_firmwarexeon_e5-2697_v4xeon_d-1527xeon_e5472xeon_x5492_firmwarexeon_x3370_firmwarexeon_w-2125xeon_e7-8890_v3_firmwarexeon_gold_5217_firmwarexeon_e6510xeon_e3-1220_v5_firmwarexeon_e7-8880_v4xeon_e5-2620_v2_firmwarexeon_d-2163it_firmwareceleron_g1610t_firmwarexeon_l7345core_i7-9700xeon_gold_6240_firmwarexeon_gold_6234xeon_e3-1280_v5pentium_gold_g5400txeon_lc5518_firmwarecore_i5-1035g4core_i9-9920x_x-seriesxeon_d-1518xeon_w-2255xeon_e5-1680_v3_firmwarexeon_e5462xeon_e3-1285l_v4_firmwarecore_i5-9600t_firmwarecore_i7-6567u_firmwarexeon_x3380_firmwarexeon_e7-4830_v3_firmwarexeon_gold_6248_firmwareenterprise_linux_servercore_i9-7920xxeon_e5-2683_v4xeon_e5-2608l_v4xeon_e5-1660_v3_firmwarexeon_e-2224xeon_l3110_firmwarexeon_gold_5218celeron_g1830core_i9-7940x_firmwarexeon_d-1567xeon_x5680_firmwarecore_i5-8269u_firmwarecore_i5-6287u_firmwarexeon_e5420xeon_d-2173it_firmwarecore_i5-5350h_firmwarexeon_w-2245xeon_e5-2699_v3xeon_x7350_firmwarexeon_e5620_firmwarecore_i5-8700bxeon_l5215xeon_e3-1240_v5_firmwarecore_i5-5250uxeon_e5-4640_v2xeon_x5472_firmwarecore_i7-10710u_firmwarecore_i7-7820hkxeon_e5-4657l_v2xeon_l3426_firmwarecore_i7-5850hqxeon_e7-8870_v4_firmwarexeon_e3-1558l_v5_firmwarexeon_e7-8895_v2_firmwarexeon_e5-2609_v2_firmwarexeon_gold_6240core_i7-6970hqxeon_7150nceleron_g1820te_firmwarexeon_e5-2450l_v2_firmwarecore_i5-9400_firmwarexeon_e7-8893_v4_firmwarexeon_d-2177nt_firmwarecore_i7-8500y_firmwarexeon_e7-4860_v2_firmwarexeon_e5-2667_v4_firmwareceleron_g4930e_firmwarexeon_gold_5218t_xeon_e7-8893_v2xeon_gold_5220s_firmwarexeon_e5520xeon_d-1539core_m3-6y30celeron_g4900txeon_5063_firmwarexeon_e5530_firmwarexeon_w3565core_m-5y31_firmwarexeon_e3-1275_v5_firmwarexeon_x5672xeon_e3-1535m_v5xeon_x5570_firmwareceleron_g3900te_firmwarexeon_l5530_firmwarexeon_e5603xeon_e7-4809_v3xeon_gold_6230_firmwarexeon_d-2146ntceleron_g4932exeon_e5-2609_v2xeon_e3-1268l_v5xeon_7130mxeon_e3110xeon_e7-4820_v3_firmwarexeon_x3210_firmwarexeon_w-2223_firmwarexeon_e3-1260l_v5_firmwarecore_i7-8750hcore_i7-5700hq_firmwarexeon_l5630xeon_e5607_firmwarecore_i3-7100u_firmwarexeon_e5-4669_v4_firmwarexeon_x3220xeon_e5-2680_v2xeon_d-2166ntxeon_e3-1270_v6xeon_e3-1505m_v5xeon_silver_4216xeon_gold_6230xeon_e5-2403_v2_firmwarexeon_w-2195xeon_e5630_firmwareopenshift_container_platformxeon_e5-2628l_v4xeon_e7540_firmwarexeon_e-2276gcore_i5-7267u_firmwarecore_i7-5557u_firmwarexeon_d-2183itxeon_l7455_firmwarecore_i3-5020uxeon_e5-2687w_v2core_i3-7100core_i7-8809gxeon_e5-4667_v3xeon_lc3518_firmwarexeon_e7-4809_v2_firmwarecore_i5-5257ucore_m-5y70xeon_x5677xeon_e3-1230_v6_firmwarecore_i5-7267ucore_i5\+8500xeon_e5220xeon_silver_4208core_m-5y10a_firmwarexeon_e3-1585_v5xeon_l5618_firmwarexeon_e5-2667_v2_firmwarecore_i7-6560uxeon_w-2123core_i5-9400txeon_gold_5220sxeon_platinum_8280m_firmwarecore_i7-5550u_firmwarexeon_platinum_9282core_i5-8300hxeon_x3370xeon_e3-1220_v6_firmwarexeon_e5-2683_v3core_i3-10110yxeon_e5-2637_v2_firmwarexeon_platinum_9242_firmwarexeon_e3-1535m_v6_firmwarexeon_7041xeon_silver_4210xeon_platinum_8256_firmwarexeon_e5649_firmwarexeon_e5420_firmwarexeon_l5240big-ip_application_acceleration_managerxeon_e5-2618l_v4_firmwarepentium_gold_g5500txeon_e5-2650_v3_firmwarexeon_e3-1240l_v5_firmwarexeon_7150n_firmwarexeon_e5-2660_v3_firmwarexeon_platinum_8276mxeon_x3470_firmwarexeon_gold_6238mceleron_g4920xeon_e-2274gcore_i3-6167uxeon_l3360_firmwarecore_i5-9500xeon_d-1540xeon_x3470xeon_e5-1650_v2xeon_e5-2698_v4xeon_e3-1245_v5_firmwarexeon_d-1528core_i7-6500ucore_i7-6500u_firmwarexeon_x3320_firmwareceleron_g3902exeon_e5-4620_v2_firmwarexeon_e3-1280_v6_firmwarexeon_x5260xeon_gold_6230t_firmwarexeon_e5-2620_v3_firmwarexeon_e5-2660_v4xeon_lv_5128_firmwaredebian_linuxxeon_l7345_firmwarecore_i3-7100h_firmwarecore_i5-8300h_firmwarexeon_silver_4208_firmwarexeon_platinum_8268xeon_e5-2650_v4_firmwarexeon_e-2136_firmwarexeon_e3-1235l_v5_firmwarexeon_e5-2690_v2_firmwarexeon_e5-1660_v2xeon_ec5539core_i7-8565uxeon_e7450_firmwarexeon_x5675xeon_e5-2630_v4_firmwarexeon_e5-2687w_v4core_i9-9980xe_firmwarexeon_l5609_firmwarexeon_e-2274g_firmwarexeon_e7340xeon_e5502_firmwarecore_i5-7300hqcore_i7-7560uxeon_e5-2695_v2_firmwarexeon_e3-1271_v3xeon_gold_6240mxeon_e5-4667_v3_firmwarepentium_gold_g5420txeon_3040_firmwarexeon_e3-1220l_v3_firmwarexeon_x3330core_i5-6200u_firmwarecore_i3-8100t_firmwarecore_i5-8259uxeon_e5-2699a_v4_firmwarexeon_d-1529xeon_e3-1265l_v3xeon_x3230core_i9-9900x_x-series_firmwarepentium_gold_g5500xeon_w-3265m_firmwarexeon_e5-4660_v4_firmwarecore_i7-5850hq_firmwarexeon_5040_firmwarexeon_e7-4809_v4xeon_x5690_firmwarecore_i9-7900x_firmwarecore_i7-9850h_firmwarexeon_e5335_firmwarecore_i5-6350hqxeon_e5-2630l_v4_firmwarexeon_gold_5218_firmwarexeon_l7455core_i5-7600tceleron_g1630_firmwareenterprise_linux_server_tusxeon_e5-2618l_v4xeon_l5520_firmwarecore_i5-6350hq_firmwarexeon_e-2224gxeon_5070xeon_w-2135xeon_l3014xeon_l5618xeon_e3-1231_v3_firmwarexeon_x3430_firmwarexeon_l5420_firmwarecore_i5-9300hxeon_w3565_firmwarecore_i3-7167u_firmwarecore_i7-8559u_firmwarexeon_gold_5220t_firmwarecore_i7-8086k_firmwarexeon_gold_5220_firmwarecore_i5-1035g1_firmwareceleron_g1620xeon_w5590core_i5-9400hcore_i7-8500yleapxeon_x5270xeon_e5-4640_v3_firmwarexeon_x5675_firmwarexeon_e5-2680_v4_firmwarecore_i7-5557uxeon_gold_6240m_firmwarexeon_e7530xeon_e5-1630_v4_firmwarexeon_e7-8890_v2xeon_lc5528xeon_x5560xeon_e5-4603_v2_firmwarexeon_e5-2640_v2_firmwarecore_i7-7820hqxeon_e5-2620_v3core_i5-6260u_firmwarexeon_w3690xeon_7041_firmwarexeon_l5640xeon_5063core