Red Hat Codeready Linux Builder Eus
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Red Hat Codeready Linux Builder Eus.
By the Year
In 2025 there have been 0 vulnerabilities in Red Hat Codeready Linux Builder Eus. Last year, in 2024 Codeready Linux Builder Eus had 3 security vulnerabilities published. Right now, Codeready Linux Builder Eus is on track to have less security vulnerabilities in 2025 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 0 | 0.00 |
2024 | 3 | 7.50 |
2023 | 8 | 6.79 |
2022 | 4 | 7.28 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 2 | 7.15 |
2018 | 0 | 0.00 |
It may take a day or so for new Codeready Linux Builder Eus vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Red Hat Codeready Linux Builder Eus Security Vulnerabilities
A flaw was found in the Linux kernel's NVMe driver
CVE-2023-6356
7.5 - High
- February 07, 2024
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service.
NULL Pointer Dereference
A flaw was found in the Linux kernel's NVMe driver
CVE-2023-6535
7.5 - High
- February 07, 2024
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.
NULL Pointer Dereference
A flaw was found in the Linux kernel's NVMe driver
CVE-2023-6536
7.5 - High
- February 07, 2024
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.
NULL Pointer Dereference
A flaw was found in PostgreSQL
CVE-2023-5869
8.8 - High
- December 10, 2023
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.
Integer Overflow or Wraparound
A flaw was found in PostgreSQL involving the pg_cancel_backend role
CVE-2023-5870
4.4 - Medium
- December 10, 2023
A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.
A memory disclosure vulnerability was found in PostgreSQL
CVE-2023-5868
4.3 - Medium
- December 10, 2023
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory.
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface
CVE-2023-5633
7.8 - High
- October 23, 2023
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.
Dangling pointer
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable
CVE-2023-4911
7.8 - High
- October 03, 2023
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
Memory Corruption
A flaw was found in glibc
CVE-2023-4527
6.5 - Medium
- September 18, 2023
A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.
Out-of-bounds Read
A flaw was found in glibc
CVE-2023-4806
5.9 - Medium
- September 18, 2023
A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.
Dangling pointer
A vulnerability was found in WebKit
CVE-2019-8720
8.8 - High
- March 06, 2023
A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues.
Buffer Overflow
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64
CVE-2022-0435
8.8 - High
- March 25, 2022
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network.
Memory Corruption
A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU
CVE-2022-0330
7.8 - High
- March 25, 2022
A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system.
Improper Preservation of Permissions
A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which
CVE-2021-3744
5.5 - Medium
- March 04, 2022
A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.
Memory Leak
.A flaw was found in the
CVE-2021-3609
7 - High
- March 03, 2022
.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.
Race Condition
A vulnerability was found in Linux Kernel
CVE-2019-14815
7.8 - High
- November 25, 2019
A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.
Heap-based Buffer Overflow
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may
CVE-2019-11135
6.5 - Medium
- November 14, 2019
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Oracle Zfs Storage Appliance Kit or by Red Hat? Click the Watch button to subscribe.