Software Detail

Software Informaton Top

Operating Systems

Software Detail

Red Hat Enterprise Linux

Number Of NVD

1701

CRITICAL

140

HIGH

597

MEDIUM

812

LOW

151

URL	https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation	Full support is 5.5 years from release. Maintenance support (security updates only) is for 3.5 years. After that, extended support is available for a fee.
Tag	Linux 商用ライセンス有り

Add Information URL

No	Type	Name	URL
1			https://access.redhat.com/ja/articles/16476
2			https://access.redhat.com/support/policy/updates/errata
3			https://access.redhat.com/articles/3078
4			https://access.redhat.com/security
5			https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Security Support Service Pack Support	Extended for a fee	Critical	High	Medium	Low
121	Red Hat Enterprise Linux 9	9.7	Nov. 11, 2025	May 17, 2022				9	134	181	17
122	Red Hat Enterprise Linux 8	8.10	May 22, 2024	May 7, 2019	May 30, 2029			48	321	452	50
123	Red Hat Enterprise Linux 7	7.9	Sept. 29, 2020	Dec. 11, 2013	Aug. 6, 2020	June 30, 2024		96	277	278	46
124	Red Hat Enterprise Linux 6	6.10	June 19, 2018	Nov. 9, 2010	May 10, 2022	Nov. 30, 2020	June 30, 2024	76	170	210	55
125	Red Hat Enterprise Linux 5	5.11	Sept. 16, 2014	March 15, 2007	March 31, 2017		Nov. 30, 2020	24	59	89	40
126	Red Hat Enterprise Linux 4	4.5			Feb. 29, 2012		March 31, 2017	5	30	29	16
127	Red Hat Enterprise Linux 3	3.0						0	33	44	17
128	Red Hat Enterprise Linux 2	2.1 Update 7	April 28, 2005					0	32	37	6

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
121	6.5 -	MEDIUM Network	A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemu_clipboard_request() function can be reached before vnc_server_cut_text_caps() was called and had the…	CWE-476 NULL Pointer Dereference	CVE-2023-6683	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 17:44 2024-01-13	Show	GitHub Exploit DB Packet Storm

122	5.5 -	MEDIUM Local	A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. When a cgroup is being destroyed, cgroup_rstat_flush() is o…	CWE-668 Exposure of Resource to Wrong Sphere	CVE-2024-0443	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 17:46 2024-01-12	Show	GitHub Exploit DB Packet Storm

123	6.5 -	MEDIUM Network	A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could p…	CWE-352 Origin Validation Error	CVE-2023-5455	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.4:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 17:41 2024-01-10	Show	GitHub Exploit DB Packet Storm

124	7.8 -	HIGH Local	It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use th…	CWE-125 CWE-787 Out-of-bounds Read Out-of-bounds Write	CVE-2021-3600	cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 15:21 2024-01-9	Show	GitHub Exploit DB Packet Storm

125	4.8 -	MEDIUM Local	A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code in…	CWE-74 Injection	CVE-2023-6004	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 17:42 2024-01-4	Show	GitHub Exploit DB Packet Storm

126	3.3 -	LOW Local	A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions t…	CWE-416 Use After Free	CVE-2024-0217	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 17:46 2024-01-4	Show	GitHub Exploit DB Packet Storm

127	4.4 -	MEDIUM Local	A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause…	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2023-7192	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 17:45 2024-01-3	Show	GitHub Exploit DB Packet Storm

128	6.7 -	MEDIUM Local	A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This…	CWE-416 Use After Free	CVE-2024-0193	cpe:2.3:o:redhat:enterprise_linux:9.0:*	2024-11-21 17:46 2024-01-3	Show	GitHub Exploit DB Packet Storm

129	5.3 -	MEDIUM Local	A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_V…	CWE-787 Out-of-bounds Write	CVE-2023-6693	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…	2024-11-21 17:44 2024-01-2	Show	GitHub Exploit DB Packet Storm

130	5.5 -	MEDIUM Local	A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to …	CWE-287 Improper Authentication	CVE-2023-4641	cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*	2024-11-21 17:35 2023-12-28	Show	GitHub Exploit DB Packet Storm