_i3-8300t_firmwarecore_i3-8109u_firmwarecore_i5-7400_firmwarexeon_gold_6254_firmwarexeon_e3-1275_v5core_i7-9700k_firmwarexeon_x5355core_i9-10980xe_firmwarexeon_e3-1240_v5xeon_e-2288g_firmwarexeon_e5-2430_v2_firmwarexeon_5060_firmwarexeon_e5-2450_v2_firmwarexeon_e5-2440_v2_firmwarexeon_e3-1230l_v3xeon_l7445_firmwarexeon_e5-2650_v3xeon_e5-2660_v2_firmwarexeon_e7430xeon_x7560core_i7-6567uxeon_e5-1650_v4_firmwarexeon_x5365core_i7-5775cxeon_e5-2683_v3_firmwarexeon_5070_firmwarexeon_lv_5133_firmwarecore_i9-7900xxeon_e7-8880_v4_firmwareceleron_g3930_firmwarecore_i7-6870hq_firmwarecore_i9-10900x_x-series_firmwarexeon_w-3223xeon_d-1539_firmwarexeon_7130nxeon_d-1559xeon_7130m_firmwarexeon_x5650xeon_w-2235_firmwareceleron_g1610tcore_i5-8265ucore_i5-6300hqxeon_x5670xeon_e5-2648l_v4_firmwarecore_i3-5157u_firmwarepentium_gold_g5400t_firmwarepentium_gold_4410y_firmwarexeon_3070_firmwarexeon_e-2286g_firmwarexeon_d-2183it_firmwarexeon_e3-1220_v3core_i3-5005u_firmwareceleron_g3920_firmwarexeon_e5-4627_v3xeon_e7-4850_v4core_i3-8350kxeon_7110ncore_i5-7500txeon_e3-1505m_v6core_i3-9100core_i5-9600k_firmwarexeon_e7-4880_v2_firmwarexeon_platinum_9282_firmwarexeon_5110_firmwarexeon_e-2224g_firmwarexeon_l5238pentium_gold_g5600xeon_lv_5148_firmwarexeon_e3120xeon_platinum_8276lceleron_g4950_firmwarecore_i7-7700kcore_i7-8705gxeon_e7-4860_v2xeon_l5408_firmwarexeon_platinum_9222big-ip_policy_enforcement_managerxeon_gold_6230tcore_i7-7660uxeon_d-1627_firmwarecore_i3-6100u_firmwarecore_i7-8706gxeon_w-3225xeon_w3550_firmwarexeon_e5-2630_v2_firmwarexeon_e3-1565l_v5xeon_x5470xeon_e5-4610_v2_firmwarepentium_gold_4415u_firmwarexeon_e5-2643_v2_firmwarexeon_e3-1240_v6core_i5-8259u_firmwarexeon_w-2155_firmwarexeon_e7-4850_v3_firmwarecore_i7-8705g_firmwarecore_i3-7100tcore_i7-7700txeon_e7-2850_v2_firmwarexeon_w-3225_firmwarexeon_e5-1630_v4xeon_e5-4660_v3xeon_w-2295core_i9-9900x_x-seriescore_i5-10210ucore_i5-7260u_firmwarecore_i5-7600k_firmwarexeon_e5-2697_v3_firmwarecore_i7-6770hqxeon_e5-2407_v2core_m-5y10axeon_e3-1270_v6_firmwarexeon_gold_5215mcore_i5-7200u_firmwarecore_i7-10510u_firmwarexeon_gold_5215xeon_e5-2667_v3xeon_e7-4820_v3xeon_e5-2650_v2xeon_e-2226g_firmwarexeon_d-2143itxeon_l5238_firmwareceleron_g1610_firmwarexeon_e5405xeon_e5-2699_v4xeon_gold_6244_firmwarexeon_7140n_firmwarexeon_d-2161i_firmwarexeon_e3-1225_v6xeon_e3-1220l_v3core_i7\+8700_firmwarexeon_e5-2699_v3_firmwarexeon_e-2144g_firmwarexeon_e5-2650l_v2_firmwarexeon_e5-2643_v4_firmwarexeon_e3-1225_v5_firmwarexeon_e3-1240l_v5xeon_e5-2690_v3celeron_g1620t_firmwareceleron_g1820_firmwarecore_i3-10110uxeon_e5-1630_v3xeon_w3520xeon_e7530_firmwarecore_i9-10940x_x-series_firmwarexeon_e7310xeon_x5680xeon_e7440xeon_e5-4650_v2_firmwarexeon_x5450_firmwarexeon_e5-2680_v3core_i5-5287u_firmwarexeon_e5-2697_v4_firmwarexeon_platinum_8280mcore_i9-7980xexeon_gold_6240l_firmwarexeon_e5-4655_v3_firmwarexeon_d-2123it_firmwareceleron_g4900t_firmwarexeon_e5502xeon_x5670_firmwarecore_i7-6870hqpentium_gold_4415yxeon_x3480xeon_gold_6238lxeon_e5-2637_v3xeon_e5-2699_v4_firmwarexeon_l5430_firmwarexeon_e7-8890_v2_firmwarecore_i9-10920x_x-seriesxeon_w3670core_i3-1005g1_firmwarexeon_e7-8880l_v3_firmwarebig-ip_advanced_firewall_managerxeon_w-3265mxeon_e5620xeon_e5645core_i5-7500xeon_d-1627xeon_l5518xeon_platinum_8260y_firmwarexeon_x3460xeon_d-1602xeon_x5270_firmwarecore_i5\+8400_firmwarexeon_e3-1270_v5_firmwarexeon_e7-8890_v4core_i5-7200uxeon_e7310_firmwarecore_i5-8350u_firmwareceleron_g1820tceleron_g3930exeon_e5-4607_v2_firmwarexeon_gold_6240y_firmwarexeon_e5-2630l_v3_firmwarexeon_e3-1535m_v5_firmwarexeon_e5-2690_v4xeon_x3230_firmwarexeon_e7-8891_v2pentium_gold_g5600_firmwarexeon_e7-4850_v2xeon_e5-2658_v4_firmwarexeon_e3-1545m_v5xeon_w3680_firmwarecore_i3-9300_firmwarecore_i5-8400txeon_e5430_firmwarexeon_d-2145nt_firmwarepentium_gold_g5600tcore_i3-5015uceleron_g3930tcore_i9-9960x_x-series_firmwarexeon_e7340_firmwarexeon_e7-4870_v2xeon_l5506_firmwarexeon_d-1541_firmwarecore_i7-5775c_firmwarecore_i7-5500uceleron_g4920_firmwarexeon_e3-1260l_v5xeon_l5310_firmwarexeon_e5240_firmwarexeon_d-1623n_firmwarexeon_l5508_firmwarecore_i3-7100hxeon_l5215_firmwarexeon_d-1548_firmwarexeon_3070xeon_e5-2690_v3_firmwarexeon_d-1559_firmwarepentium_gold_g5400_firmwarexeon_x3320xeon_e7-4809_v4_firmwarecore_i5-8200y_firmwarecore_i7-8550u_firmwarecore_i5-6287ucore_i5-1035g7_firmwarexeon_e5-2697a_v4_firmwarexeon_e5450xeon_e5-4650_v3xeon_d-1540_firmwarexeon_platinum_8260mxeon_silver_4214y_firmwarecore_i5-9400xeon_w3680core_i3-8100txeon_e5-1650_v3_firmwarexeon_platinum_8260xeon_e7210big-ip_global_traffic_managerxeon_bronze_3204_firmwarecore_i7-5550uxeon_d-2142it_firmwarexeon_e5-2470_v2core_i5-7500t_firmwarecore_i7-6820hk_firmwarexeon_e3-1280_v5_firmwarexeon_e5-2420_v2celeron_g4930t_firmwarecore_i7-8650uxeon_bronze_3204xeon_e5-4627_v3_firmwarexeon_e5-2430_v2core_m3-7y30_firmwarexeon_e5504_firmwarexeon_e7-8870_v2_firmwarecore_i7-9750h_firmwarecore_i3-6167u_firmwarecore_i3-6100uxeon_w3670_firmwarexeon_gold_5217xeon_e5-2687w_v4_firmwarepentium_gold_4415uxeon_e7330_firmwarexeon_w5580_firmwarexeon_e-2234_firmwarexeon_w5590_firmwarexeon_e3120_firmwarexeon_x5365_firmwarexeon_gold_5222_firmwarexeon_w-3245xeon_e7-4820_v4_firmwareceleron_g1850_firmwarecore_i3-10110y_firmwarecore_i5-1035g4_firmwarecore_i5-8500bxeon_x5650_firmwarexeon_d-1523ncore_i5-8269uxeon_x3440xeon_e5-4660_v3_firmwarecore_i5-6300hq_firmwarexeon_e-2288gxeon_d-1653ncore_m-5y10_firmwarecore_i7-8709g_firmwarexeon_e5-4650_v2xeon_e5-4669