Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1680 CRITICAL 135 HIGH 590 MEDIUM 803 LOW 151
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • 商用ライセンス有り
  • Linux
Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
91 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 4 127 172 17
92 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 43 314 444 50
93 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 91 270 270 46
94 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 72 169 210 55
95 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
96 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
97 Red Hat Enterprise Linux 3 3.0 0 33 44 17
98 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
91 5.5
- 		MEDIUM
Local 		A denial of service vulnerability was found in tipc_crypto_key_revoke in net/tipc/crypto.c in the Linux kernel’s TIPC subsystem. This flaw allows guests with local user privileges to trigger a deadlo… CWE-667
 Improper Locking 		CVE-2024-0641 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:47
2024-01-18 		Show GitHub Exploit DB Packet Storm
92 5.5
- 		MEDIUM
Local 		A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to… CWE-667
 Improper Locking 		CVE-2024-0639 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:47
2024-01-18 		Show GitHub Exploit DB Packet Storm
93 7.8
- 		HIGH
Local 		An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows… CWE-787
 Out-of-bounds Write 		CVE-2024-0646 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-25 19:44
2024-01-18 		Show GitHub Exploit DB Packet Storm
94 5.5
- 		MEDIUM
Local 		A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malici… CWE-416
 Use After Free 		CVE-2024-0232 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:46
2024-01-16 		Show GitHub Exploit DB Packet Storm
95 7.5
- 		HIGH
Network 		A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issu… CWE-203
 Information Exposure Through Discrepancy 		CVE-2024-0553 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:46
2024-01-16 		Show GitHub Exploit DB Packet Storm
96 7.8
- 		HIGH
Local 		A use-after-free flaw was found in the Linux Kernel. When a disk is removed, bdi_unregister is called to stop further write-back and waits for associated delayed work to complete. However, wb_inode_w… CWE-416
 Use After Free 		CVE-2024-0562 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:46
2024-01-16 		Show GitHub Exploit DB Packet Storm
97 6.8
- 		MEDIUM
Physics 		An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protectio… CWE-290
 Authentication Bypass by Spoofing 		CVE-2023-4001 cpe:2.3:o:redhat:enterprise_linux:9.0:* 2024-11-21 17:34
2024-01-15 		Show GitHub Exploit DB Packet Storm
98 5.5
- 		MEDIUM
Local 		A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a missing ch… CWE-476
 NULL Pointer Dereference 		CVE-2023-6915 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:44
2024-01-15 		Show GitHub Exploit DB Packet Storm
99 5.5
- 		MEDIUM
Local 		Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root. NVD-CWE-noinfo
CVE-2024-23301 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:57
2024-01-13 		Show GitHub Exploit DB Packet Storm
100 6.5
- 		MEDIUM
Network 		A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemu_clipboard_request() function can be reached before vnc_server_cut_text_caps() was called and had the… CWE-476
 NULL Pointer Dereference 		CVE-2023-6683 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:44
2024-01-13 		Show GitHub Exploit DB Packet Storm