本ページは redhat virtualization に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2023-5366 | A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses. | [email protected] | 7.1 | 0.39% | 2023-10-06 | 2024-11-21 |
| CVE-2023-4911 KEV | A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges. | [email protected] | 7.8 | 78.61% | 2023-10-03 | 2026-05-12 |
| CVE-2023-1668 | A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow. | [email protected] | 8.2 | 1.23% | 2023-04-10 | 2025-04-23 |
| CVE-2022-2805 | A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. This flaw allows an attacker with sufficient privileges to read the log file, leading to confidentiality loss. | [email protected] | 6.5 | 0.40% | 2022-10-19 | 2025-05-09 |
| CVE-2014-0148 | Qemu before 2.0 block driver for Hyper-V VHDX Images is vulnerable to infinite loops and other potential issues when calculating BAT entries, due to missing bounds checks for block_size and logical_sector_size variables. These are used to derive other fields like 'sectors_per_block' etc. A user able to alter the Qemu disk image could ise this flaw to crash the Qemu instance resulting in DoS. | [email protected] | 5.5 | 0.31% | 2022-09-29 | 2024-11-21 |
| CVE-2014-0147 | Qemu before 1.6.2 block diver for the various disk image formats used by Bochs and for the QCOW version 2 format, are vulnerable to a possible crash caused by signed data types or a logic error while creating QCOW2 snapshots, which leads to incorrectly calling update_refcount() routine. | [email protected] | 6.2 | 0.33% | 2022-09-29 | 2024-11-21 |
| CVE-2014-0144 | QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privileges of the QEMU process. | [email protected] | 8.6 | 1.00% | 2022-09-29 | 2024-11-21 |
| CVE-2022-2132 | A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK. | [email protected] | 8.6 | 1.72% | 2022-08-31 | 2024-11-21 |
| CVE-2022-0207 | A race condition was found in vdsm. Functionality to obfuscate sensitive values in log files that may lead to values being stored in clear text. | [email protected] | 4.7 | 0.19% | 2022-08-26 | 2024-11-21 |
| CVE-2022-2078 | A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code. | [email protected] | 5.5 | 0.99% | 2022-06-30 | 2024-11-21 |
| CVE-2022-0435 | A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network. | [email protected] | 8.8 | 67.99% | 2022-03-25 | 2024-11-21 |
| CVE-2022-0330 | A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system. | [email protected] | 7.8 | 0.38% | 2022-03-25 | 2024-11-21 |
| CVE-2022-27666 | A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. | [email protected] | 7.8 | 4.53% | 2022-03-23 | 2024-11-21 |
| CVE-2021-3620 | A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality. | [email protected] | 5.5 | 0.38% | 2022-03-03 | 2024-11-21 |
| CVE-2021-3609 | .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root. | [email protected] | 7.0 | 0.43% | 2022-03-03 | 2024-11-21 |
| CVE-2021-3677 | A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include max_worker_processes=0, the known versions of this attack are infeasible. However, undiscovered variants of the attack may be independent of that setting. | [email protected] | 6.5 | 1.43% | 2022-03-02 | 2024-11-21 |
| CVE-2020-25717 | A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation. | [email protected] | 8.1 | 1.62% | 2022-02-18 | 2024-11-21 |
| CVE-2021-3560 KEV | It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | [email protected] | 7.8 | 22.19% | 2022-02-16 | 2025-11-06 |
| CVE-2021-4154 | A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system. | [email protected] | 8.8 | 1.21% | 2022-02-04 | 2024-11-21 |
| CVE-2021-3621 | A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | [email protected] | 8.8 | 2.52% | 2021-12-23 | 2025-11-03 |