_v4xeon_e7220_firmwarexeon_d-1543n_firmwareceleron_g3900txeon_w-2195_firmwarexeon_w3570enterprise_managerxeon_5040xeon_l7545xeon_x5472xeon_gold_6252n_firmwarexeon_5140core_i5-10210y_firmwarexeon_e5-1650_v3xeon_e5-2630_v2core_m-5y51_firmwarecore_i3-7350kxeon_w-2265_firmwarexeon_e3-1276_v3_firmwarexeon_e7-8891_v3core_i5-8250uxeon_e5440xeon_d-1571_firmwarecore_i7-9700txeon_gold_6252nxeon_7110m_firmwarexeon_l5506xeon_gold_6244xeon_e5-2695_v3xeon_x5690core_i7-8650u_firmwarexeon_w-3245_firmwarexeon_l5318xeon_gold_6226_firmwarecore_i3-5157uxeon_5130_firmwarecore_i5-6200ucore_i7-7700k_firmwarecore_i7-6700hq_firmwarexeon_x5460_firmwarexeon_3050_firmwarexeon_w-2135_firmwarecore_i9-9940x_x-seriescore_m-5y10c_firmwareceleron_g3902e_firmwarexeon_e5-2603_v2_firmwarexeon_e5-1660_v3xeon_d-1520core_i7-6970hq_firmwarexeon_platinum_8256xeon_gold_6238l_firmwarexeon_e5-2623_v3xeon_e7-4830_v4_firmwarexeon_e5-2680_v2_firmwarexeon_e7-2890_v2xeon_x5647_firmwarexeon_d-1520_firmwarexeon_w-2125_firmwarexeon_e3-1268l_v5_firmwarexeon_w-2175_firmwarexeon_e5507xeon_e3-1241_v3_firmwarexeon_7110n_firmwarexeon_e3-1275_v6xeon_d-1531xeon_x5550core_i3-9300txeon_gold_6262v_firmwarexeon_e-2278gxeon_5120_firmwarexeon_platinum_8260yxeon_platinum_8260m_firmwarexeon_e7-8867_v3xeon_x3350_firmwarexeon_e7-8880_v2_firmwarexeon_e5-2450l_v2core_i9-9980xexeon_d-2142itcore_i5-8265u_firmwarexeon_e3-1281_v3_firmwarexeon_e3-1505m_v6_firmwarexeon_gold_5215m_firmwareceleron_g3930te_firmwarexeon_e3-1545m_v5_firmwarexeon_platinum_8276xeon_x3450_firmwarexeon_e3-1235l_v5core_i7\+8700core_i7-5700hqxeon_e5-1660_v4_firmwarexeon_e5-4628l_v4xeon_e5-4610a_v4xeon_e5-2630l_v2_firmwarecore_m3-7y30core_i3-9350kxeon_e5-2650l_v2xeon_e5-2680_v3_firmwarexeon_7120mxeon_platinum_8276m_firmwarexeon_x5672_firmwareceleron_g4950xeon_e3-1240l_v3_firmwarexeon_e7-4850_v2_firmwarecore_i7-7700t_firmwarexeon_w-3275_firmwarexeon_e7220xeon_e7-8890_v3xeon_x5660_firmwarexeon_e5-2623_v4_firmwarecore_i5-8200ycore_i9-10900x_x-seriesceleron_g3900t_firmwarexeon_e3-1285_v4_firmwarexeon_w-2275xeon_e5-2697_v2_firmwarexeon_d-1543nxeon_d-1528_firmwarexeon_l5320_firmwareceleron_g4900_firmwarecore_i5-7440hqceleron_g1620txeon_e-2144gxeon_e3-1245_v6_firmwarexeon_d-1521xeon_d-2191_firmwarexeon_e5-2637_v3_firmwareceleron_g3900eceleron_g1820tecore_i7-7700_firmwareceleron_g3950_firmwarexeon_e5-4650_v4_firmwarexeon_e5630xeon_3060_firmwarebig-ip_analyticsxeon_7020core_i5-9600tcore_m-5y31xeon_w3540_firmwarecore_i3-9320core_i7-1065g7xeon_w3550core_i3-8130uxeon_x5450xeon_platinum_8276l_firmwarexeon_e5-2650l_v3xeon_lc5518xeon_5030xeon_e5-2687w_v2_firmwarexeon_e3-1230_v5enterprise_linux_server_eusxeon_e5-1630_v3_firmwareenterprise_linux_server_auscore_i3-9100_firmwarexeon_w-3245mxeon_lv_5113_firmwareceleron_g1620_firmwarexeon_e3-1226_v3_firmwarexeon_e5430xeon_e5205_firmwarexeon_e7-8880l_v2xeon_w3530_firmwarexeon_l5408xeon_e5-1680_v3xeon_e5-2670_v2pentium_gold_g5420xeon_e5606xeon_e-2124g_firmwarepentium_gold_g5420t_firmwarecore_i5-8305g_firmwarecore_i5-7500_firmwarecore_m-5y71_firmwarexeon_e5-2690_v2xeon_e5-4610_v3xeon_e7-8870_v3xeon_x7542pentium_gold_g5420_firmwarecore_i5-7y54xeon_e5-4650_v4xeon_e5-1660_v4xeon_e7-8891_v4xeon_d-1521_firmwarexeon_l5638_firmwarexeon_e5240xeon_e5-1620_v2xeon_e-2226gxeon_e3-1226_v3xeon_d-1557_firmwarexeon_x5687_firmwarecore_i7-5500u_firmwarecore_i3-8145uxeon_e7-4820_v2_firmwarexeon_e5-1620_v3_firmwarexeon_e7-4830_v2core_i5-9600_firmwarexeon_platinum_8268_firmwarexeon_gold_6262vcore_i3-8109uxeon_e5-2609_v4_firmwarexeon_e5-2640_v3xeon_e7-8880l_v3xeon_e5-1620_v4xeon_e6540_firmwarexeon_gold_6238m_firmwarecore_i3-7300xeon_d-1567_firmwarebig-ip_application_security_managerxeon_e5-2630l_v3xeon_e5-4640_v4xeon_e5-4655_v4_firmwarexeon_e-2134_firmwarexeon_silver_4210_firmwarexeon_d-2191xeon_x7460_firmwarecore_i5-8400bcore_i3-9300t_firmwarexeon_e5405_firmwarexeon_lv_5113core_i5-9500_firmwarecore_m-5y10cxeon_e5-4627_v4_firmwarepentium_gold_g5620xeon_platinum_8276_firmwarexeon_e7440_firmwarexeon_e7-8870_v4core_i5-8700b_firmwarexeon_7030xeon_e7540xeon_5060xeon_e3-1265l_v4xeon_ec5509_firmwarexeon_x5482celeron_g3930texeon_e-2136pentium_gold_6405u_firmwarecore_i7-10510ucore_i7-9700kxeon_d-1533n_firmwarecore_i3-8100xeon_w-2265xeon_gold_5215_firmwarexeon_e5335xeon_e5-2667_v4xeon_7130n_firmwarexeon_e5503_firmwarexeon_e3-1285l_v4xeon_w-2245_firmwarexeon_x5470_firmwarexeon_e7-8870_v2xeon_l5410_firmwarecore_i3-7300_firmwarexeon_e7330fedoraxeon_l3406_firmwarexeon_x3430xeon_lc3528core_i5-7287u_firmwarecore_i7-7700core_m-5y10xeon_e5-1680_v4core_i7-7820hq_firmwarexeon_5110core_i7-5950hq_firmwarexeon_e3-1575m_v5_firmwarecore_i7-7920hq_firmwarexeon_platinum_8280l_firmwarexeon_d-1577_firmwarexeon_e-2124_firmwarecore_i7-5750hq_firmwarexeon_e3-1240_v6_firmwarexeon_e5506xeon_e5-4660_v4xeon_x3360_firmwarexeon_e7520_firmwareceleron_g3900_firmwarexeon_e3-1505m_v5_firmwarexeon_d-2187ntcore_i5-8500b_firmwarexeon_e5-2643_v3_firmwareceleron_g4930core_i3-6100h_firmwarecore_i5-7600xeon_e5504core_i9-7940xxeon_w-3265_firmwarexeon_e5-2698_v3_firmwarexeon_7120n_firmwarexeon_e5530xeon_platinum_8253xeon_e5-2630l_v4xeon_e5-4667_v4big-ip_fraud_protection_servicexeon_lv_5128core_i3-8300xeon_e-2186gcore_i5-7400tcore_i3-5005uxeon_e5-2690_v4_firmwarexeon_e-2174gxeon_e5-2630_v4xeon_d-1622xeon_e5-4610_v3_firmwareceleron_g4932e_firmwarexeon_x5355_firmwarexeon_lc5528_firmwarecore_i5-7260uxeon_w-2145_firmwarexeon_e5-2643_v3xeon_d-2145ntxeon_e5450_firmwarexeon_e5-1650_v4big-ip_access_policy_managerxeon