Enterprise Linux Server AUS

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-29	CVE-2014-0147	Integer Overflow or Wraparound vulnerability in multiple products Qemu before 1.6.2 block diver for the various disk image formats used by Bochs and for the QCOW version 2 format, are vulnerable to a possible crash caused by signed data types or a logic error while creating QCOW2 snapshots, which leads to incorrectly calling update_refcount() routine. local low complexity qemu fedoraproject redhat CWE-190	6.2
2022-09-29	CVE-2014-0148	Infinite Loop vulnerability in multiple products Qemu before 2.0 block driver for Hyper-V VHDX Images is vulnerable to infinite loops and other potential issues when calculating BAT entries, due to missing bounds checks for block_size and logical_sector_size variables. local low complexity qemu redhat CWE-835	5.5
2022-08-26	CVE-2021-3669	Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in the Linux kernel. local low complexity linux ibm debian fedoraproject redhat CWE-770	5.5
2022-08-23	CVE-2021-23177	An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. local low complexity libarchive fedoraproject redhat debian	7.8
2022-08-23	CVE-2021-31566	An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. local low complexity libarchive fedoraproject redhat debian splunk	7.8
2022-08-22	CVE-2021-3659	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. local low complexity linux fedoraproject redhat CWE-476	5.5
2022-07-06	CVE-2021-3695	Out-of-bounds Write vulnerability in multiple products A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. local high complexity gnu fedoraproject redhat netapp CWE-787	4.5
2022-07-06	CVE-2021-3696	Out-of-bounds Write vulnerability in multiple products A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. local high complexity gnu redhat netapp CWE-787	4.5
2022-07-06	CVE-2021-3697	Out-of-bounds Write vulnerability in multiple products A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. local high complexity gnu redhat CWE-787	7.0
2022-04-29	CVE-2022-1227	Improper Privilege Management vulnerability in multiple products A privilege escalation flaw was found in Podman. network low complexity podman-project psgo-project redhat fedoraproject CWE-269	8.8