| Red Hat Enterprise Linux | Number Of NVD | 1704 | CRITICAL | 140 | HIGH | 597 | MEDIUM | 814 | LOW | 152 |
| URL | https://www.redhat.com/technologies/linux-platforms/enterprise-linux | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Explanation | Full support is 5.5 years from release. Maintenance support (security updates only) is for 3.5 years. After that, extended support is available for a fee. |
||||||||
| Tag | |||||||||
| No | Type | Name | URL |
|---|---|---|---|
| 1 | https://access.redhat.com/ja/articles/16476 | ||
| 2 | https://access.redhat.com/support/policy/updates/errata | ||
| 3 | https://access.redhat.com/articles/3078 | ||
| 4 | https://access.redhat.com/security | ||
| 5 | https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory |
| No | Name | Latest Version | Release date | Initial release | Normal Support | Security Support Service Pack Support |
Extended for a fee |
Critical | High | Medium | Low |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 11 | Red Hat Enterprise Linux 10.2 | 10.2 | May 19, 2026 | May 20, 2025 | 7 | 18 | 16 | 3 | |||
| 12 | Red Hat Enterprise Linux 9 | 9.7 | Nov. 11, 2025 | May 17, 2022 | 9 | 134 | 183 | 18 | |||
| 13 | Red Hat Enterprise Linux 8 | 8.10 | May 22, 2024 | May 7, 2019 | May 30, 2029 | 48 | 321 | 454 | 51 | ||
| 14 | Red Hat Enterprise Linux 7 | 7.9 | Sept. 29, 2020 | Dec. 11, 2013 | Aug. 6, 2020 | June 30, 2024 | 96 | 277 | 280 | 47 | |
| 15 | Red Hat Enterprise Linux 6 | 6.10 | June 19, 2018 | Nov. 9, 2010 | May 10, 2022 | Nov. 30, 2020 | June 30, 2024 | 76 | 170 | 212 | 56 |
| 16 | Red Hat Enterprise Linux 5 | 5.11 | Sept. 16, 2014 | March 15, 2007 | March 31, 2017 | Nov. 30, 2020 | 24 | 59 | 89 | 40 | |
| 17 | Red Hat Enterprise Linux 4 | 4.5 | Feb. 29, 2012 | March 31, 2017 | 5 | 30 | 29 | 16 | |||
| 18 | Red Hat Enterprise Linux 3 | 3.0 | 0 | 33 | 44 | 17 | |||||
| 19 | Red Hat Enterprise Linux 2 | 2.1 Update 7 | April 28, 2005 | 0 | 32 | 37 | 6 |
| No | CVSS3 CVSS2 |
Level Attach Vector |
Title | CWE | CVE | cpe23Uri | or higher | or less | more than | less than | Update date Published date |
Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 11 |
5.5 - |
MEDIUM
Local |
A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow(). A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, le… |
CWE-416
Use After Free |
CVE-2026-50263 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-06-12 04:46 2026-06-5 |
Show | GitHub Exploit DB Packet Storm | ||||
| 12 |
7.8 - |
HIGH
Local |
A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroy… |
CWE-416
Use After Free |
CVE-2026-50260 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-06-12 03:36 2026-06-5 |
Show | GitHub Exploit DB Packet Storm | ||||
| 13 |
7.8 - |
HIGH
Local |
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. _XkbSetMapChecks() declares a fixed-size stack buffer mapWidths[256] indexed by key type index. The helper function Ch… |
CWE-121
Stack-based Buffer Overflow |
CVE-2026-50259 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-06-9 03:28 2026-06-5 |
Show | GitHub Exploit DB Packet Storm | ||||
| 14 |
7.8 - |
HIGH
Local |
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has multiple stack buffers sized XkbMaxShiftLevel * XkbNumKbdGroups but CheckKeyTypes() does not verify o… |
CWE-121
Stack-based Buffer Overflow |
CVE-2026-50258 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-06-9 01:46 2026-06-5 |
Show | GitHub Exploit DB Packet Storm | ||||
| 15 |
7.8 - |
HIGH
Local |
A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence(). A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attack… |
CWE-416
Use After Free |
CVE-2026-50257 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-06-9 01:45 2026-06-5 |
Show | GitHub Exploit DB Packet Storm | ||||
| 16 |
7.8 - |
HIGH
Local |
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow… |
CWE-121
Stack-based Buffer Overflow |
CVE-2026-50256 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-06-9 01:45 2026-06-5 |
Show | GitHub Exploit DB Packet Storm | ||||
| 17 |
6.5 - |
MEDIUM
Network |
A flaw was found in Samba’s vfs_worm module. The module is intended to provide write-once, read-many (WORM) protections by preventing modification of files after a configurable grace period. Due to i… |
CWE-280
Improper Handling of Insufficient Permissions or Privileges |
CVE-2026-2340 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-05-29 00:33 2026-05-27 |
Show | GitHub Exploit DB Packet Storm | ||||
| 18 |
6.5 - |
MEDIUM
Network |
A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem wri… |
CWE-284 NVD-CWE-noinfo Improper Access Control |
CVE-2026-1933 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-06-3 05:01 2026-05-27 |
Show | GitHub Exploit DB Packet Storm | ||||
| 19 |
9.8 - |
CRITICAL
Network |
A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution charac… |
CWE-78
OS Command |
CVE-2026-4480 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-06-2 02:53 2026-05-27 |
Show | GitHub Exploit DB Packet Storm | ||||
| 20 |
9.8 - |
CRITICAL
Network |
A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacke… |
CWE-626
Null Byte Interaction Error (Poison Null Byte) |
CVE-2026-42010 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-05-13 22:54 2026-05-7 |
Show | GitHub Exploit DB Packet Storm |