| Red Hat Enterprise Linux | Number Of NVD | 1704 | CRITICAL | 140 | HIGH | 597 | MEDIUM | 814 | LOW | 152 |
| URL | https://www.redhat.com/technologies/linux-platforms/enterprise-linux | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Explanation | Full support is 5.5 years from release. Maintenance support (security updates only) is for 3.5 years. After that, extended support is available for a fee. |
||||||||
| Tag | |||||||||
| No | Type | Name | URL |
|---|---|---|---|
| 1 | https://access.redhat.com/ja/articles/16476 | ||
| 2 | https://access.redhat.com/support/policy/updates/errata | ||
| 3 | https://access.redhat.com/articles/3078 | ||
| 4 | https://access.redhat.com/security | ||
| 5 | https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory |
| No | Name | Latest Version | Release date | Initial release | Normal Support | Security Support Service Pack Support |
Extended for a fee |
Critical | High | Medium | Low |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 31 | Red Hat Enterprise Linux 10.2 | 10.2 | May 19, 2026 | May 20, 2025 | 7 | 18 | 16 | 3 | |||
| 32 | Red Hat Enterprise Linux 9 | 9.7 | Nov. 11, 2025 | May 17, 2022 | 9 | 134 | 183 | 18 | |||
| 33 | Red Hat Enterprise Linux 8 | 8.10 | May 22, 2024 | May 7, 2019 | May 30, 2029 | 48 | 321 | 454 | 51 | ||
| 34 | Red Hat Enterprise Linux 7 | 7.9 | Sept. 29, 2020 | Dec. 11, 2013 | Aug. 6, 2020 | June 30, 2024 | 96 | 277 | 280 | 47 | |
| 35 | Red Hat Enterprise Linux 6 | 6.10 | June 19, 2018 | Nov. 9, 2010 | May 10, 2022 | Nov. 30, 2020 | June 30, 2024 | 76 | 170 | 212 | 56 |
| 36 | Red Hat Enterprise Linux 5 | 5.11 | Sept. 16, 2014 | March 15, 2007 | March 31, 2017 | Nov. 30, 2020 | 24 | 59 | 89 | 40 | |
| 37 | Red Hat Enterprise Linux 4 | 4.5 | Feb. 29, 2012 | March 31, 2017 | 5 | 30 | 29 | 16 | |||
| 38 | Red Hat Enterprise Linux 3 | 3.0 | 0 | 33 | 44 | 17 | |||||
| 39 | Red Hat Enterprise Linux 2 | 2.1 Update 7 | April 28, 2005 | 0 | 32 | 37 | 6 |
| No | CVSS3 CVSS2 |
Level Attach Vector |
Title | CWE | CVE | cpe23Uri | or higher | or less | more than | less than | Update date Published date |
Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 31 |
8.2 - |
HIGH
Network |
A flaw was found in libsoup's SoupServer. A remote attacker could exploit a use-after-free vulnerability where the `soup_server_disconnect()` function frees connection objects prematurely, even if a … |
CWE-825
Expired Pointer Dereference |
CVE-2026-2436 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-04-22 00:48 2026-03-27 |
Show | GitHub Exploit DB Packet Storm | ||||
| 32 |
5.5 - |
MEDIUM
Local |
A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the `polkit-agent-helper-1` setuid binary via standard input (stdin). This unboun… |
CWE-770
Allocation of Resources Without Limits or Throttling |
CVE-2026-4897 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-04-22 01:29 2026-03-27 |
Show | GitHub Exploit DB Packet Storm | ||||
| 33 |
7.8 - |
HIGH
Local |
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. T… |
CWE-190
Integer Overflow or Wraparound |
CVE-2026-4775 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-04-22 01:34 2026-03-25 |
Show | GitHub Exploit DB Packet Storm | ||||
| 34 |
7.5 - |
HIGH
Network |
A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP GET request containing multipart/form-data content. If the underlying application processes paramet… |
CWE-770
Allocation of Resources Without Limits or Throttling |
CVE-2026-3260 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-04-9 04:11 2026-03-24 |
Show | GitHub Exploit DB Packet Storm | ||||
| 35 |
6.5 - |
MEDIUM
Network |
A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when pro… |
CWE-190
Integer Overflow or Wraparound |
CVE-2025-14512 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-04-20 05:16 2025-12-11 |
Show | GitHub Exploit DB Packet Storm | ||||
| 36 |
9.8 - |
CRITICAL
Network |
A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GV… |
CWE-190
Integer Overflow or Wraparound |
CVE-2025-14087 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-04-20 05:16 2025-12-10 |
Show | GitHub Exploit DB Packet Storm | ||||
| 37 |
7.5 - |
HIGH
Network |
A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allow… |
CWE-843
Type Confusion |
CVE-2025-7424 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-04-15 07:16 2025-07-10 |
Show | GitHub Exploit DB Packet Storm | ||||
| 38 |
8.2 - |
HIGH
Network |
A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an … |
CWE-122
Heap-based Buffer Overflow |
CVE-2025-32990 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-04-21 07:16 2025-07-10 |
Show | GitHub Exploit DB Packet Storm | ||||
| 39 |
5.3 - |
MEDIUM
Network |
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw a… |
CWE-295
Improper Certificate Validation |
CVE-2025-32989 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-04-21 07:16 2025-07-10 |
Show | GitHub Exploit DB Packet Storm | ||||
| 40 |
8.2 - |
HIGH
Network |
A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If … |
CWE-415
Double Free |
CVE-2025-32988 |
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux… |
2026-04-21 07:16 2025-07-10 |
Show | GitHub Exploit DB Packet Storm |