Vulnerabilities > Redhat > Enterprise MRG > High

DATE CVE VULNERABILITY TITLE RISK
2020-12-11 CVE-2020-27786 A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue.
local
low complexity
linux redhat netapp
7.8
2020-09-09 CVE-2020-1749 A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6.
network
low complexity
linux redhat
7.5
2020-06-09 CVE-2020-10757 Type Confusion vulnerability in multiple products
A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages.
7.8
2020-05-08 CVE-2019-14898 The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete.
local
high complexity
linux redhat
7.0
2020-02-19 CVE-2012-6685 XML Entity Expansion vulnerability in multiple products
Nokogiri before 1.5.4 is vulnerable to XXE attacks
network
low complexity
nokogiri redhat CWE-776
7.5
2019-06-19 CVE-2019-11478 Resource Exhaustion vulnerability in multiple products
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences.
network
low complexity
linux f5 canonical redhat pulsesecure ivanti CWE-400
7.5
2019-06-19 CVE-2019-11477 Integer Overflow or Wraparound vulnerability in multiple products
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs).
network
low complexity
linux f5 canonical redhat pulsesecure ivanti CWE-190
7.5
2018-12-18 CVE-2018-16884 A flaw was found in the Linux kernel's NFS41+ subsystem.
low complexity
linux redhat debian canonical
8.0
2018-07-30 CVE-2017-7482 Integer Overflow or Wraparound vulnerability in multiple products
In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field.
local
low complexity
linux debian redhat CWE-190
7.8
2016-10-07 CVE-2016-3699 Permissions, Privileges, and Access Controls vulnerability in multiple products
The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd.
local
high complexity
redhat linux CWE-264
7.4