Vulnerabilities > Redhat > Enterprise Linux FOR Real Time FOR NFV > 8.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-23 | CVE-2023-5633 | Use After Free vulnerability in multiple products The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. | 7.8 |
| 2023-10-03 | CVE-2023-4732 | Race Condition vulnerability in multiple products A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. | 4.7 |
| 2023-08-03 | CVE-2023-4132 | Use After Free vulnerability in multiple products A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. | 5.5 |
| 2023-07-25 | CVE-2023-3772 | NULL Pointer Dereference vulnerability in multiple products A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). | 4.4 |
| 2023-07-24 | CVE-2023-33951 | Improper Locking vulnerability in multiple products A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. | 5.3 |
| 2023-07-24 | CVE-2023-33952 | Double Free vulnerability in multiple products A double-free vulnerability was found in handling vmw_buffer_object objects in the vmwgfx driver in the Linux kernel. | 6.7 |
| 2022-08-22 | CVE-2021-3659 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. | 5.5 |
| 2022-03-03 | CVE-2021-3609 | .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. | 7.0 |
| 2019-07-17 | CVE-2019-13272 | In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). | 7.8 |
| 2019-05-15 | CVE-2019-11833 | Use of Uninitialized Resource vulnerability in multiple products fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem. | 5.5 |