Software Detail

Software Informaton Top

Operating Systems

Software Detail

Red Hat Enterprise Linux

Number Of NVD

1680

CRITICAL

135

HIGH

590

MEDIUM

803

LOW

151

URL	https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation	Full support is 5.5 years from release. Maintenance support (security updates only) is for 3.5 years. After that, extended support is available for a fee.
Tag	Linux 商用ライセンス有り

Add Information URL

No	Type	Name	URL
1			https://access.redhat.com/ja/articles/16476
2			https://access.redhat.com/support/policy/updates/errata
3			https://access.redhat.com/articles/3078
4			https://access.redhat.com/security
5			https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Security Support Service Pack Support	Extended for a fee	Critical	High	Medium	Low
1371	Red Hat Enterprise Linux 9	9.7	Nov. 11, 2025	May 17, 2022				4	127	172	17
1372	Red Hat Enterprise Linux 8	8.10	May 22, 2024	May 7, 2019	May 30, 2029			43	314	444	50
1373	Red Hat Enterprise Linux 7	7.9	Sept. 29, 2020	Dec. 11, 2013	Aug. 6, 2020	June 30, 2024		91	270	270	46
1374	Red Hat Enterprise Linux 6	6.10	June 19, 2018	Nov. 9, 2010	May 10, 2022	Nov. 30, 2020	June 30, 2024	72	169	210	55
1375	Red Hat Enterprise Linux 5	5.11	Sept. 16, 2014	March 15, 2007	March 31, 2017		Nov. 30, 2020	24	59	89	40
1376	Red Hat Enterprise Linux 4	4.5			Feb. 29, 2012		March 31, 2017	5	30	29	16
1377	Red Hat Enterprise Linux 3	3.0						0	33	44	17
1378	Red Hat Enterprise Linux 2	2.1 Update 7	April 28, 2005					0	32	37	6

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
1371	7.4 5.8	HIGH Network	OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a z…	CWE-326 Inadequate Encryption Strength	CVE-2014-0224	cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux:5:* cpe:2.3:o:redhat:enterprise_linux:4…	2024-11-21 11:01 2014-06-6	Show	GitHub Exploit DB Packet Storm

1372	- 4.3	MEDIUM	The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client…	NVD-CWE-noinfo	CVE-2014-0221	cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux:5:*	2024-11-21 11:01 2014-06-6	Show	GitHub Exploit DB Packet Storm

1373	- 4.0	MEDIUM	The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing cert…	CWE-362 Race Condition	CVE-2014-3940	cpe:2.3:o:redhat:enterprise_linux:6.0:*	2024-11-21 11:09 2014-06-6	Show	GitHub Exploit DB Packet Storm

1374	- 3.3	LOW	kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel m…	CWE-200 Information Exposure	CVE-2014-3917	cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux:5:*	2024-11-21 11:09 2014-06-6	Show	GitHub Exploit DB Packet Storm

1375	5.5 6.9	MEDIUM Local	The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial …	CWE-362 Race Condition	CVE-2014-0196	cpe:2.3:o:redhat:enterprise_linux:6.0:*	2026-04-22 05:07 2014-05-7	Show	GitHub Exploit DB Packet Storm

1376	- 4.9	MEDIUM	Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, whic…	CWE-189 Numeric Errors	CVE-2014-0150	cpe:2.3:o:redhat:enterprise_linux:6.0:*	2024-11-21 11:01 2014-04-18	Show	GitHub Exploit DB Packet Storm

1377	- 4.0	MEDIUM	Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service (guest c…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2011-3346	cpe:2.3:o:redhat:enterprise_linux:5:*	2024-11-21 10:30 2014-04-1	Show	GitHub Exploit DB Packet Storm

1378	- 3.7	LOW	Luci in Red Hat Conga does not properly enforce the user session timeout, which might allow attackers to gain access to the session by reading the __ac session cookie. NOTE: this issue has been SPLI…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-7347	cpe:2.3:o:redhat:enterprise_linux:5:*	2024-11-21 11:00 2014-03-31	Show	GitHub Exploit DB Packet Storm

1379	- 3.7	LOW	Luci in Red Hat Conga stores the user's username and password in a Base64 encoded string in the __ac session cookie, which allows attackers to gain privileges by accessing this cookie. NOTE: this is…	CWE-255 Credentials Management	CVE-2012-3359	cpe:2.3:o:redhat:enterprise_linux:5:*	2024-11-21 10:40 2014-03-31	Show	GitHub Exploit DB Packet Storm

1380	- 5.5	MEDIUM	The get_rx_bufs function in drivers/vhost/net.c in the vhost-net subsystem in the Linux kernel package before 2.6.32-431.11.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly handle vhost_get_v…	NVD-CWE-noinfo	CVE-2014-0055	cpe:2.3:o:redhat:enterprise_linux:6.0:*	2024-11-21 11:01 2014-03-26	Show	GitHub Exploit DB Packet Storm