Software Detail

Software Informaton Top

Operating Systems

Software Detail

Red Hat Enterprise Linux

Number Of NVD

1680

CRITICAL

135

HIGH

590

MEDIUM

803

LOW

151

URL	https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation	Full support is 5.5 years from release. Maintenance support (security updates only) is for 3.5 years. After that, extended support is available for a fee.
Tag	Linux 商用ライセンス有り

Add Information URL

No	Type	Name	URL
1			https://access.redhat.com/ja/articles/16476
2			https://access.redhat.com/support/policy/updates/errata
3			https://access.redhat.com/articles/3078
4			https://access.redhat.com/security
5			https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Security Support Service Pack Support	Extended for a fee	Critical	High	Medium	Low
661	Red Hat Enterprise Linux 9	9.7	Nov. 11, 2025	May 17, 2022				4	127	172	17
662	Red Hat Enterprise Linux 8	8.10	May 22, 2024	May 7, 2019	May 30, 2029			43	314	444	50
663	Red Hat Enterprise Linux 7	7.9	Sept. 29, 2020	Dec. 11, 2013	Aug. 6, 2020	June 30, 2024		91	270	270	46
664	Red Hat Enterprise Linux 6	6.10	June 19, 2018	Nov. 9, 2010	May 10, 2022	Nov. 30, 2020	June 30, 2024	72	169	210	55
665	Red Hat Enterprise Linux 5	5.11	Sept. 16, 2014	March 15, 2007	March 31, 2017		Nov. 30, 2020	24	59	89	40
666	Red Hat Enterprise Linux 4	4.5			Feb. 29, 2012		March 31, 2017	5	30	29	16
667	Red Hat Enterprise Linux 3	3.0						0	33	44	17
668	Red Hat Enterprise Linux 2	2.1 Update 7	April 28, 2005					0	32	37	6

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
661	6.0 6.0	MEDIUM Network	A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A m…	NVD-CWE-Other	CVE-2020-10749	cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*	2024-11-21 13:55 2020-06-3	Show	GitHub Exploit DB Packet Storm

662	5.9 4.3	MEDIUM Network	A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's categor…	CWE-476 NULL Pointer Dereference	CVE-2020-10711	cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 13:55 2020-05-23	Show	GitHub Exploit DB Packet Storm

663	5.3 4.4	MEDIUM Local	A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because exec_id in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a…	CWE-190 Integer Overflow or Wraparound	CVE-2020-12826	cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 14:00 2020-05-13	Show	GitHub Exploit DB Packet Storm

664	6.4 4.4	MEDIUM Local	There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp…	CWE-416 Use After Free	CVE-2020-10690	cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*	2024-11-21 13:55 2020-05-9	Show	GitHub Exploit DB Packet Storm

665	5.5 2.1	MEDIUM Local	An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposur…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2020-12458	cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 13:59 2020-04-30	Show	GitHub Exploit DB Packet Storm

666	6.5 4.0	MEDIUM Network	An issue was discovered in qemuDomainGetStatsIOThread in qemu/qemu_driver.c in libvirt 4.10.0 though 6.x before 6.1.0. A memory leak was found in the virDomainListGetStats libvirt API that is respons…	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2020-12430	cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 13:59 2020-04-29	Show	GitHub Exploit DB Packet Storm

667	5.3 5.4	MEDIUM Network	A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending a very long password (>= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading …	-	CVE-2020-1722	cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 14:11 2020-04-28	Show	GitHub Exploit DB Packet Storm

668	7.0 5.9	HIGH Local	An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when stor…	CWE-787 Out-of-bounds Write	CVE-2020-1751	cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 14:11 2020-04-18	Show	GitHub Exploit DB Packet Storm

669	7.5 5.0	HIGH Network	ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissi…	CWE-346 Origin Validation Error	CVE-2020-11868	cpe:2.3:o:redhat:enterprise_linux:7.0:*	2024-11-21 13:58 2020-04-17	Show	GitHub Exploit DB Packet Storm

670	5.3 5.0	MEDIUM Network	A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been f…	CWE-476 NULL Pointer Dereference	CVE-2020-1730	cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 14:11 2020-04-14	Show	GitHub Exploit DB Packet Storm