Software Detail

Software Informaton Top

Operating Systems

Software Detail

Red Hat Enterprise Linux

Number Of NVD

1612

CRITICAL

131

HIGH

555

MEDIUM

784

LOW

142

URL	https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation	Full support is 5.5 years from release. Maintenance support (security updates only) is for 3.5 years. After that, extended support is available for a fee.
Tag	商用ライセンス有り Linux

Add Information URL

No	Type	Name	URL
1			https://access.redhat.com/ja/articles/16476
2			https://access.redhat.com/support/policy/updates/errata
3			https://access.redhat.com/articles/3078
4			https://access.redhat.com/security
5			https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Security Support Service Pack Support	Extended for a fee	Critical	High	Medium	Low
1	Red Hat Enterprise Linux 9	9.4	April 30, 2024	May 17, 2022				3	95	152	8
2	Red Hat Enterprise Linux 8	8.9	Nov. 14, 2023	May 7, 2019	May 30, 2029			41	282	427	42
3	Red Hat Enterprise Linux 7	7.9	Sept. 29, 2020	Dec. 11, 2013	Aug. 6, 2020	June 30, 2024		87	249	259	38
4	Red Hat Enterprise Linux 6	6.10	June 19, 2018	Nov. 9, 2010	May 10, 2022	Nov. 30, 2020	June 30, 2024	69	162	204	54
5	Red Hat Enterprise Linux 5	5.11	Sept. 16, 2014	March 15, 2007	March 31, 2017		Nov. 30, 2020	22	58	89	40
6	Red Hat Enterprise Linux 4	4.5			Feb. 29, 2012		March 31, 2017	3	30	29	16
7	Red Hat Enterprise Linux 3	3.0						0	33	44	17
8	Red Hat Enterprise Linux 2	2.1 Update 7	April 28, 2005					0	32	37	6

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
1	6.5 -	MEDIUM Network	The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during P…	CWE-287 Improper Authentication	CVE-2023-52160	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-03-10 13:15 2024-02-23	Show	GitHub Exploit DB Packet Storm

2	7.5 -	HIGH Network	Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, ak…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2023-50387	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-03-8 02:15 2024-02-15	Show	GitHub Exploit DB Packet Storm

3	7.5 -	HIGH Network	A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to …	CWE-476 NULL Pointer Dereference	CVE-2023-6536	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-04-15 23:15 2024-02-8	Show	GitHub Exploit DB Packet Storm

4	7.5 -	HIGH Network	A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to …	CWE-476 NULL Pointer Dereference	CVE-2023-6535	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-04-26 01:15 2024-02-8	Show	GitHub Exploit DB Packet Storm

5	7.5 -	HIGH Network	A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to …	CWE-476 NULL Pointer Dereference	CVE-2023-6356	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-04-26 01:15 2024-02-8	Show	GitHub Exploit DB Packet Storm

6	3.3 -	LOW Local	A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set-bootflag will create a temporary file with the new grubenv content and rename it to the origina…	CWE-459 Incomplete Cleanup	CVE-2024-1048	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-04-30 23:15 2024-02-7	Show	GitHub Exploit DB Packet Storm

7	5.5 -	MEDIUM Local	An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, …	CWE-116 Improper Encoding or Escaping of Output	CVE-2024-0690	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-04-30 23:15 2024-02-6	Show	GitHub Exploit DB Packet Storm

8	7.5 -	HIGH Network	A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confi…	CWE-203 Information Exposure Through Discrepancy	CVE-2023-50782	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-02-27 01:27 2024-02-6	Show	GitHub Exploit DB Packet Storm

9	7.5 -	HIGH Network	A flaw was found in m2crypto. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive da…	CWE-203 Information Exposure Through Discrepancy	CVE-2023-50781	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-02-27 01:27 2024-02-6	Show	GitHub Exploit DB Packet Storm

10	5.3 -	MEDIUM Local	A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction …	CWE-59 Link Following	CVE-2023-7216	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-05-14 08:15 2024-02-6	Show	GitHub Exploit DB Packet Storm