Software Detail

Software Informaton Top

Operating Systems

Software Detail

Red Hat Enterprise Linux

Number Of NVD

1680

CRITICAL

135

HIGH

590

MEDIUM

803

LOW

151

URL	https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation	Full support is 5.5 years from release. Maintenance support (security updates only) is for 3.5 years. After that, extended support is available for a fee.
Tag	商用ライセンス有り Linux

Add Information URL

No	Type	Name	URL
1			https://access.redhat.com/ja/articles/16476
2			https://access.redhat.com/support/policy/updates/errata
3			https://access.redhat.com/articles/3078
4			https://access.redhat.com/security
5			https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Security Support Service Pack Support	Extended for a fee	Critical	High	Medium	Low
331	Red Hat Enterprise Linux 9	9.7	Nov. 11, 2025	May 17, 2022				4	127	172	17
332	Red Hat Enterprise Linux 8	8.10	May 22, 2024	May 7, 2019	May 30, 2029			43	314	444	50
333	Red Hat Enterprise Linux 7	7.9	Sept. 29, 2020	Dec. 11, 2013	Aug. 6, 2020	June 30, 2024		91	270	270	46
334	Red Hat Enterprise Linux 6	6.10	June 19, 2018	Nov. 9, 2010	May 10, 2022	Nov. 30, 2020	June 30, 2024	72	169	210	55
335	Red Hat Enterprise Linux 5	5.11	Sept. 16, 2014	March 15, 2007	March 31, 2017		Nov. 30, 2020	24	59	89	40
336	Red Hat Enterprise Linux 4	4.5			Feb. 29, 2012		March 31, 2017	5	30	29	16
337	Red Hat Enterprise Linux 3	3.0						0	33	44	17
338	Red Hat Enterprise Linux 2	2.1 Update 7	April 28, 2005					0	32	37	6

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
331	5.5 -	MEDIUM Local	A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM in…	CWE-212 Improper Removal of Sensitive Information Before Storage or Transfer	CVE-2022-0171	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 15:38 2022-08-27	Show	GitHub Exploit DB Packet Storm

332	4.4 -	MEDIUM Local	A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_u…	-	CVE-2022-0168	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 15:38 2022-08-27	Show	GitHub Exploit DB Packet Storm

333	6.7 -	MEDIUM Local	It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns ano…	-	CVE-2021-35939	cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 15:12 2022-08-27	Show	GitHub Exploit DB Packet Storm

334	7.0 -	HIGH Local	A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and…	-	CVE-2021-3864	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 15:22 2022-08-27	Show	GitHub Exploit DB Packet Storm

335	5.5 -	MEDIUM Local	A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2021-3669	cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 15:22 2022-08-27	Show	GitHub Exploit DB Packet Storm

336	6.7 -	MEDIUM Local	A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original…	CWE-59 Link Following	CVE-2021-35938	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 15:12 2022-08-26	Show	GitHub Exploit DB Packet Storm

337	6.4 -	MEDIUM Local	A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially ga…	CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2021-35937	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 15:12 2022-08-26	Show	GitHub Exploit DB Packet Storm

338	7.8 -	HIGH Local	An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_…	-	CVE-2022-0135	cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 15:37 2022-08-26	Show	GitHub Exploit DB Packet Storm

339	3.3 -	LOW Local	A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafte…	CWE-476 NULL Pointer Dereference	CVE-2021-4217	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 15:37 2022-08-25	Show	GitHub Exploit DB Packet Storm

340	7.5 -	HIGH Network	A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force …	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2021-4213	cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 15:37 2022-08-25	Show	GitHub Exploit DB Packet Storm