Red Hat Enterprise Linux 7
Monthly
NULL pointer dereference in GnuTLS TLS handshake processing enables unauthenticated remote attackers to crash servers via malformed ClientHello messages containing invalid Pre-Shared Key binder values. Vulnerability affects Red Hat Enterprise Linux 6-10, OpenShift Container Platform 4, and Red Hat Hardened Images. Attack requires network access only with low complexity and no user interaction. CVSS 7.5 (High) reflects severe availability impact. No public exploit identified at time of analysis.
Local privilege escalation in libcap allows unprivileged users to exploit a race condition in cap_set_file() by redirecting capability updates to attacker-controlled files via symlink manipulation in parent directories. An authenticated local attacker with write access to a parent directory and user interaction can inject or strip capabilities from arbitrary executables, achieving privilege escalation. No public exploit code or confirmed active exploitation has been identified at this time.
GIMP's PCX file loader contains a heap buffer over-read vulnerability caused by an off-by-one error (CWE-193) that allows local attackers to trigger out-of-bounds memory disclosure and application crashes by opening specially crafted PCX images. Red Hat Enterprise Linux versions 6 through 9 are affected. The vulnerability requires user interaction to open a malicious file but carries a CVSS score of 6.1 with high availability impact; no public exploit code or active exploitation has been identified at the time of analysis.
HTTP/2 server implementations in libsoup across Debian and Red Hat Enterprise Linux versions contain a use-after-free vulnerability that allows unauthenticated remote attackers to trigger application crashes through specially crafted requests. Exploitation results in denial of service by forcing the application to access freed memory, causing instability. No patch is currently available for this medium-severity flaw.
High severity vulnerability in systemd. A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus (Desktop Bus) method. A local unprivileged user can exploit this by attempting to register a machine with a specific class value, which may leave behind a usable, attacker-controlled machine object. This al...
NULL pointer dereference in GnuTLS TLS handshake processing enables unauthenticated remote attackers to crash servers via malformed ClientHello messages containing invalid Pre-Shared Key binder values. Vulnerability affects Red Hat Enterprise Linux 6-10, OpenShift Container Platform 4, and Red Hat Hardened Images. Attack requires network access only with low complexity and no user interaction. CVSS 7.5 (High) reflects severe availability impact. No public exploit identified at time of analysis.
Local privilege escalation in libcap allows unprivileged users to exploit a race condition in cap_set_file() by redirecting capability updates to attacker-controlled files via symlink manipulation in parent directories. An authenticated local attacker with write access to a parent directory and user interaction can inject or strip capabilities from arbitrary executables, achieving privilege escalation. No public exploit code or confirmed active exploitation has been identified at this time.
GIMP's PCX file loader contains a heap buffer over-read vulnerability caused by an off-by-one error (CWE-193) that allows local attackers to trigger out-of-bounds memory disclosure and application crashes by opening specially crafted PCX images. Red Hat Enterprise Linux versions 6 through 9 are affected. The vulnerability requires user interaction to open a malicious file but carries a CVSS score of 6.1 with high availability impact; no public exploit code or active exploitation has been identified at the time of analysis.
HTTP/2 server implementations in libsoup across Debian and Red Hat Enterprise Linux versions contain a use-after-free vulnerability that allows unauthenticated remote attackers to trigger application crashes through specially crafted requests. Exploitation results in denial of service by forcing the application to access freed memory, causing instability. No patch is currently available for this medium-severity flaw.
High severity vulnerability in systemd. A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus (Desktop Bus) method. A local unprivileged user can exploit this by attempting to register a machine with a specific class value, which may leave behind a usable, attacker-controlled machine object. This al...