Software Detail

Software Informaton Top

Operating Systems

Software Detail

Red Hat Enterprise Linux

Number Of NVD

1680

CRITICAL

135

HIGH

590

MEDIUM

803

LOW

151

URL	https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation	Full support is 5.5 years from release. Maintenance support (security updates only) is for 3.5 years. After that, extended support is available for a fee.
Tag	Linux 商用ライセンス有り

Add Information URL

No	Type	Name	URL
1			https://access.redhat.com/ja/articles/16476
2			https://access.redhat.com/support/policy/updates/errata
3			https://access.redhat.com/articles/3078
4			https://access.redhat.com/security
5			https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Security Support Service Pack Support	Extended for a fee	Critical	High	Medium	Low
71	Red Hat Enterprise Linux 9	9.7	Nov. 11, 2025	May 17, 2022				4	127	172	17
72	Red Hat Enterprise Linux 8	8.10	May 22, 2024	May 7, 2019	May 30, 2029			43	314	444	50
73	Red Hat Enterprise Linux 7	7.9	Sept. 29, 2020	Dec. 11, 2013	Aug. 6, 2020	June 30, 2024		91	270	270	46
74	Red Hat Enterprise Linux 6	6.10	June 19, 2018	Nov. 9, 2010	May 10, 2022	Nov. 30, 2020	June 30, 2024	72	169	210	55
75	Red Hat Enterprise Linux 5	5.11	Sept. 16, 2014	March 15, 2007	March 31, 2017		Nov. 30, 2020	24	59	89	40
76	Red Hat Enterprise Linux 4	4.5			Feb. 29, 2012		March 31, 2017	5	30	29	16
77	Red Hat Enterprise Linux 3	3.0						0	33	44	17
78	Red Hat Enterprise Linux 2	2.1 Update 7	April 28, 2005					0	32	37	6

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
71	7.5 -	HIGH Network	A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confi…	CWE-203 Information Exposure Through Discrepancy	CVE-2023-50782	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 17:37 2024-02-6	Show	GitHub Exploit DB Packet Storm

72	7.5 -	HIGH Network	A flaw was found in m2crypto. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive da…	CWE-203 Information Exposure Through Discrepancy	CVE-2023-50781	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 17:37 2024-02-6	Show	GitHub Exploit DB Packet Storm

73	5.3 -	MEDIUM Local	A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction …	-	CVE-2023-7216	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 17:45 2024-02-6	Show	GitHub Exploit DB Packet Storm

74	6.5 -	MEDIUM Network	A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker to decrypt ciphertexts or forge signatures, limiting…	-	CVE-2023-6240	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 17:43 2024-02-4	Show	GitHub Exploit DB Packet Storm

75	5.9 -	MEDIUM Network	A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data.	-	CVE-2023-5992	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 17:42 2024-01-31	Show	GitHub Exploit DB Packet Storm

76	5.9 -	MEDIUM Network	A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext…	CWE-203 Information Exposure Through Discrepancy	CVE-2024-0914	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 17:47 2024-01-31	Show	GitHub Exploit DB Packet Storm

77	6.5 -	MEDIUM Adjacent	A flaw was found in the Linux kernel's memory deduplication mechanism. The max page sharing of Kernel Samepage Merging (KSM), added in Linux kernel version 4.4.0-96.119, can create a side channel. Wh…	CWE-203 Information Exposure Through Discrepancy	CVE-2024-0564	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-25 18:15 2024-01-31	Show	GitHub Exploit DB Packet Storm

78	5.1 -	MEDIUM Local	A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase.	CWE-125 Out-of-bounds Read	CVE-2023-40551	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 17:19 2024-01-30	Show	GitHub Exploit DB Packet Storm

79	5.5 -	MEDIUM Local	An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase.	CWE-125 Out-of-bounds Read	CVE-2023-40550	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 17:19 2024-01-30	Show	GitHub Exploit DB Packet Storm

80	5.5 -	MEDIUM Local	An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the i…	CWE-125 Out-of-bounds Read	CVE-2023-40549	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 17:19 2024-01-30	Show	GitHub Exploit DB Packet Storm