Vulnerabilities > Redhat > Enterprise Linux FOR IBM Z Systems

DATE CVE VULNERABILITY TITLE RISK
2022-03-18 CVE-2022-1011 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write().
7.8
2022-03-16 CVE-2021-20257 An infinite loop flaw was found in the e1000 NIC emulator of the QEMU.
local
low complexity
qemu fedoraproject redhat debian
6.5
2022-03-10 CVE-2022-0516 A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel.
local
low complexity
linux fedoraproject debian redhat netapp
7.8
2022-03-10 CVE-2022-0847 Improper Initialization vulnerability in multiple products
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values.
7.8
2022-03-10 CVE-2021-3733 Resource Exhaustion vulnerability in multiple products
There's a flaw in urllib's AbstractBasicAuthHandler class.
network
low complexity
python redhat fedoraproject netapp CWE-400
6.5
2022-03-04 CVE-2021-3656 Missing Authorization vulnerability in multiple products
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization.
local
low complexity
linux fedoraproject redhat CWE-862
8.8
2022-03-04 CVE-2021-3737 Infinite Loop vulnerability in multiple products
A flaw was found in python.
7.5
2022-03-04 CVE-2021-23214 When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption.
network
high complexity
postgresql fedoraproject redhat
8.1
2022-03-03 CVE-2021-3602 Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products
An information disclosure flaw was found in Buildah, when building containers using chroot isolation.
local
low complexity
buildah-project redhat CWE-212
5.5
2022-03-03 CVE-2022-0492 Missing Authorization vulnerability in multiple products
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function.
7.8