Vulnerabilities > Redhat > High

DATE CVE VULNERABILITY TITLE RISK
2024-01-22 CVE-2024-0775 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel.
local
low complexity
linux redhat CWE-416
7.1
2024-01-21 CVE-2023-6531 A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic() on the socket that the SKB is queued on.
local
high complexity
linux redhat
7.0
2024-01-18 CVE-2024-0409 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the X.Org server.
local
low complexity
x-org tigervnc redhat fedoraproject CWE-787
7.8
2024-01-17 CVE-2024-0646 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination.
local
low complexity
linux redhat CWE-787
7.8
2024-01-16 CVE-2024-0553 Information Exposure Through Discrepancy vulnerability in multiple products
A vulnerability was found in GnuTLS.
network
low complexity
gnu fedoraproject redhat CWE-203
7.5
2024-01-15 CVE-2024-0562 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux Kernel.
local
low complexity
linux redhat CWE-416
7.8
2024-01-09 CVE-2023-6476 Allocation of Resources Without Limits or Throttling vulnerability in Redhat Openshift Container Platform 3.11/4.13/4.14
A flaw was found in CRI-O that involves an experimental annotation leading to a container being unconfined.
network
low complexity
redhat CWE-770
7.5
2024-01-08 CVE-2021-3600 Out-of-bounds Write vulnerability in multiple products
It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations.
local
low complexity
linux canonical fedoraproject redhat CWE-787
7.8
2023-12-27 CVE-2023-3171 Allocation of Resources Without Limits or Throttling vulnerability in Redhat Jboss Enterprise Application Platform 7.4
A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed.
network
low complexity
redhat CWE-770
7.5
2023-12-24 CVE-2023-51767 OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit.
local
high complexity
openbsd fedoraproject redhat
7.0