本ページは redhat codeready_linux_builder に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2025-13601 | A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string. | [email protected] | 7.7 | 0.01% | 2025-11-26 | 2026-06-02 |
| CVE-2025-3155 | A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment. | [email protected] | 7.4 | 1.31% | 2025-04-03 | 2025-08-12 |
| CVE-2025-2784 | A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server. | [email protected] | 7.0 | 0.45% | 2025-04-03 | 2025-11-18 |
| CVE-2023-3758 | A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately. | [email protected] | 7.1 | 0.04% | 2024-04-18 | 2025-11-03 |
| CVE-2024-1488 | A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether | [email protected] | 8.0 | 0.07% | 2024-02-15 | 2025-01-30 |
| CVE-2023-5455 | A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certain HTTP end-points FreeIPA does not ensure CSRF protection. Due to implementation details one cannot use this flaw for reflection of a cookie repres | [email protected] | 6.5 | 0.30% | 2024-01-10 | 2026-03-18 |
| CVE-2024-0193 | A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system. | [email protected] | 7.8 | 0.06% | 2024-01-02 | 2026-06-05 |
| CVE-2023-4641 | A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory. | [email protected] | 4.7 | 0.02% | 2023-12-27 | 2025-11-03 |
| CVE-2023-5633 | The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges. | [email protected] | 7.8 | 0.02% | 2023-10-23 | 2026-02-25 |
| CVE-2023-4911 KEV | A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges. | [email protected] | 7.8 | 65.05% | 2023-10-03 | 2026-05-12 |
| CVE-2023-4732 | A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmd_t x. | [email protected] | 4.7 | 0.01% | 2023-10-03 | 2024-11-21 |
| CVE-2023-4042 | A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8. | [email protected] | 5.5 | 0.03% | 2023-08-23 | 2024-11-21 |
| CVE-2023-0179 | A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution. | [email protected] | 7.8 | 0.56% | 2023-03-27 | 2024-11-21 |
| CVE-2019-8720 KEV | A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues. | [email protected] | 8.8 | 4.12% | 2023-03-06 | 2025-11-18 |
| CVE-2021-3669 | A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS. | [email protected] | 5.5 | 0.01% | 2022-08-26 | 2025-11-03 |
| CVE-2021-3975 | A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash. | [email protected] | 6.5 | 0.61% | 2022-08-23 | 2024-11-21 |
| CVE-2021-31566 | An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to gain more privileges in a system. | [email protected] | 7.8 | 0.03% | 2022-08-23 | 2024-11-21 |
| CVE-2021-23177 | An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to change the ACL of a file on the system and gain more privileges. | [email protected] | 7.8 | 0.04% | 2022-08-23 | 2024-11-21 |
| CVE-2021-3659 | A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability. | [email protected] | 5.5 | 0.09% | 2022-08-22 | 2024-11-21 |
| CVE-2021-3697 | A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload. This vulnerability can lead to data corruption and eventual code execution or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12. | [email protected] | 7.0 | 0.07% | 2022-07-06 | 2024-11-21 |