Software Detail

Software Informaton Top

Operating Systems

Software Detail

Red Hat Enterprise Linux

Number Of NVD

1680

CRITICAL

135

HIGH

590

MEDIUM

803

LOW

151

URL	https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation	Full support is 5.5 years from release. Maintenance support (security updates only) is for 3.5 years. After that, extended support is available for a fee.
Tag	商用ライセンス有り Linux

Add Information URL

No	Type	Name	URL
1			https://access.redhat.com/ja/articles/16476
2			https://access.redhat.com/support/policy/updates/errata
3			https://access.redhat.com/articles/3078
4			https://access.redhat.com/security
5			https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Security Support Service Pack Support	Extended for a fee	Critical	High	Medium	Low
481	Red Hat Enterprise Linux 9	9.7	Nov. 11, 2025	May 17, 2022				4	127	172	17
482	Red Hat Enterprise Linux 8	8.10	May 22, 2024	May 7, 2019	May 30, 2029			43	314	444	50
483	Red Hat Enterprise Linux 7	7.9	Sept. 29, 2020	Dec. 11, 2013	Aug. 6, 2020	June 30, 2024		91	270	270	46
484	Red Hat Enterprise Linux 6	6.10	June 19, 2018	Nov. 9, 2010	May 10, 2022	Nov. 30, 2020	June 30, 2024	72	169	210	55
485	Red Hat Enterprise Linux 5	5.11	Sept. 16, 2014	March 15, 2007	March 31, 2017		Nov. 30, 2020	24	59	89	40
486	Red Hat Enterprise Linux 4	4.5			Feb. 29, 2012		March 31, 2017	5	30	29	16
487	Red Hat Enterprise Linux 3	3.0						0	33	44	17
488	Red Hat Enterprise Linux 2	2.1 Update 7	April 28, 2005					0	32	37	6

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
481	6.5 7.1	MEDIUM Network	A flaw was found in the libtpms code that may cause access beyond the boundary of internal buffers. The vulnerability is triggered by specially-crafted TPM2 command packets that then trigger the issu…	-	CVE-2021-3746	cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 15:22 2021-10-20	Show	GitHub Exploit DB Packet Storm

482	4.3 4.0	MEDIUM Network	Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond t…	CWE-125 Out-of-bounds Read	CVE-2021-32672	cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 15:07 2021-10-5	Show	GitHub Exploit DB Packet Storm

483	8.8 6.1	HIGH Local	A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a ne…	-	CVE-2021-3653	cpe:2.3:o:redhat:enterprise_linux:7.0:*	2024-11-21 15:22 2021-09-30	Show	GitHub Exploit DB Packet Storm

484	7.8 6.9	HIGH Local	A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22.	CWE-476 NULL Pointer Dereference	CVE-2021-39251	cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 15:19 2021-09-8	Show	GitHub Exploit DB Packet Storm

485	7.8 6.9	HIGH Local	In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denia…	CWE-787 Out-of-bounds Write	CVE-2021-33285	cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 15:08 2021-09-7	Show	GitHub Exploit DB Packet Storm

486	6.5 4.0	MEDIUM Network	A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secret_hash and the other sess…	CWE-787 Out-of-bounds Write	CVE-2021-3634	cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 15:22 2021-09-1	Show	GitHub Exploit DB Packet Storm

487	8.1 5.8	HIGH Network	squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not vali…	CWE-22 Path Traversal	CVE-2021-40153	cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*	2024-11-21 15:23 2021-08-28	Show	GitHub Exploit DB Packet Storm

488	5.5 4.3	MEDIUM Local	There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds…	-	CVE-2021-3605	cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 15:21 2021-08-26	Show	GitHub Exploit DB Packet Storm

489	4.4 4.9	MEDIUM Local	A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands.	-	CVE-2021-3635	cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 15:22 2021-08-13	Show	GitHub Exploit DB Packet Storm

490	6.4 6.9	MEDIUM Local	A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregist…	-	CVE-2021-3573	cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 15:21 2021-08-13	Show	GitHub Exploit DB Packet Storm