Vulnerabilities > Redhat > Enterprise Linux > 9.0

DATE CVE VULNERABILITY TITLE RISK
2023-03-06 CVE-2022-3424 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function.
local
low complexity
linux redhat CWE-416
7.8
7.8
2023-03-06 CVE-2022-3707 Double Free vulnerability in multiple products
A double-free memory flaw was found in the Linux kernel.
local
low complexity
linux redhat CWE-415
5.5
5.5
2023-03-06 CVE-2022-4904 Improper Validation of Specified Quantity in Input vulnerability in multiple products
A flaw was found in the c-ares package.
network
low complexity
c-ares-project redhat fedoraproject CWE-1284
8.6
8.6
2023-03-03 CVE-2023-27561 Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products
runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go.
local
high complexity
linuxfoundation redhat debian CWE-706
7.0
7.0
2023-02-28 CVE-2023-1095 NULL Pointer Dereference vulnerability in multiple products
In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object.
local
low complexity
linux redhat CWE-476
5.5
5.5
2023-02-15 CVE-2023-0361 Information Exposure Through Discrepancy vulnerability in multiple products
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS.
network
high complexity
gnu redhat debian fedoraproject netapp CWE-203
7.4
7.4
2023-02-02 CVE-2022-3560 Path Traversal vulnerability in multiple products
A flaw was found in pesign.
local
low complexity
pesign-project fedoraproject redhat CWE-22
5.5
5.5
2023-01-27 CVE-2022-4285 NULL Pointer Dereference vulnerability in multiple products
An illegal memory access flaw was found in the binutils package.
local
low complexity
gnu fedoraproject redhat CWE-476
5.5
5.5
2023-01-12 CVE-2022-4743 Memory Leak vulnerability in multiple products
A potential memory leak issue was discovered in SDL2 in GLES_CreateTexture() function in SDL_render_gles.c.
network
low complexity
libsdl redhat CWE-401
7.5
7.5
2023-01-05 CVE-2022-3715 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform.
local
low complexity
gnu redhat CWE-787
7.8
7.8