Software Detail

Software Informaton Top

Operating Systems

Software Detail

Red Hat Enterprise Linux

Number Of NVD

1680

CRITICAL

135

HIGH

590

MEDIUM

803

LOW

151

URL	https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation	Full support is 5.5 years from release. Maintenance support (security updates only) is for 3.5 years. After that, extended support is available for a fee.
Tag	Linux 商用ライセンス有り

Add Information URL

No	Type	Name	URL
1			https://access.redhat.com/ja/articles/16476
2			https://access.redhat.com/support/policy/updates/errata
3			https://access.redhat.com/articles/3078
4			https://access.redhat.com/security
5			https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Security Support Service Pack Support	Extended for a fee	Critical	High	Medium	Low
371	Red Hat Enterprise Linux 9	9.7	Nov. 11, 2025	May 17, 2022				4	127	172	17
372	Red Hat Enterprise Linux 8	8.10	May 22, 2024	May 7, 2019	May 30, 2029			43	314	444	50
373	Red Hat Enterprise Linux 7	7.9	Sept. 29, 2020	Dec. 11, 2013	Aug. 6, 2020	June 30, 2024		91	270	270	46
374	Red Hat Enterprise Linux 6	6.10	June 19, 2018	Nov. 9, 2010	May 10, 2022	Nov. 30, 2020	June 30, 2024	72	169	210	55
375	Red Hat Enterprise Linux 5	5.11	Sept. 16, 2014	March 15, 2007	March 31, 2017		Nov. 30, 2020	24	59	89	40
376	Red Hat Enterprise Linux 4	4.5			Feb. 29, 2012		March 31, 2017	5	30	29	16
377	Red Hat Enterprise Linux 3	3.0						0	33	44	17
378	Red Hat Enterprise Linux 2	2.1 Update 7	April 28, 2005					0	32	37	6

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
371	7.8 6.8	HIGH Local	In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted…	CWE-704 Incorrect Type Conversion or Cast	CVE-2022-32547	cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:*	2024-11-21 16:06 2022-06-17	Show	GitHub Exploit DB Packet Storm

372	7.8 6.8	HIGH Local	A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a n…	CWE-190 Integer Overflow or Wraparound	CVE-2022-32546	cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:*	2024-11-21 16:06 2022-06-17	Show	GitHub Exploit DB Packet Storm

373	7.8 6.8	HIGH Local	A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a n…	CWE-190 Integer Overflow or Wraparound	CVE-2022-32545	cpe:2.3:o:redhat:enterprise_linux:7.0:*	2024-11-21 16:06 2022-06-17	Show	GitHub Exploit DB Packet Storm

374	7.8 7.2	HIGH Local	A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this …	CWE-416 Use After Free	CVE-2022-1998	cpe:2.3:o:redhat:enterprise_linux:9.0:*	2024-11-21 15:41 2022-06-10	Show	GitHub Exploit DB Packet Storm

375	7.5 7.8	HIGH Network	A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the outpu…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2022-1708	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 15:41 2022-06-8	Show	GitHub Exploit DB Packet Storm

376	6.8 6.9	MEDIUM Physics	With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer der…	CWE-476 NULL Pointer Dereference	CVE-2022-1789	cpe:2.3:o:redhat:enterprise_linux:9.0:*	2024-11-21 15:41 2022-06-2	Show	GitHub Exploit DB Packet Storm

377	7.5 5.0	HIGH Network	An access control bypass vulnerability found in 389-ds-base. That mishandling of the filter that would yield incorrect results, but as that has progressed, can be determined that it actually is an ac…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2022-1949	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 15:41 2022-06-2	Show	GitHub Exploit DB Packet Storm

378	7.8 7.2	HIGH Local	Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, …	CWE-416 Use After Free	CVE-2022-1652	cpe:2.3:o:redhat:enterprise_linux:9.0:*	2024-11-21 15:41 2022-06-2	Show	GitHub Exploit DB Packet Storm

379	6.3 3.3	MEDIUM Local	An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC …	-	CVE-2022-1462	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 15:40 2022-06-2	Show	GitHub Exploit DB Packet Storm

380	9.8 7.5	CRITICAL Network	A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed.	CWE-682 Incorrect Calculation	CVE-2022-30600	cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 16:03 2022-05-19	Show	GitHub Exploit DB Packet Storm