Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1711 CRITICAL 141 HIGH 603 MEDIUM 814 LOW 152
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • 商用ライセンス有り
  • Linux

Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
401 Red Hat Enterprise Linux 10.2 10.2 May 19, 2026 May 20, 2025 8 24 16 3
402 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 10 140 183 18
403 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 49 327 454 51
404 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 97 283 280 47
405 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 77 176 212 56
406 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
407 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
408 Red Hat Enterprise Linux 3 3.0 0 33 44 17
409 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
401 8.2
4.6
HIGH
Local
A set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture can be booted by the grub in Secure Boot mode even though it shouldn't. These kernel builds don't have t… NVD-CWE-Other
CVE-2022-1665 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 15:41
2022-06-22
Show GitHub Exploit DB Packet Storm
402 7.8
6.8
HIGH
Local
In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted… CWE-704
 Incorrect Type Conversion or Cast
CVE-2022-32547 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
2024-11-21 16:06
2022-06-17
Show GitHub Exploit DB Packet Storm
403 7.8
6.8
HIGH
Local
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a n… CWE-190
 Integer Overflow or Wraparound
CVE-2022-32546 cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*
2024-11-21 16:06
2022-06-17
Show GitHub Exploit DB Packet Storm
404 7.8
6.8
HIGH
Local
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a n… CWE-190
 Integer Overflow or Wraparound
CVE-2022-32545 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 16:06
2022-06-17
Show GitHub Exploit DB Packet Storm
405 7.8
7.2
HIGH
Local
A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this … CWE-416
 Use After Free
CVE-2022-1998 cpe:2.3:o:redhat:enterprise_linux:9.0:* 2024-11-21 15:41
2022-06-10
Show GitHub Exploit DB Packet Storm
406 7.5
7.8
HIGH
Network
A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the outpu… CWE-770
 Allocation of Resources Without Limits or Throttling
CVE-2022-1708 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux…
2024-11-21 15:41
2022-06-8
Show GitHub Exploit DB Packet Storm
407 6.8
6.9
MEDIUM
Physics
With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer der… CWE-476
 NULL Pointer Dereference
CVE-2022-1789 cpe:2.3:o:redhat:enterprise_linux:9.0:* 2024-11-21 15:41
2022-06-2
Show GitHub Exploit DB Packet Storm
408 7.5
5.0
HIGH
Network
An access control bypass vulnerability found in 389-ds-base. That mishandling of the filter that would yield incorrect results, but as that has progressed, can be determined that it actually is an ac… CWE-639
 Authorization Bypass Through User-Controlled Key
CVE-2022-1949 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
2024-11-21 15:41
2022-06-2
Show GitHub Exploit DB Packet Storm
409 7.8
7.2
HIGH
Local
Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, … CWE-416
 Use After Free
CVE-2022-1652 cpe:2.3:o:redhat:enterprise_linux:9.0:* 2024-11-21 15:41
2022-06-2
Show GitHub Exploit DB Packet Storm
410 6.3
3.3
MEDIUM
Local
An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC … - CVE-2022-1462 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
2024-11-21 15:40
2022-06-2
Show GitHub Exploit DB Packet Storm