|
101
|
6.5
-
|
MEDIUM
Adjacent
|
A flaw was found in the Linux kernel's memory deduplication mechanism. The max page sharing of Kernel Samepage Merging (KSM), added in Linux kernel version 4.4.0-96.119, can create a side channel. Wh…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2024-0564
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-25 18:15
2024-01-31
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
102
|
5.1
-
|
MEDIUM
Local
|
A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase.
|
CWE-125
Out-of-bounds Read
|
CVE-2023-40551
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:19
2024-01-30
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
103
|
5.5
-
|
MEDIUM
Local
|
An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase.
|
CWE-125
Out-of-bounds Read
|
CVE-2023-40550
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:19
2024-01-30
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
104
|
5.5
-
|
MEDIUM
Local
|
An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the i…
|
CWE-125
Out-of-bounds Read
|
CVE-2023-40549
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:19
2024-01-30
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
105
|
5.5
-
|
MEDIUM
Local
|
A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of par…
|
CWE-476
NULL Pointer Dereference
|
CVE-2023-40546
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:19
2024-01-30
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
106
|
7.8
-
|
HIGH
Local
|
A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. This issue may allow a local user to crash the system or po…
|
-
|
CVE-2024-0841
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:47
2024-01-28
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
107
|
7.5
-
|
HIGH
Network
|
A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer ove…
|
CWE-122 CWE-787
Heap-based Buffer Overflow Out-of-bounds Write
|
CVE-2023-52356
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2026-04-10 06:16
2024-01-26
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
108
|
7.5
-
|
HIGH
Network
|
An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of servic…
|
CWE-787
Out-of-bounds Write
|
CVE-2023-52355
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:39
2024-01-26
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
109
|
8.3
-
|
HIGH
Adjacent
|
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malici…
|
-
|
CVE-2023-40547
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 17:19
2024-01-26
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
110
|
7.1
-
|
HIGH
Local
|
A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota fi…
|
CWE-416
Use After Free
|
CVE-2024-0775
|
cpe:2.3:o:redhat:enterprise_linux:9.0:*
|
|
|
|
|
2024-11-21 17:47
2024-01-22
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|