Software Detail

Software Informaton Top

Operating Systems

Software Detail

Red Hat Enterprise Linux

Number Of NVD

1680

CRITICAL

135

HIGH

590

MEDIUM

803

LOW

151

URL	https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation	Full support is 5.5 years from release. Maintenance support (security updates only) is for 3.5 years. After that, extended support is available for a fee.
Tag	商用ライセンス有り Linux

Add Information URL

No	Type	Name	URL
1			https://access.redhat.com/ja/articles/16476
2			https://access.redhat.com/support/policy/updates/errata
3			https://access.redhat.com/articles/3078
4			https://access.redhat.com/security
5			https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Security Support Service Pack Support	Extended for a fee	Critical	High	Medium	Low
491	Red Hat Enterprise Linux 9	9.7	Nov. 11, 2025	May 17, 2022				4	127	172	17
492	Red Hat Enterprise Linux 8	8.10	May 22, 2024	May 7, 2019	May 30, 2029			43	314	444	50
493	Red Hat Enterprise Linux 7	7.9	Sept. 29, 2020	Dec. 11, 2013	Aug. 6, 2020	June 30, 2024		91	270	270	46
494	Red Hat Enterprise Linux 6	6.10	June 19, 2018	Nov. 9, 2010	May 10, 2022	Nov. 30, 2020	June 30, 2024	72	169	210	55
495	Red Hat Enterprise Linux 5	5.11	Sept. 16, 2014	March 15, 2007	March 31, 2017		Nov. 30, 2020	24	59	89	40
496	Red Hat Enterprise Linux 4	4.5			Feb. 29, 2012		March 31, 2017	5	30	29	16
497	Red Hat Enterprise Linux 3	3.0						0	33	44	17
498	Red Hat Enterprise Linux 2	2.1 Update 7	April 28, 2005					0	32	37	6

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
491	9.8 7.5	CRITICAL Network	Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages.	CWE-787 Out-of-bounds Write	CVE-2021-20314	cpe:2.3:o:redhat:enterprise_linux:7.0:*	2024-11-21 14:46 2021-08-13	Show	GitHub Exploit DB Packet Storm

492	7.8 7.2	HIGH Local	In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the…	CWE-120 Classic Buffer Overflow	CVE-2021-38160	cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 15:16 2021-08-7	Show	GitHub Exploit DB Packet Storm

493	3.3 2.1	LOW Local	A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory.	CWE-20 Improper Input Validation	CVE-2021-3655	cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 15:22 2021-08-6	Show	GitHub Exploit DB Packet Storm

494	7.5 5.0	HIGH Network	A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash an…	-	CVE-2021-3580	cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*	2024-11-21 15:21 2021-08-6	Show	GitHub Exploit DB Packet Storm

495	8.5 6.0	HIGH Network	A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue bein…	-	CVE-2021-3682	cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 15:22 2021-08-6	Show	GitHub Exploit DB Packet Storm

496	5.5 2.1	MEDIUM Local	A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (…	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2021-3679	cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 15:22 2021-08-6	Show	GitHub Exploit DB Packet Storm

497	7.1 5.5	HIGH Network	A flaw was found in the ptp4l program of the linuxptp package. When ptp4l is operating on a little-endian architecture as a PTP transparent clock, a remote attacker could send a crafted one-step sync…	CWE-125 Out-of-bounds Read	CVE-2021-3571	cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 15:21 2021-07-9	Show	GitHub Exploit DB Packet Storm

498	7.8 7.2	HIGH Local	An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user t…	CWE-787 Out-of-bounds Write	CVE-2021-3612	cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*	2024-11-21 15:21 2021-07-9	Show	GitHub Exploit DB Packet Storm

499	8.8 8.0	HIGH Network	A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or pote…	CWE-787 Out-of-bounds Write	CVE-2021-3570	cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 15:21 2021-07-9	Show	GitHub Exploit DB Packet Storm

500	5.5 2.1	MEDIUM Local	There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an ou…	-	CVE-2021-3598	cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 15:21 2021-07-7	Show	GitHub Exploit DB Packet Storm