Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1680 CRITICAL 135 HIGH 590 MEDIUM 803 LOW 151
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • 商用ライセンス有り
  • Linux
Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
121 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 4 127 172 17
122 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 43 314 444 50
123 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 91 270 270 46
124 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 72 169 210 55
125 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
126 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
127 Red Hat Enterprise Linux 3 3.0 0 33 44 17
128 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
121 5.5
- 		MEDIUM
Local 		A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may allow a local attacker with CAP_NET_ADMIN user p… CWE-476
 NULL Pointer Dereference 		CVE-2023-6622 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:44
2023-12-9 		Show GitHub Exploit DB Packet Storm
122 7.1
- 		HIGH
Local 		An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel inform… CWE-125
Out-of-bounds Read 		CVE-2023-6606 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:44
2023-12-9 		Show GitHub Exploit DB Packet Storm
123 7.1
- 		HIGH
Local 		An out-of-bounds read vulnerability was found in smb2_dump_detail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel i… CWE-125
Out-of-bounds Read 		CVE-2023-6610 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:44
2023-12-9 		Show GitHub Exploit DB Packet Storm
124 5.3
- 		MEDIUM
Network 		A flaw was found in libnbd, due to a malicious Network Block Device (NBD), a protocol for accessing Block Devices such as hard disks over a Network. This issue may allow a malicious NBD server to cau… CWE-617
 Reachable Assertion 		CVE-2023-5871 cpe:2.3:o:redhat:enterprise_linux:9.0:* 2024-11-21 17:42
2023-11-27 		Show GitHub Exploit DB Packet Storm
125 4.7
- 		MEDIUM
Local 		A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific … CWE-476
 NULL Pointer Dereference 		CVE-2023-6176 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:43
2023-11-17 		Show GitHub Exploit DB Packet Storm
126 4.3
- 		MEDIUM
Network 		An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer ove… CWE-125
Out-of-bounds Read 		CVE-2023-6121 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 17:43
2023-11-17 		Show GitHub Exploit DB Packet Storm
127 6.1
- 		MEDIUM
Network 		The course upload preview contained an XSS risk for users uploading unsafe data. CWE-79
Cross-site Scripting 		CVE-2023-5547 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 17:41
2023-11-10 		Show GitHub Exploit DB Packet Storm
128 5.4
- 		MEDIUM
Network 		ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. CWE-79
Cross-site Scripting 		CVE-2023-5546 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 17:41
2023-11-10 		Show GitHub Exploit DB Packet Storm
129 5.4
- 		MEDIUM
Network 		Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk. CWE-79
CWE-639
Cross-site Scripting
 Authorization Bypass Through User-Controlled Key 		CVE-2023-5544 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 17:41
2023-11-10 		Show GitHub Exploit DB Packet Storm
130 6.4
- 		MEDIUM
Local 		A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the … CWE-416
 Use After Free 		CVE-2023-39198 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:14
2023-11-10 		Show GitHub Exploit DB Packet Storm