Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1680 CRITICAL 135 HIGH 590 MEDIUM 803 LOW 151
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • 商用ライセンス有り
  • Linux
Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
221 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 4 127 172 17
222 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 43 314 444 50
223 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 91 270 270 46
224 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 72 169 210 55
225 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
226 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
227 Red Hat Enterprise Linux 3 3.0 0 33 44 17
228 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
221 5.3
- 		MEDIUM
Local 		A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operatio… CWE-362
CWE-667
Race Condition
 Improper Locking 		CVE-2023-33951 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:06
2023-07-25 		Show GitHub Exploit DB Packet Storm
222 5.9
- 		MEDIUM
Network 		A vulnerability was found in Samba's SMB2 packet signing mechanism. The SMB2 packet signing is not enforced if an admin configured "server signing = required" or for SMB2 connections to Domain Contro… NVD-CWE-noinfo
CVE-2023-3347 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:17
2023-07-21 		Show GitHub Exploit DB Packet Storm
223 5.3
- 		MEDIUM
Network 		A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search querie… NVD-CWE-noinfo
CVE-2023-34968 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:07
2023-07-21 		Show GitHub Exploit DB Packet Storm
224 5.9
- 		MEDIUM
Network 		An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM authentication, the client replies to cryptographic challeng… CWE-125
Out-of-bounds Read 		CVE-2022-2127 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 16:00
2023-07-21 		Show GitHub Exploit DB Packet Storm
225 5.3
- 		MEDIUM
Network 		A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the k… CWE-843
Type Confusion 		CVE-2023-34967 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:07
2023-07-21 		Show GitHub Exploit DB Packet Storm
226 7.5
- 		HIGH
Network 		An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function sl_unpack_loop() di… CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2023-34966 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:07
2023-07-21 		Show GitHub Exploit DB Packet Storm
227 5.5
- 		MEDIUM
Local 		An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str function in indep.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file. CWE-125
Out-of-bounds Read 		CVE-2023-38253 cpe:2.3:o:redhat:enterprise_linux:6.0:* 2024-11-21 17:13
2023-07-15 		Show GitHub Exploit DB Packet Storm
228 5.5
- 		MEDIUM
Local 		An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file. CWE-125
Out-of-bounds Read 		CVE-2023-38252 cpe:2.3:o:redhat:enterprise_linux:6.0:* 2024-11-21 17:13
2023-07-15 		Show GitHub Exploit DB Packet Storm
229 6.5
- 		MEDIUM
Network 		A flaw was found in libtiff. A specially crafted tiff file can lead to a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tif_fax3.c, resulting in a denial of service. CWE-120
Classic Buffer Overflow 		CVE-2023-3618 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:17
2023-07-13 		Show GitHub Exploit DB Packet Storm
230 7.5
- 		HIGH
Network 		A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the … CWE-476
 NULL Pointer Dereference 		CVE-2023-3354 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 17:17
2023-07-12 		Show GitHub Exploit DB Packet Storm