_gold_6238core_i7-7500u_firmwarexeon_e5-2630_v3xeon_e5-4627_v2_firmwarecore_i7-7800xxeon_e3-1275_v6_firmwarexeon_e7320core_i5-10210yxeon_e3-1225_v6_firmwarecore_i7-7820hk_firmwarexeon_e5-2623_v4xeon_e5-4620_v4_firmwarexeon_w-3275mxeon_e7420xeon_e7-8890_v4_firmwarecore_i5-10210u_firmwarexeon_x5460xeon_l5310xeon_d-1513n_firmwarexeon_e5540_firmwarecore_i3-7300t_firmwarexeon_e3-1265l_v4_firmwarexeon_e5-1620_v4_firmwareceleron_g4930exeon_e5472_firmwarepentium_gold_4410yxeon_x3350core_i5-9600xeon_e5-2637_v4_firmwarexeon_e3-1585l_v5_firmwarexeon_e7-8867_v4big-ip_local_traffic_managerxeon_e5410_firmwarexeon_5150_firmwarexeon_e5640xeon_e3-1281_v3pentium_gold_g5600t_firmwarexeon_lv_5133xeon_e-2224_firmwarexeon_x5272_firmwarexeon_e3-1240l_v3pentium_gold_6405uxeon_5050_firmwarecore_i5-9300h_firmwarexeon_e5345celeron_g1820xeon_e7-8880_v3core_i3-9320_firmwarexeon_l5630_firmwarexeon_gold_5220t_xeon_lv_5148xeon_3060core_i9-10940x_x-seriescore_i5-8400b_firmwarexeon_e3-1280_v6xeon_e7-8891_v3_firmwarecore_i5-5200uxeon_e3-1225_v3xeon_e7-4890_v2_firmwarecore_i3-8100_firmwarexeon_e5-2650l_v3_firmwarexeon_l5318_firmwarexeon_5030_firmwarexeon_e5-2697_v3xeon_w3580_firmwarexeon_e5-4603_v2xeon_e5-4627_v4xeon_e-2124core_i5-7287ucore_i7-10710uxeon_d-1541xeon_d-2141ixeon_e7-4830_v4xeon_e3-1275_v3xeon_e7-4809_v2xeon_e5310xeon_e5440_firmwarexeon_d-1633n_firmwarexeon_e-2276g_firmwarexeon_gold_6230n_firmwarexeon_e5-4620_v3_firmwarexeon_gold_5222core_i3-5015u_firmwarecore_i5-7300hq_firmwarexeon_x5260_firmwarexeon_e5-4607_v2core_i7-8706g_firmwarexeon_w-2133_firmwarecore_i3-6100hcore_i5-7400t_firmwarexeon_d-1548xeon_e5-4667_v4_firmwarepentium_gold_4415y_firmwarexeon_e3-1535m_v6xeon_d-1649nxeon_w5580xeon_platinum_9221xeon_l5638xeon_e5-2603_v4_firmwarecore_i7-10510y_firmwarexeon_e3-1220_v5core_i5-5257u_firmwarexeon_7040_firmwarexeon_5050xeon_e-2146g_firmwarexeon_5080xeon_e5-2403_v2xeon_l5335xeon_w3520_firmwarecore_i7-6700hqxeon_e5-2667_v3_firmwarexeon_x5482_firmwarecore_i7-7800x_firmwarexeon_w-2225_firmwarexeon_x7560_firmwarexeon_e5-2640_v2xeon_5120xeon_e5-2407_v2_firmwarexeon_gold_6238t_firmwarecore_i3-7100_firmwarexeon_e5320_firmwarexeon_e7-8891_v4_firmwarexeon_w-2155xeon_e-2278g_firmwarecore_i7-7500ucore_i7-8550uxeon_7110mxeon_l5320xeon_e5-2650l_v4_firmwareceleron_g1840_firmwareubuntu_linuxxeon_e5-2623_v3_firmwarexeon_x3480_firmwarexeon_lc3528_firmwarecore_i3-9100txeon_lv_5138xeon_d-1623nxeon_x7550xeon_3065xeon_w-2145pentium_gold_4425yxeon_e5-4650_v3_firmwarecore_m-5y71xeon_e5507_firmwarexeon_platinum_9222_firmwarexeon_platinum_8253_firmwarexeon_d-1622_firmwarexeon_e3-1585_v5_firmwarecore_i3-7167uxeon_e-2176g_firmwarexeon_e5-2620_v2core_i7-7567uceleron_g3900e_firmwarexeon_w-2295_firmwarecore_i3-8145u_firmwarexeon_silver_4214xeon_l5530xeon_d-2161ixeon_e3-1225_v3_firmwarexeon_d-2141i_firmwarecore_i7-7660u_firmwarexeon_e3-1585l_v5xeon_gold_5218bxeon_e7-2880_v2_firmwarexeon_e5-2670_v3xeon_e5-4640_v4_firmwarebig-iq_centralized_managementcore_i7-8750h_firmwarecore_i3-5010u_firmwarecore_i3-7300txeon_e5-1680_v4_firmwarexeon_silver_4216_firmwarexeon_e3-1271_v3_firmwarecore_m3-6y54_firmwarexeon_x5647core_i5-7y54_firmwarexeon_e-2246g_firmwarexeon_e5607xeon_e5-2648l_v4xeon_e5645_firmwarexeon_e-2174g_firmwarexeon_e5-4620_v4xeon_e7-8855_v4xeon_7040xeon_d-1513nxeon_d-1537xeon_d-2187nt_firmwarexeon_e3-1515m_v5xeon_x5660xeon_e3-1225_v5xeon_e5-2630l_v2xeon_l7555core_i5-7600_firmwarexeon_l3426xeon_w-3275m_firmwarexeon_5150xeon_e5-2667_v2xeon_e7-4890_v2xeon_e3-1515m_v5_firmwarexeon_lc3518xeon_e5-2630_v3_firmwarexeon_e7-4830_v2_firmwarexeon_w-3175xxeon_e3-1230l_v3_firmwarecore_i5-6267u_firmwarexeon_l5609xeon_gold_6222v_firmwarecore_i7-9750hxeon_platinum_8260_firmwarexeon_e7-8893_v2_firmwarexeon_w-2225xeon_e5-4669_v3xeon_ec5539_firmwarexeon_x3360core_i7-7560u_firmwarexeon_w-2133xeon_e5-1660_v2_firmwarexeon_d-1557xeon_e7-2890_v2_firmwarexeon_e7430_firmwarexeon_e7-2870_v2_firmwarepentium_gold_g5500_firmwarexeon_e7-8860_v3_firmwarexeon_e5-2670_v2_firmwarexeon_d-1553n_firmwarexeon_e5-2687w_v3_firmwarexeon_e5-4627_v2xeon_w-2223core_i9-7920x_firmwarexeon_x6550_firmwarexeon_e5-4620_v2xeon_e5-2470_v2_firmwarecore_i3-8300txeon_e3-1565l_v5_firmwarepentium_gold_g5620_firmwarexeon_ec5549_firmwarexeon_x3460_firmwarexeon_e-2236xeon_e-2236_firmwarexeon_e-2126g_firmwarexeon_gold_6238_firmwareceleron_g1820t_firmwarexeon_x5492xeon_e5640_firmwarecore_i9-7960x_firmwarexeon_x5570celeron_g3950xeon_e5-2640_v4_firmwarecore_i5-8400xeon_x5667_firmwarexeon_gold_6246core_i7-8086kxeon_x7460pentium_gold_g5500t_firmwarexeon_e5-2603_v3_firmwarexeon_e5-2603_v2xeon_d-1527_firmwarepentium_gold_5405u_firmwarebig-ip_domain_name_systemxeon_e5-2683_v4_firmwarexeon_w-3245m_firmwarexeon_e5-2628l_v4_firmwarexeon_e5-4628l_v4_firmwarexeon_e5-2603_v3xeon_e7-4850_v4_firmwarexeon_3065_firmwarexeon_gold_6240y_xeon_e7-8870_v3_firmwarexeon_w3540xeon_e5310_firmwarexeon_e-2134xeon_l3360xeon_e5-4655_v3core_i5-5350hxeon_e5-2620_v4_firmwarexeon_d-2163itxeon_e5220_firmwaresolariscore_i5-10310y_firmwarepentium_gold_4417uxeon_e5-4610a_v4_firmwarecore_i7-10510yxeon_gold_5215lxeon_e5-4655_v4xeon_silver_4215_firmwarecore_i5-7360u_firmwarexeon_w-2275_firmwarexeon_l5430xeon_e5-2658_v4xeon_e5-2440_v2xeon_l5335_firmwarexeon_x5272xeon_w3570_firmwarecore_i9-7960xceleron_g3900core_i7-7820xxeon_e7-8893_v3_firmwarecore_i5-9600kxeon_d-1531_firmwarecore_i7-7700hqxeon_e6510_firmwarexeon_e7-4830_v3xeon_e5-2420_v2_firmwarexeon_e5-2698_v3core_i3-9100t_firmwarexeon_e3-1245_v5xeon_l5508xeon