Vulnerabilities > Redhat > Enterprise Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-08-13 CVE-2021-3573 A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info().
local
high complexity
linux redhat fedoraproject
6.4
6.4
2021-08-13 CVE-2021-3635 A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7.
local
low complexity
linux redhat fedoraproject
4.4
4.4
2021-08-05 CVE-2021-3679 Infinite Loop vulnerability in multiple products
A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way.
local
low complexity
linux redhat debian CWE-835
5.5
5.5
2021-07-06 CVE-2021-3598 There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5.
local
low complexity
openexr redhat debian
5.5
5.5
2021-06-09 CVE-2021-0129 Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.
low complexity
bluez redhat debian
5.7
5.7
2021-06-04 CVE-2021-3565 Use of Hard-coded Credentials vulnerability in multiple products
A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. 		5.9
5.9
2021-06-03 CVE-2021-3569 Out-of-bounds Write vulnerability in multiple products
A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypting data using RSA.
local
low complexity
libtpms-project redhat CWE-787
5.5
5.5
2021-06-02 CVE-2019-12067 NULL Pointer Dereference vulnerability in multiple products
The ahci_commit_buf function in ide/ahci.c in QEMU allows attackers to cause a denial of service (NULL dereference) when the command header 'ad->cur_cmd' is null.
local
low complexity
qemu debian fedoraproject redhat CWE-476
6.5
6.5
2021-06-02 CVE-2020-10742 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the Linux kernel.
local
low complexity
linux redhat CWE-787
6.0
6.0
2021-06-01 CVE-2021-3543 Use After Free vulnerability in multiple products
A flaw null pointer dereference in the Nitro Enclaves kernel driver was found in the way that Enclaves VMs forces closures on the enclave file descriptor. 		6.7
6.7