Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1704 CRITICAL 140 HIGH 597 MEDIUM 814 LOW 152
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • Linux
  • 商用ライセンス有り

Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
121 Red Hat Enterprise Linux 10.2 10.2 May 19, 2026 May 20, 2025 7 18 16 3
122 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 9 134 183 18
123 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 48 321 454 51
124 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 96 277 280 47
125 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 76 170 212 56
126 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
127 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
128 Red Hat Enterprise Linux 3 3.0 0 33 44 17
129 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
121 6.8
-
MEDIUM
Physics
An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protectio… CWE-290
 Authentication Bypass by Spoofing
CVE-2023-4001 cpe:2.3:o:redhat:enterprise_linux:9.0:* 2024-11-21 17:34
2024-01-15
Show GitHub Exploit DB Packet Storm
122 5.5
-
MEDIUM
Local
A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a missing ch… CWE-476
 NULL Pointer Dereference
CVE-2023-6915 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
2024-11-21 17:44
2024-01-15
Show GitHub Exploit DB Packet Storm
123 5.5
-
MEDIUM
Local
Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root. NVD-CWE-noinfo
CVE-2024-23301 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
2024-11-21 17:57
2024-01-13
Show GitHub Exploit DB Packet Storm
124 6.5
-
MEDIUM
Network
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemu_clipboard_request() function can be reached before vnc_server_cut_text_caps() was called and had the… CWE-476
 NULL Pointer Dereference
CVE-2023-6683 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
2024-11-21 17:44
2024-01-13
Show GitHub Exploit DB Packet Storm
125 5.5
-
MEDIUM
Local
A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. When a cgroup is being destroyed, cgroup_rstat_flush() is o… CWE-668
 Exposure of Resource to Wrong Sphere
CVE-2024-0443 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
2024-11-21 17:46
2024-01-12
Show GitHub Exploit DB Packet Storm
126 6.5
-
MEDIUM
Network
A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could p… CWE-352
 Origin Validation Error
CVE-2023-5455 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.4:*
cpe:2.3:o:redhat:enterprise_linux…
2024-11-21 17:41
2024-01-10
Show GitHub Exploit DB Packet Storm
127 7.8
-
HIGH
Local
It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use th… CWE-125
CWE-787
Out-of-bounds Read
 Out-of-bounds Write
CVE-2021-3600 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 15:21
2024-01-9
Show GitHub Exploit DB Packet Storm
128 4.8
-
MEDIUM
Local
A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code in… CWE-74
Injection
CVE-2023-6004 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
2024-11-21 17:42
2024-01-4
Show GitHub Exploit DB Packet Storm
129 3.3
-
LOW
Local
A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions t… CWE-416
 Use After Free
CVE-2024-0217 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
2024-11-21 17:46
2024-01-4
Show GitHub Exploit DB Packet Storm
130 4.4
-
MEDIUM
Local
A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause… CWE-401
 Missing Release of Memory after Effective Lifetime
CVE-2023-7192 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
2024-11-21 17:45
2024-01-3
Show GitHub Exploit DB Packet Storm