_e7-8880_v3_firmwarexeon_7140m_firmwarexeon_e7-8857_v2_firmwarebig-ip_link_controllerxeon_d-1571xeon_gold_6240lxeon_e5-1620_v3xeon_5080_firmwarecore_i5-8350uxeon_w-3223_firmwarecore_m3-6y30_firmwarexeon_e7-8850_v2_firmwareceleron_g1830_firmwarexeon_d-2173itceleron_g3930xeon_d-2123itxeon_e-2246gceleron_g3930t_firmwarexeon_l5240_firmwarexeon_l5420xeon_gold_5218n_firmwarexeon_e5-2670_v3_firmwarexeon_e5-2637_v4xeon_w-2255_firmwarexeon_e3-1241_v3xeon_ec3539_firmwarexeon_e5-2695_v4_firmwarexeon_e5-2687w_v3xeon_x5677_firmwarecore_i5-5200u_firmwarexeon_e5-2680_v4xeon_e5-2697a_v4xeon_e7-4809_v3_firmwarexeon_gold_6242_firmwarexeon_d-1649n_firmwarexeon_e-2104g_firmwarexeon_e5-2609_v4core_i7-7920hqxeon_e3-1220_v3_firmwarexeon_e5503xeon_e5-2660_v2xeon_e5-1650_v2_firmwarexeon_w-2123_firmwarecore_m3-6y54core_i3-6100_firmwarecore_m-5y51xeon_e3-1270_v5xeon_d-1537_firmwarecore_i3-7350k_firmwarexeon_x5560_firmwarexeon_e7320_firmwarexeon_d-2166nt_firmwareceleron_g1840t_firmwarexeon_e3-1246_v3xeon_e5-2643_v4xeon_e5-2699a_v4xeon_7120nxeon_l5410celeron_g1840xeon_l3110core_i3-9300xeon_5160_firmwarexeon_e7-2870_v2xeon_e7-8860_v3xeon_e-2244gcore_i5\+8400xeon_e-2176gxeon_e5-2698_v4_firmwarexeon_7020_firmwarexeon_e5-2637_v2xeon_7140mceleron_g1630core_i7-8709gxeon_l3014_firmwarexeon_l7545_firmwarecore_i3-5020u_firmwarexeon_e7-4870_v2_firmwarexeon_l5640_firmwarexeon_3050xeon_e5-2650l_v4xeon_7120m_firmwarexeon_l5518_firmwarexeon_d-1529_firmwarepentium_gold_4417u_firmwarexeon_d-1637_firmwarecore_m3-8100y_firmwarexeon_e-2104gcore_i7-5950hqxeon_7030_firmwarexeon_e7-8850_v2xeon_e5-2695_v2core_i5-6260uxeon_5130xeon_e5-4640_v2_firmwarexeon_e5606_firmwarexeon_e5345_firmwarexeon_silver_4214_firmwareceleron_g4930_firmwarecore_i5-9500tceleron_g1610xeon_d-2143it_firmwarexeon_platinum_9242core_i5-7400xeon_platinum_8280lxeon_e7-4850_v3xeon_d-1523n_firmwarexeon_platinum_8280_firmwarexeon_e5-2697_v2xeon_x7350core_i3-7320xeon_e5205xeon_e7-8880l_v2_firmwarexeon_e5-4669_v3_firmwarecore_i9-9960x_x-seriesxeon_e3-1230_v6xeon_e7-8867_v3_firmwarexeon_e5-2430l_v2core_i5-1035g1xeon_w3580xeon_gold_6230ncore_i5-5250u_firmwarexeon_w-3265core_i7-8565u_firmwarexeon_gold_6246_firmwarexeon_e7-2850_v2pentium_gold_4425y_firmwarexeon_gold_5218nxeon_e5-2620_v4xeon_platinum_9221_firmwarexeon_e-2186g_firmwarexeon_ec5549xeon_e3-1276_v3xeon_w3530core_i5-7600t_firmwarexeon_e-2124gxeon_e3-1231_v3core_i9-7980xe_firmwarexeon_e6540core_i5-7440hq_firmwarexeon_e7-8880_v2xeon_e7-8891_v2_firmwarexeon_x3380xeon_e5462_firmwarexeon_gold_5220xeon_e-2234xeon_e7-8860_v4_firmwarexeon_d-1637xeon_d-1577celeron_g3930e_firmwarexeon_gold_6254xeon_silver_4209t_firmwarecore_i7-9850hcore_i7-9700t_firmwarexeon_x3210xeon_gold_5215l_firmwarecore_i7-7820x_firmwarexeon_e3110_firmwarexeon_e5-2640_v4xeon_e7-8893_v4core_i3-8130u_firmwarexeon_ec3539celeron_g3920core_i3-7100uceleron_g1850core_i5-5287uxeon_d-1653n_firmwarexeon_w-3275core_i5-7600kxeon_platinum_8270_firmwarexeon_e5-2640_v3_firmwarexeon_d-1553nxeon_e-2126gxeon_silver_4209txeon_e5-4620_v3xeon_gold_6234_firmwarexeon_d-1633ncore_i3-7100t_firmwareceleron_g1840tcore_i5-7360uxeon_e7-4820_v4xeon_e5-2650_v2_firmwarexeon_gold_5218t_firmwarexeon_gold_6248xeon_platinum_8260l_firmwarexeon_d-1518_firmwarexeon_e3-1220_v6xeon_e5649xeon_platinum_8280core_m3-8100ycore_m-5y70_firmwarecore_i5-8250u_firmwarexeon_e3-1246_v3_firmwarecore_i7-7567u_firmwarecore_i3-7320_firmwarecore_i5-8400_firmwarexeon_e5520_firmwarexeon_e5-4657l_v2_firmwarexeon_e3-1285_v4xeon_e5320xeon_x7550_firmwarecore_i7-7700hq_firmwarexeon_e3-1265l_v3_firmwarecore_i7-6820hkxeon_d-2146nt_firmwarexeon_e3-1230_v5_firmwarexeon_x5687xeon_e3-1275_v3_firmwarecore_i5-10310ycore_i9-10920x_x-series_firmwarexeon_gold_5218b_firmwarecore_i5-8400t_firmwarexeon_e7-8857_v2xeon_lv_5138_firmwarexeon_e-2286gxeon_gold_6222vcore_i9-9940x_x-series_firmwarexeon_5160xeon_x6550xeon_x5550_firmwarexeon_gold_6242xeon_x7542_firmwarexeon_e5-4610_v2xeon_e7-4820_v2xeon_e-2244g_firmwarexeon_e3-1575m_v5xeon_e7-8895_v2xeon_e7-8855_v4_firmwarexeon_platinum_8270xeon_e5-2650_v4xeon_x3450xeon_e5-2660_v4_firmwarexeon_d-1533nxeon_x3330_firmwarexeon_e3-1245_v6xeon_silver_4215xeon_w-3175x_firmwarexeon_l7445xeon_w-2235xeon_e5-2695_v4xeon_7140ncore_i7-6560u_firmwarecore_i3-8300_firmwareceleron_g4930tcore_i7-1065g7_firmwarecore_i5\+8500_firmwarexeon_gold_6238txeon_silver_4214yxeon_e5-2603_v4xeon_e5506_firmwarecore_i9-10980xexeon_e5-2643_v2xeon_e5-2695_v3_firmwarexeon_e7-8860_v4xeon_w3690_firmwarexeon_e5-2430l_v2_firmwarexeon_x3220_firmwarecore_i7-8809g_firmwarexeon_e7520xeon_e7-4880_v2xeon_e7-8867_v4_firmwareceleron_g4900core_i5-9400h_firmwarecore_i3-5010upentium_gold_g5400core_i3-6100xeon_ec5509xeon_l5520xeon_x5667core_i3-10110u_firmwarexeon_x3440_firmwarexeon_gold_6226core_i5-9500t_firmwarexeon_gold_6252xeon_e5410core_i7-6770hq_firmwarexeon_e5-4640_v3core_i7-5750hqcore_i5-6267upentium_gold_5405uceleron_g3900tecore_i3-1005g1core_i9-9920x_x-series_firmwarexeon_l3406xeon_gold_6252_firmwarexeon_e7210_firmwarecore_i5-8305gxeon_e5603_firmwarecore_i5-9400t_firmwarexeon_platinum_8260lcore_i7-8559uxeon_d-1602_firmwarexeon_e5540core_i7-9700_firmwarexeon_e-2146gxeon_d-2177ntxeon_w-2175xeon_e7-2880_v22019.2 IPU – Intel(R) Processor Machine Check Error
CWE ID-CWE-20
Improper Input Validation
CVE-2017-2618
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.46% / 36.33%
||
7 Day CHG~0.00%
Published-27 Jul, 2018 | 19:00
Updated-05 Aug, 2024 | 14:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory.

