Software Detail

Software Informaton Top

Operating Systems

Software Detail

Red Hat Enterprise Linux

Number Of NVD

1680

CRITICAL

135

HIGH

590

MEDIUM

803

LOW

151

URL	https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation	Full support is 5.5 years from release. Maintenance support (security updates only) is for 3.5 years. After that, extended support is available for a fee.
Tag	Linux 商用ライセンス有り

Add Information URL

No	Type	Name	URL
1			https://access.redhat.com/ja/articles/16476
2			https://access.redhat.com/support/policy/updates/errata
3			https://access.redhat.com/articles/3078
4			https://access.redhat.com/security
5			https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Security Support Service Pack Support	Extended for a fee	Critical	High	Medium	Low
641	Red Hat Enterprise Linux 9	9.7	Nov. 11, 2025	May 17, 2022				4	127	172	17
642	Red Hat Enterprise Linux 8	8.10	May 22, 2024	May 7, 2019	May 30, 2029			43	314	444	50
643	Red Hat Enterprise Linux 7	7.9	Sept. 29, 2020	Dec. 11, 2013	Aug. 6, 2020	June 30, 2024		91	270	270	46
644	Red Hat Enterprise Linux 6	6.10	June 19, 2018	Nov. 9, 2010	May 10, 2022	Nov. 30, 2020	June 30, 2024	72	169	210	55
645	Red Hat Enterprise Linux 5	5.11	Sept. 16, 2014	March 15, 2007	March 31, 2017		Nov. 30, 2020	24	59	89	40
646	Red Hat Enterprise Linux 4	4.5			Feb. 29, 2012		March 31, 2017	5	30	29	16
647	Red Hat Enterprise Linux 3	3.0						0	33	44	17
648	Red Hat Enterprise Linux 2	2.1 Update 7	April 28, 2005					0	32	37	6

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
641	6.0 3.3	MEDIUM Local	A PGP signature bypass flaw was found in fwupd (all versions), which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is theoretically possible, but not practi…	-	CVE-2020-10759	cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*	2024-11-21 13:56 2020-09-16	Show	GitHub Exploit DB Packet Storm

642	6.6 7.2	MEDIUM Physics	A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of…	-	CVE-2020-14331	cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*	2024-11-21 14:03 2020-09-16	Show	GitHub Exploit DB Packet Storm

643	7.3 4.4	HIGH Local	Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access.	CWE-426 Untrusted Search Path	CVE-2020-0570	cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*	2024-11-21 13:53 2020-09-15	Show	GitHub Exploit DB Packet Storm

644	7.5 5.0	HIGH Network	<p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p> <p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow …	NVD-CWE-noinfo	CVE-2020-1045	cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 14:09 2020-09-12	Show	GitHub Exploit DB Packet Storm

645	7.5 5.0	HIGH Network	A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the ker…	-	CVE-2020-1749	cpe:2.3:o:redhat:enterprise_linux:7.0:*	2024-11-21 14:11 2020-09-10	Show	GitHub Exploit DB Packet Storm

646	5.5 2.1	MEDIUM Local	A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a denial of service.	CWE-416 Use After Free	CVE-2020-14373	cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*	2024-11-21 14:03 2020-09-4	Show	GitHub Exploit DB Packet Storm

647	5.0 4.4	MEDIUM Local	An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exce…	CWE-125 CWE-787 Out-of-bounds Read Out-of-bounds Write	CVE-2020-14364	cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 14:03 2020-09-1	Show	GitHub Exploit DB Packet Storm

648	7.8 7.2	HIGH Local	A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or e…	CWE-476 NULL Pointer Dereference	CVE-2020-14356	cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 14:03 2020-08-20	Show	GitHub Exploit DB Packet Storm

649	7.5 5.0	HIGH Network	Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resou…	CWE-444 HTTP Request Smuggling	CVE-2020-9490	cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 14:40 2020-08-8	Show	GitHub Exploit DB Packet Storm

650	6.0 3.6	MEDIUM Local	There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow lead…	-	CVE-2020-14311	cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*	2024-11-21 14:02 2020-08-1	Show	GitHub Exploit DB Packet Storm