Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1701 CRITICAL 140 HIGH 597 MEDIUM 812 LOW 151
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • Linux
  • 商用ライセンス有り
Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
111 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 9 134 181 17
112 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 48 321 452 50
113 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 96 277 278 46
114 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 76 170 210 55
115 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
116 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
117 Red Hat Enterprise Linux 3 3.0 0 33 44 17
118 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
111 5.5
- 		MEDIUM
Local 		A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (… NVD-CWE-Other
CVE-2024-0408 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux… 		2024-11-21 17:46
2024-01-19 		Show GitHub Exploit DB Packet Storm
112 5.5
- 		MEDIUM
Local 		A denial of service vulnerability was found in tipc_crypto_key_revoke in net/tipc/crypto.c in the Linux kernel’s TIPC subsystem. This flaw allows guests with local user privileges to trigger a deadlo… CWE-667
 Improper Locking 		CVE-2024-0641 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:47
2024-01-18 		Show GitHub Exploit DB Packet Storm
113 5.5
- 		MEDIUM
Local 		A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to… CWE-667
 Improper Locking 		CVE-2024-0639 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:47
2024-01-18 		Show GitHub Exploit DB Packet Storm
114 7.8
- 		HIGH
Local 		An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows… CWE-787
 Out-of-bounds Write 		CVE-2024-0646 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-25 19:44
2024-01-18 		Show GitHub Exploit DB Packet Storm
115 5.5
- 		MEDIUM
Local 		A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malici… CWE-416
 Use After Free 		CVE-2024-0232 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:46
2024-01-16 		Show GitHub Exploit DB Packet Storm
116 7.5
- 		HIGH
Network 		A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issu… CWE-203
 Information Exposure Through Discrepancy 		CVE-2024-0553 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:46
2024-01-16 		Show GitHub Exploit DB Packet Storm
117 7.8
- 		HIGH
Local 		A use-after-free flaw was found in the Linux Kernel. When a disk is removed, bdi_unregister is called to stop further write-back and waits for associated delayed work to complete. However, wb_inode_w… CWE-416
 Use After Free 		CVE-2024-0562 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:46
2024-01-16 		Show GitHub Exploit DB Packet Storm
118 6.8
- 		MEDIUM
Physics 		An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protectio… CWE-290
 Authentication Bypass by Spoofing 		CVE-2023-4001 cpe:2.3:o:redhat:enterprise_linux:9.0:* 2024-11-21 17:34
2024-01-15 		Show GitHub Exploit DB Packet Storm
119 5.5
- 		MEDIUM
Local 		A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a missing ch… CWE-476
 NULL Pointer Dereference 		CVE-2023-6915 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:44
2024-01-15 		Show GitHub Exploit DB Packet Storm
120 5.5
- 		MEDIUM
Local 		Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root. NVD-CWE-noinfo
CVE-2024-23301 cpe:2.3:o:redhat:enterprise_linux:9.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:* 		2024-11-21 17:57
2024-01-13 		Show GitHub Exploit DB Packet Storm