Action-Not Available
Vendor-Debian GNU/LinuxLinux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linux_serverdebian_linuxlinux_kernelenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linux_workstationenterprise_linuxenterprise_linux_desktopkernel
CWE ID-CWE-193
Off-by-one Error
CWE ID-CWE-682
Incorrect Calculation
CVE-2022-0669
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.28% / 19.88%
||
7 Day CHG~0.00%
Published-29 Aug, 2022 | 14:03
Updated-02 Aug, 2024 | 23:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOST_USER_GET_INFLIGHT_FD / VHOST_USER_SET_INFLIGHT_FD messages that are not closed by the vhost-user slave. By sending such messages continuously, the vhost-user master exhausts available fd in the vhost-user slave process, leading to a denial of service.

Action-Not Available
Vendor-dpdkopenvswitchn/aRed Hat, Inc.
Product-openvswitchopenshift_container_platformdata_plane_development_kitDPDK
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-4147
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.23% / 13.90%
||
7 Day CHG~0.00%
Published-25 Mar, 2022 | 00:00
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition.

Action-Not Available
Vendor-n/aRed Hat, Inc.NetApp, Inc.Fedora Project
Product-ontap_select_deploy_administration_utilitylibvirtfedoralibvirt
CWE ID-CWE-667
Improper Locking
CVE-2017-15127
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.39% / 30.34%
||
7 Day CHG~0.00%
Published-14 Jan, 2018 | 06:00
Updated-05 Aug, 2024 | 19:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13. A superfluous implicit page unlock for VM_SHARED hugetlbfs mapping could trigger a local denial of service (BUG).

