Linux Red Hat Linux

Do you want an email whenever new security vulnerabilities are reported in Red Hat Linux?

Recent Red Hat Linux Security Advisories

Advisory Title Published
RHSA-2021:4532 (RHSA-2021:4532) Important: OpenJDK 17.0.1 security update for Portable Linux Builds November 11, 2021
RHSA-2021:3967 (RHSA-2021:3967) Important: OpenJDK 11.0.13 security update for Portable Linux Builds October 25, 2021
RHSA-2021:3960 (RHSA-2021:3960) Important: OpenJDK 8u312 security update for Portable Linux Builds October 25, 2021
RHSA-2021:3144 (RHSA-2021:3144) Low: .NET Core 2.1 on Red Hat Enterprise Linux security and bugfix update August 11, 2021
RHSA-2021:2780 (RHSA-2021:2780) Important: OpenJDK 11.0.12 Security Update for Portable Linux Builds July 22, 2021
RHSA-2021:2778 (RHSA-2021:2778) Important: OpenJDK 8u302 Security Update for Portable Linux Builds July 22, 2021
RHSA-2021:2658 (RHSA-2021:2658) Important: linuxptp security update July 6, 2021
RHSA-2021:2660 (RHSA-2021:2660) Important: linuxptp security update July 6, 2021
RHSA-2021:2657 (RHSA-2021:2657) Important: linuxptp security update July 6, 2021
RHSA-2021:2659 (RHSA-2021:2659) Important: linuxptp security update July 6, 2021

By the Year

In 2022 there have been 0 vulnerabilities in Red Hat Linux . Linux did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 2 7.80

It may take a day or so for new Linux vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Red Hat Linux Security Vulnerabilities

SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries

CVE-2018-20346 8.1 - High - December 21, 2018

SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan.

Integer Overflow or Wraparound

Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c

CVE-2018-17962 7.5 - High - October 09, 2018

Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.

Integer Overflow or Wraparound

The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled

CVE-2016-3699 7.4 - High - October 07, 2016

The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd.

Permissions, Privileges, and Access Controls

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake

CVE-2004-0079 - November 23, 2004

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which

CVE-2004-0081 - November 23, 2004

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake

CVE-2004-0112 - November 23, 2004

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Sco Openserver or by Red Hat? Click the Watch button to subscribe.

Red Hat
Vendor

Red Hat Linux
Product

subscribe