Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1681 CRITICAL 136 HIGH 590 MEDIUM 803 LOW 151
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • 商用ライセンス有り
  • Linux
Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
901 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 5 127 172 17
902 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 44 314 444 50
903 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 92 270 270 46
904 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 73 169 210 55
905 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
906 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
907 Red Hat Enterprise Linux 3 3.0 0 33 44 17
908 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
901 7.2
6.5 		HIGH
Network 		A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By carefully corrupting a hyperloglog using … CWE-787
 Out-of-bounds Write 		CVE-2019-10192 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:18
2019-07-12 		Show GitHub Exploit DB Packet Storm
902 7.8
2.1 		HIGH
Local 		libosinfo 1.5.0 allows local users to discover credentials by listing a process, because credentials are passed to osinfo-install-script via the command line. CWE-200
Information Exposure 		CVE-2019-13313 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:24
2019-07-5 		Show GitHub Exploit DB Packet Storm
903 3.3
2.1 		LOW
Local 		Virt-install(1) utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line ar… - CVE-2019-10183 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:18
2019-07-3 		Show GitHub Exploit DB Packet Storm
904 8.8
9.0 		HIGH
Network 		PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own… CWE-787
 Out-of-bounds Write 		CVE-2019-10164 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:18
2019-06-27 		Show GitHub Exploit DB Packet Storm
905 7.0
6.9 		HIGH
Local 		arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain condit… CWE-787
 Out-of-bounds Write 		CVE-2019-12817 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 13:23
2019-06-25 		Show GitHub Exploit DB Packet Storm
906 5.9
4.3 		MEDIUM
Network 		FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. Depending on t… CWE-502
 Deserialization of Untrusted Data 		CVE-2019-12384 cpe:2.3:o:redhat:enterprise_linux:7.7:*
cpe:2.3:o:redhat:enterprise_linux:7.6:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 13:22
2019-06-25 		Show GitHub Exploit DB Packet Storm
907 7.5
5.0 		HIGH
Network 		Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. … CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2019-11479 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 13:21
2019-06-19 		Show GitHub Exploit DB Packet Storm
908 7.5
5.0 		HIGH
Network 		Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences… CWE-400
 Uncontrolled Resource Consumption 		CVE-2019-11478 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 13:21
2019-06-19 		Show GitHub Exploit DB Packet Storm
909 7.5
7.8 		HIGH
Network 		Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker c… CWE-190
 Integer Overflow or Wraparound 		CVE-2019-11477 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 13:21
2019-06-19 		Show GitHub Exploit DB Packet Storm
910 5.3
5.0 		MEDIUM
Network 		When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3… CWE-908
 Use of Uninitialized Resource 		CVE-2019-11038 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:* 		2024-11-21 13:20
2019-06-19 		Show GitHub Exploit DB Packet Storm