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncRed Hat, Inc.
Product-linux_kernelenterprise_linuxenterprise_mrgLinux kernel before 4.13
CWE ID-CWE-460
Improper Cleanup on Thrown Exception
CVE-2021-3941
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.29% / 20.58%
||
7 Day CHG~0.00%
Published-25 Mar, 2022 | 00:00
Updated-03 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as `float Z = (1 - chroma.white.x - chroma.white.y) * Y / chroma.white.y;` and `chroma.green.y * (X + Z))) / d;` but the divisor is not checked for a 0 value. A specially crafted file could trigger a divide-by-zero condition which could affect the availability of programs linked with OpenEXR.

Action-Not Available
Vendor-openexrn/aDebian GNU/LinuxRed Hat, Inc.Fedora Project
Product-openexrdebian_linuxfedoraenterprise_linuxopenexr
CWE ID-CWE-369
Divide By Zero
CVE-2017-15116
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.38% / 29.39%
||
7 Day CHG~0.00%
Published-30 Nov, 2017 | 18:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The rngapi_reset function in crypto/rng.c in the Linux kernel before 4.2 allows attackers to cause a denial of service (NULL pointer dereference).

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncRed Hat, Inc.
Product-linux_kernelenterprise_linuxLinux kernel
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-15128
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.42% / 33.44%
||
7 Day CHG~0.00%
Published-14 Jan, 2018 | 06:00
Updated-05 Aug, 2024 | 19:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG).

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncRed Hat, Inc.
Product-linux_kernelenterprise_linuxenterprise_mrgLinux kernel before 4.13.12
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-15129
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.36% / 27.48%
||
7 Day CHG-0.00%
Published-09 Jan, 2018 | 19:00
Updated-05 Aug, 2024 | 19:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely.

Action-Not Available
Vendor-n/aFedora ProjectLinux Kernel Organization, IncCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxenterprise_linux_server_update_services_for_sap_solutionsenterprise_linux_server_ausenterprise_linuxenterprise_linux_for_real_time_for_nfventerprise_linux_desktopenterprise_linux_compute_node_eusenterprise_linux_for_scientific_computinglinux_kernelenterprise_linux_workstationfedoraenterprise_linux_for_ibm_z_systemsenterprise_linux_eusenterprise_linux_for_power_little_endian_eusenterprise_linux_for_power_big_endian_eusenterprise_linux_server_tusenterprise_linux_for_ibm_z_systems_eusenterprise_linux_for_real_timeenterprise_linux_for_power_big_endianLinux kernel v4.0-rc1 through v4.15-rc5
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2021-3930
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.34% / 25.52%
||
7 Day CHG+0.01%
Published-18 Feb, 2022 | 17:50
Updated-03 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition.

Action-Not Available
Vendor-n/aQEMUDebian GNU/LinuxRed Hat, Inc.
Product-enterprise_linux_advanced_virtualization_euscodeready_linux_builder_for_ibm_z_systemscodeready_linux_builder_for_power_little_endiandebian_linuxopenstackqemuenterprise_linuxenterprise_linux_for_ibm_z_systemsenterprise_linux_for_power_little_endiancodeready_linux_builderQEMU
CWE ID-CWE-193
Off-by-one Error
CVE-2021-20257
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.36% / 27.52%
||
7 Day CHG~0.00%
Published-16 Mar, 2022 | 14:12
Updated-03 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits (tx) descriptors in process_tx_desc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

Action-Not Available
Vendor-n/aQEMUDebian GNU/LinuxFedora ProjectRed Hat, Inc.
Product-debian_linuxqemufedoraenterprise_linuxenterprise_linux_for_ibm_z_systemsenterprise_linux_for_power_little_endianopenstack_platformcodeready_linux_builderQEMU
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2021-3611
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.48% / 37.88%
||
7 Day CHG~0.00%
Published-11 May, 2022 | 15:23
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. This flaw affects QEMU versions prior to 7.0.0.

Action-Not Available
Vendor-n/aQEMURed Hat, Inc.
Product-qemuenterprise_linuxQEMU
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-3635
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.24% / 15.10%
||
7 Day CHG~0.00%
Published-13 Aug, 2021 | 13:22
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands.

Action-Not Available
Vendor-n/aFedora ProjectLinux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linuxlinux_kernelfedorakernel
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-25641
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.38% / 29.74%
||
7 Day CHG~0.00%
Published-06 Oct, 2020 | 13:33
Updated-04 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue requests to a block device, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

Action-Not Available
Vendor-n/aCanonical Ltd.Red Hat, Inc.Linux Kernel Organization, IncopenSUSEDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxlinux_kernelenterprise_linuxleapkernel
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2020-1690
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.22% / 12.40%
||
7 Day CHG~0.00%
Published-07 Jun, 2021 | 19:41
Updated-04 Aug, 2024 | 06:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper authorization flaw was discovered in openstack-selinux's applied policy where it does not prevent a non-root user in a container from privilege escalation. A non-root attacker in one or more Red Hat OpenStack (RHOSP) containers could send messages to the dbus. With access to the dbus, the attacker could start or stop services, possibly causing a denial of service. Versions before openstack-selinux 0.8.24 are affected.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-openstack-selinuxopenstack_platformopenstack-selinux
CWE ID-CWE-285
Improper Authorization
CVE-2020-14317
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.19% / 8.98%
||
7 Day CHG~0.00%
Published-02 Jun, 2021 | 11:27
Updated-04 Aug, 2024 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

It was found that the issue for security flaw CVE-2019-3805 appeared again in a further version of JBoss Enterprise Application Platform - Continuous Delivery (EAP-CD) introducing regression. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-jboss_enterprise_application_platformwildflyWildfly
CWE ID-CWE-364
Signal Handler Race Condition
CVE-2019-9213
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-5.67% / 91.97%
||
7 Day CHG~0.00%
Published-05 Mar, 2019 | 22:00
Updated-04 Aug, 2024 | 21:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.

Action-Not Available
Vendor-n/aCanonical Ltd.Red Hat, Inc.Linux Kernel Organization, IncopenSUSEDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxlinux_kernelenterprise_linuxleapn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-6454
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-2.04% / 78.58%
||
7 Day CHG~0.00%
Published-17 Mar, 2019 | 16:38
Updated-04 Aug, 2024 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1, causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic).

