Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1680 CRITICAL 135 HIGH 590 MEDIUM 803 LOW 151
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • Linux
  • 商用ライセンス有り
Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
1101 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 4 127 172 17
1102 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 43 314 444 50
1103 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 91 270 270 46
1104 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 72 169 210 55
1105 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
1106 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
1107 Red Hat Enterprise Linux 3 3.0 0 33 44 17
1108 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
1101 6.5
6.8 		MEDIUM
Local 		Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image. - CVE-2018-10877 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:42
2018-07-19 		Show GitHub Exploit DB Packet Storm
1102 6.6
7.2 		MEDIUM
Physics 		Linux kernel is vulnerable to a heap-based buffer overflow in the fs/ext4/xattr.c:ext4_xattr_set_entry() function. An attacker could exploit this by operating on a mounted crafted ext4 image. - CVE-2018-10840 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:42
2018-07-17 		Show GitHub Exploit DB Packet Storm
1103 5.6
4.7 		MEDIUM
Local 		Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer over… NVD-CWE-noinfo
CVE-2018-3693 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 13:05
2018-07-11 		Show GitHub Exploit DB Packet Storm
1104 5.5
4.9 		MEDIUM
Local 		A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliv… - CVE-2018-10872 cpe:2.3:o:redhat:enterprise_linux:6.0:* 2024-11-21 12:42
2018-07-11 		Show GitHub Exploit DB Packet Storm
1105 6.5
3.3 		MEDIUM
Adjacent 		A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to … CWE-287
Improper Authentication 		CVE-2018-1129 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:59
2018-07-10 		Show GitHub Exploit DB Packet Storm
1106 7.5
5.4 		HIGH
Adjacent 		It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff pack… CWE-287
Improper Authentication 		CVE-2018-1128 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:59
2018-07-10 		Show GitHub Exploit DB Packet Storm
1107 5.3
5.0 		MEDIUM
Network 		The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disa… - CVE-2018-10892 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:42
2018-07-7 		Show GitHub Exploit DB Packet Storm
1108 7.5
5.0 		HIGH
Network 		There is an information leak vulnerability in Sprockets. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower, 2.12.4 and lower. Specially crafted requests can be used to access files that exist… CWE-200
Information Exposure 		CVE-2018-3760 cpe:2.3:o:redhat:enterprise_linux:7.6:*
cpe:2.3:o:redhat:enterprise_linux:7.5:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 13:06
2018-06-27 		Show GitHub Exploit DB Packet Storm
1109 5.6
4.7 		MEDIUM
Local 		System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculat… CWE-200
Information Exposure 		CVE-2018-3665 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:* 		2024-11-21 13:05
2018-06-22 		Show GitHub Exploit DB Packet Storm
1110 5.9
7.1 		MEDIUM
Network 		389-ds-base before versions 1.4.0.10, 1.3.8.3 is vulnerable to a race condition in the way 389-ds-base handles persistent search, resulting in a crash if the server is under load. An anonymous attack… CWE-362
Race Condition 		CVE-2018-10850 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 12:42
2018-06-14 		Show GitHub Exploit DB Packet Storm