Rhelels 7

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Rhelels 7.

By the Year

In 2025 there have been 5 vulnerabilities in Rhelels 7 with an average score of 7.6 out of ten.

Year	Vulnerabilities	Average Score
2025	5	7.64

It may take a day or so for new 7 vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Rhelels 7 Security Vulnerabilities

Linux-PAM pam_namespace LPE via Symlink Race
CVE-2025-8941 7.8 - High - August 13, 2025

A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.

Directory traversal

libxslt Heap Corruption via atype Flag Manipulation
CVE-2025-7425 7.8 - High - July 10, 2025

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.

Dangling pointer

PAM Namespace Race: Local Priv Escal via Symlinks in linux-pam
CVE-2025-6020 7.8 - High - June 17, 2025

A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

Directory traversal

Stack Overflow in libxml2 xmlBuildQName (CVE-2025-6021)
CVE-2025-6021 7.5 - High - June 12, 2025

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.

Stack Overflow

Integer Overflow in libarchive RAR Reader Causes Double-Free
CVE-2025-5914 7.3 - High - June 09, 2025

A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.

Double-free

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Rhelels 7 or by Rhelels? Click the Watch button to subscribe.

Rhelels
Vendor

Rhelels 7
Product

Rhelels 7

Don't miss out!

By the Year

Recent Rhelels 7 Security Vulnerabilities

Linux-PAM pam_namespace LPE via Symlink Race CVE-2025-8941 7.8 - High - August 13, 2025

libxslt Heap Corruption via atype Flag Manipulation CVE-2025-7425 7.8 - High - July 10, 2025

PAM Namespace Race: Local Priv Escal via Symlinks in linux-pam CVE-2025-6020 7.8 - High - June 17, 2025

Stack Overflow in libxml2 xmlBuildQName (CVE-2025-6021) CVE-2025-6021 7.5 - High - June 12, 2025

Integer Overflow in libarchive RAR Reader Causes Double-Free CVE-2025-5914 7.3 - High - June 09, 2025