Action-Not Available
Vendor-systemd_projectn/aDebian GNU/LinuxMcAfee, LLCNetApp, Inc.Red Hat, Inc.Fedora ProjectopenSUSECanonical Ltd.
Product-enterprise_linux_serverubuntu_linuxenterprise_linux_server_eusenterprise_linux_server_update_services_for_sap_solutionsenterprise_linux_server_ausenterprise_linuxsystemdenterprise_linux_desktopactive_iq_performance_analytics_servicesenterprise_linux_compute_node_eusdebian_linuxenterprise_linux_workstationfedoraenterprise_linux_eusenterprise_linux_for_power_little_endian_eusenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsenterprise_linux_for_power_big_endian_eusenterprise_linux_server_tusenterprise_linux_for_power_little_endianenterprise_linux_for_ibm_z_systems_eusweb_gatewayleapn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-3837
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.1||MEDIUM
EPSS-0.24% / 14.46%
||
7 Day CHG~0.00%
Published-11 Apr, 2019 | 14:37
Updated-04 Aug, 2024 | 19:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg() for the same network socket in parallel executed on ioatdma-enabled hardware with net_dma enabled can leak the memory, crash the host leading to a denial-of-service or cause a random memory corruption.

Action-Not Available
Vendor-Linux Kernel Organization, IncRed Hat, Inc.The Linux Foundation
Product-enterprise_linuxlinux_kernelkernel
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2019-19068
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.45% / 35.82%
||
7 Day CHG~0.00%
Published-18 Nov, 2019 | 05:24
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6.

Action-Not Available
Vendor-n/aFedora ProjectCanonical Ltd.Red Hat, Inc.Linux Kernel Organization, IncopenSUSEDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxlinux_kernelfedoraenterprise_linuxleapn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2019-19072
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.40% / 32.20%
||
7 Day CHG~0.00%
Published-18 Nov, 2019 | 05:24
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96c5c6e6a5b6.

Action-Not Available
Vendor-n/aFedora ProjectLinux Kernel Organization, IncCanonical Ltd.Red Hat, Inc.
Product-ubuntu_linuxfedoralinux_kernelenterprise_linuxn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2019-18811
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.39% / 30.99%
||
7 Day CHG~0.00%
Published-07 Nov, 2019 | 15:29
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory leak in the sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering sof_get_ctrl_copy_params() failures, aka CID-45c1380358b1.

Action-Not Available
Vendor-n/aFedora ProjectLinux Kernel Organization, IncRed Hat, Inc.
Product-fedoralinux_kernelenterprise_linuxn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2019-12067
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.31% / 22.20%
||
7 Day CHG~0.00%
Published-02 Jun, 2021 | 14:18
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ahci_commit_buf function in ide/ahci.c in QEMU allows attackers to cause a denial of service (NULL dereference) when the command header 'ad->cur_cmd' is null.

Action-Not Available
Vendor-n/aQEMUDebian GNU/LinuxFedora ProjectRed Hat, Inc.
Product-debian_linuxqemufedoraenterprise_linuxopenstack_platformn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-25639
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.37% / 28.29%
||
7 Day CHG~0.00%
Published-04 Mar, 2021 | 21:56
Updated-04 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system.

Action-Not Available
Vendor-n/aFedora ProjectLinux Kernel Organization, IncRed Hat, Inc.
Product-linux_kernelopenshift_container_platformfedoraenterprise_linuxmessaging_realtime_gridkernel
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-10140
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.32% / 23.59%
||
7 Day CHG~0.00%
Published-15 Aug, 2019 | 16:50
Updated-04 Aug, 2024 | 22:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was found in Linux kernel's, versions up to 3.10, implementation of overlayfs. An attacker with local access can create a denial of service situation via NULL pointer dereference in ovl_posix_acl_create function in fs/overlayfs/dir.c. This can allow attackers with ability to create directories on overlayfs to crash the kernel creating a denial of service (DOS).

Action-Not Available
Vendor-OpenSourceLinux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linuxlinux_kernelkernel:
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-9921
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.39% / 31.11%
||
7 Day CHG~0.00%
Published-23 Dec, 2016 | 22:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process instance on the host, resulting in DoS.

Action-Not Available
Vendor-n/aRed Hat, Inc.Debian GNU/LinuxQEMU
Product-debian_linuxqemuopenstackvirtualizationenterprise_linuxn/a
CWE ID-CWE-369
Divide By Zero
CVE-2016-9911
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.37% / 28.41%
||
7 Day CHG~0.00%
Published-23 Dec, 2016 | 22:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehci_init_transfer'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host.

Action-Not Available
Vendor-n/aRed Hat, Inc.Debian GNU/LinuxQEMU
Product-debian_linuxqemuopenstackvirtualizationenterprise_linuxn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2016-7796
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.85% / 53.58%
||
7 Day CHG~0.00%
Published-13 Oct, 2016 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled.

Action-Not Available
Vendor-systemd_projectn/aRed Hat, Inc.Novell
Product-suse_linux_enterprise_software_development_kitenterprise_linux_serverenterprise_linux_workstationsuse_linux_enterprise_serverenterprise_linux_desktopsystemdsuse_linux_enterprise_server_for_sapenterprise_linux_hpc_nodesuse_linux_enterprise_desktopn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2019-14865
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.33% / 24.27%
||
7 Day CHG~0.00%
Published-29 Nov, 2019 | 09:50
Updated-29 Apr, 2025 | 20:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots.

Action-Not Available
Vendor-[UNKNOWN]GNURed Hat, Inc.
Product-grub2enterprise_linuxenterprise_linux_eusenterprise_linux_server_ausenterprise_linux_server_tusgrub2
CWE ID-CWE-267
Privilege Defined With Unsafe Actions
CVE-2016-5403
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.52% / 40.26%
||
7 Day CHG~0.00%
Published-02 Aug, 2016 | 16:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion.

Action-Not Available
Vendor-n/aCanonical Ltd.QEMUOracle CorporationRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxvm_serverubuntu_linuxenterprise_linux_serverqemuenterprise_linux_workstationenterprise_linux_server_tusenterprise_linux_desktopenterprise_linux_server_euslinuxenterprise_linux_server_ausopenstackvirtualizationn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2016-5011
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.46% / 36.64%
||
7 Day CHG~0.00%
Published-11 Apr, 2017 | 15:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.

Action-Not Available
Vendor-n/aRed Hat, Inc.IBM CorporationLinux Kernel Organization, Inc
Product-enterprise_linux_serverenterprise_linux_workstationenterprise_linux_server_tusenterprise_linux_desktoppower_hardware_management_consolepowerkvmenterprise_linux_server_ausenterprise_linux_eusutil-linuxn/a
CVE-2016-4470
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.59% / 43.45%
||
7 Day CHG~0.00%
Published-27 Jun, 2016 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.

Action-Not Available
Vendor-n/aOracle CorporationLinux Kernel Organization, IncNovellRed Hat, Inc.
Product-vm_serverenterprise_linux_serversuse_linux_enterprise_real_time_extensionenterprise_linux_workstationenterprise_linux_desktopenterprise_linux_for_real_timeenterprise_mrgenterprise_linux_hpc_node_eusenterprise_linux_server_euslinuxenterprise_linux_hpc_nodeenterprise_linux_server_auslinux_kernelenterprise_linuxn/a
CVE-2018-7740
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.62% / 44.85%
||
7 Day CHG~0.00%
Published-07 Mar, 2018 | 08:00
Updated-05 Aug, 2024 | 06:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxlinux_kernelenterprise_linux_workstationvirtualization_hostenterprise_linux_desktopn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found