Software Detail

Software Informaton Top

Operating Systems

Software Detail

Red Hat Enterprise Linux

Number Of NVD

1680

CRITICAL

135

HIGH

590

MEDIUM

803

LOW

151

URL	https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation	Full support is 5.5 years from release. Maintenance support (security updates only) is for 3.5 years. After that, extended support is available for a fee.
Tag	商用ライセンス有り Linux

Add Information URL

No	Type	Name	URL
1			https://access.redhat.com/ja/articles/16476
2			https://access.redhat.com/support/policy/updates/errata
3			https://access.redhat.com/articles/3078
4			https://access.redhat.com/security
5			https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Security Support Service Pack Support	Extended for a fee	Critical	High	Medium	Low
101	Red Hat Enterprise Linux 9	9.7	Nov. 11, 2025	May 17, 2022				4	127	172	17
102	Red Hat Enterprise Linux 8	8.10	May 22, 2024	May 7, 2019	May 30, 2029			43	314	444	50
103	Red Hat Enterprise Linux 7	7.9	Sept. 29, 2020	Dec. 11, 2013	Aug. 6, 2020	June 30, 2024		91	270	270	46
104	Red Hat Enterprise Linux 6	6.10	June 19, 2018	Nov. 9, 2010	May 10, 2022	Nov. 30, 2020	June 30, 2024	72	169	210	55
105	Red Hat Enterprise Linux 5	5.11	Sept. 16, 2014	March 15, 2007	March 31, 2017		Nov. 30, 2020	24	59	89	40
106	Red Hat Enterprise Linux 4	4.5			Feb. 29, 2012		March 31, 2017	5	30	29	16
107	Red Hat Enterprise Linux 3	3.0						0	33	44	17
108	Red Hat Enterprise Linux 2	2.1 Update 7	April 28, 2005					0	32	37	6

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
101	5.5 -	MEDIUM Local	A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. When a cgroup is being destroyed, cgroup_rstat_flush() is o…	CWE-668 Exposure of Resource to Wrong Sphere	CVE-2024-0443	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 17:46 2024-01-12	Show	GitHub Exploit DB Packet Storm

102	6.5 -	MEDIUM Network	A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could p…	CWE-352 Origin Validation Error	CVE-2023-5455	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.4:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 17:41 2024-01-10	Show	GitHub Exploit DB Packet Storm

103	7.8 -	HIGH Local	It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use th…	CWE-125 CWE-787 Out-of-bounds Read Out-of-bounds Write	CVE-2021-3600	cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 15:21 2024-01-9	Show	GitHub Exploit DB Packet Storm

104	4.8 -	MEDIUM Local	A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code in…	CWE-74 Injection	CVE-2023-6004	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 17:42 2024-01-4	Show	GitHub Exploit DB Packet Storm

105	3.3 -	LOW Local	A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions t…	CWE-416 Use After Free	CVE-2024-0217	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 17:46 2024-01-4	Show	GitHub Exploit DB Packet Storm

106	4.4 -	MEDIUM Local	A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause…	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2023-7192	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 17:45 2024-01-3	Show	GitHub Exploit DB Packet Storm

107	6.7 -	MEDIUM Local	A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This…	CWE-416 Use After Free	CVE-2024-0193	cpe:2.3:o:redhat:enterprise_linux:9.0:*	2024-11-21 17:46 2024-01-3	Show	GitHub Exploit DB Packet Storm

108	5.3 -	MEDIUM Local	A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_V…	CWE-787 Out-of-bounds Write	CVE-2023-6693	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 17:44 2024-01-2	Show	GitHub Exploit DB Packet Storm

109	5.5 -	MEDIUM Local	A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to …	CWE-287 Improper Authentication	CVE-2023-4641	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 17:35 2023-12-28	Show	GitHub Exploit DB Packet Storm

110	7.0 -	HIGH Local	OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resis…	NVD-CWE-Other	CVE-2023-51767	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 17:38 2023-12-24	Show	GitHub Exploit DB Packet Storm