Vulnerabilities > Redhat > Enterprise Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-09-30 CVE-2019-16994 Memory Leak vulnerability in multiple products
In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b26e21a.
local
high complexity
linux redhat opensuse CWE-401
4.7
4.7
2019-09-21 CVE-2019-16680 Path Traversal vulnerability in multiple products
An issue was discovered in GNOME file-roller before 3.29.91.
network
low complexity
gnome redhat debian canonical CWE-22
4.3
4.3
2019-09-17 CVE-2019-14826 Insufficient Session Expiration vulnerability in multiple products
A flaw was found in FreeIPA versions 4.5.0 and later.
local
low complexity
freeipa redhat CWE-613
4.4
4.4
2019-09-13 CVE-2019-15031 Improper Synchronization vulnerability in multiple products
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt.
local
low complexity
linux redhat canonical opensuse CWE-662
4.4
4.4
2019-09-13 CVE-2019-15030 Missing Authorization vulnerability in multiple products
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception.
local
low complexity
linux redhat canonical opensuse CWE-862
4.4
4.4
2019-09-11 CVE-2019-16233 NULL Pointer Dereference vulnerability in multiple products
drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
local
high complexity
linux redhat canonical opensuse CWE-476
4.1
4.1
2019-09-11 CVE-2019-16231 NULL Pointer Dereference vulnerability in multiple products
drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
local
high complexity
linux redhat canonical opensuse CWE-476
4.1
4.1
2019-09-11 CVE-2019-16229 NULL Pointer Dereference vulnerability in multiple products
drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
local
high complexity
linux redhat canonical CWE-476
4.1
4.1
2019-09-04 CVE-2019-15718 In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system D-Bus instance), calls sd_bus_set_trusted, which disables access controls for incoming D-Bus messages.
local
low complexity
systemd-project fedoraproject redhat
4.4
4.4
2019-08-29 CVE-2019-15807 Memory Leak vulnerability in multiple products
In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails.
local
high complexity
linux redhat debian CWE-401
4.7
4.7