Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1680 CRITICAL 135 HIGH 590 MEDIUM 803 LOW 151
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • 商用ライセンス有り
  • Linux
Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
351 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 4 127 172 17
352 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 43 314 444 50
353 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 91 270 270 46
354 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 72 169 210 55
355 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
356 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
357 Red Hat Enterprise Linux 3 3.0 0 33 44 17
358 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
351 7.8
- 		HIGH
Local 		An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a ma… - CVE-2021-31566 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 15:05
2022-08-24 		Show GitHub Exploit DB Packet Storm
352 6.8
- 		MEDIUM
Network 		A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of t… CWE-362
Race Condition 		CVE-2021-20316 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 14:46
2022-08-24 		Show GitHub Exploit DB Packet Storm
353 7.8
- 		HIGH
Local 		An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user… - CVE-2021-23177 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 14:51
2022-08-24 		Show GitHub Exploit DB Packet Storm
354 5.5
- 		MEDIUM
Local 		An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicio… CWE-131
Incorrect Calculation of Buffer Size 		CVE-2022-2873 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 16:01
2022-08-23 		Show GitHub Exploit DB Packet Storm
355 5.5
- 		MEDIUM
Local 		A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash t… CWE-476
 NULL Pointer Dereference 		CVE-2021-3659 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:* 		2024-11-21 15:22
2022-08-23 		Show GitHub Exploit DB Packet Storm
356 8.0
- 		HIGH
Network 		A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update a… CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2022-2625 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 16:01
2022-08-19 		Show GitHub Exploit DB Packet Storm
357 3.2
- 		LOW
Local 		An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the … CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2020-14394 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 14:03
2022-08-18 		Show GitHub Exploit DB Packet Storm
358 7.8
- 		HIGH
Local 		A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, thi… CWE-416
 Use After Free 		CVE-2022-1158 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 15:40
2022-08-6 		Show GitHub Exploit DB Packet Storm
359 7.5
- 		HIGH
Network 		A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function. CWE-415
 Double Free 		CVE-2022-2509 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 16:01
2022-08-1 		Show GitHub Exploit DB Packet Storm
360 6.1
- 		MEDIUM
Network 		A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the vi… CWE-79
Cross-site Scripting 		CVE-2022-35653 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 16:11
2022-07-26 		Show GitHub Exploit DB Packet Storm