Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Red Hat Enterprise Linux Number Of NVD 1711 CRITICAL 141 HIGH 603 MEDIUM 814 LOW 152
URL https://www.redhat.com/technologies/linux-platforms/enterprise-linux
Explanation Full support is 5.5 years from release.
Maintenance support (security updates only) is for 3.5 years.
After that, extended support is available for a fee.
Tag
  • Linux
  • 商用ライセンス有り

Add Information URL
No Type Name URL
1 https://access.redhat.com/ja/articles/16476
2 https://access.redhat.com/support/policy/updates/errata
3 https://access.redhat.com/articles/3078
4 https://access.redhat.com/security
5 https://access.redhat.com/errata/#/?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
521 Red Hat Enterprise Linux 10.2 10.2 May 19, 2026 May 20, 2025 8 24 16 3
522 Red Hat Enterprise Linux 9 9.7 Nov. 11, 2025 May 17, 2022 10 140 183 18
523 Red Hat Enterprise Linux 8 8.10 May 22, 2024 May 7, 2019 May 30, 2029 49 327 454 51
524 Red Hat Enterprise Linux 7 7.9 Sept. 29, 2020 Dec. 11, 2013 Aug. 6, 2020 June 30, 2024 97 283 280 47
525 Red Hat Enterprise Linux 6 6.10 June 19, 2018 Nov. 9, 2010 May 10, 2022 Nov. 30, 2020 June 30, 2024 77 176 212 56
526 Red Hat Enterprise Linux 5 5.11 Sept. 16, 2014 March 15, 2007 March 31, 2017 Nov. 30, 2020 24 59 89 40
527 Red Hat Enterprise Linux 4 4.5 Feb. 29, 2012 March 31, 2017 5 30 29 16
528 Red Hat Enterprise Linux 3 3.0 0 33 44 17
529 Red Hat Enterprise Linux 2 2.1 Update 7 April 28, 2005 0 32 37 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
521 6.4
6.9
MEDIUM
Local
A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregist… - CVE-2021-3573 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux…
2024-11-21 15:21
2021-08-13
Show GitHub Exploit DB Packet Storm
522 9.8
7.5
CRITICAL
Network
Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages. CWE-787
 Out-of-bounds Write
CVE-2021-20314 cpe:2.3:o:redhat:enterprise_linux:7.0:* 2024-11-21 14:46
2021-08-13
Show GitHub Exploit DB Packet Storm
523 7.8
7.2
HIGH
Local
In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the… CWE-120
Classic Buffer Overflow
CVE-2021-38160 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 15:16
2021-08-7
Show GitHub Exploit DB Packet Storm
524 3.3
2.1
LOW
Local
A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. CWE-20
 Improper Input Validation 
CVE-2021-3655 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 15:22
2021-08-6
Show GitHub Exploit DB Packet Storm
525 7.5
5.0
HIGH
Network
A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash an… - CVE-2021-3580 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*
2024-11-21 15:21
2021-08-6
Show GitHub Exploit DB Packet Storm
526 8.5
6.0
HIGH
Network
A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue bein… - CVE-2021-3682 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*
2024-11-21 15:22
2021-08-6
Show GitHub Exploit DB Packet Storm
527 5.5
2.1
MEDIUM
Local
A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (… CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2021-3679 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 15:22
2021-08-6
Show GitHub Exploit DB Packet Storm
528 7.1
5.5
HIGH
Network
A flaw was found in the ptp4l program of the linuxptp package. When ptp4l is operating on a little-endian architecture as a PTP transparent clock, a remote attacker could send a crafted one-step sync… CWE-125
Out-of-bounds Read
CVE-2021-3571 cpe:2.3:o:redhat:enterprise_linux:8.0:* 2024-11-21 15:21
2021-07-9
Show GitHub Exploit DB Packet Storm
529 7.8
7.2
HIGH
Local
An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user t… CWE-787
 Out-of-bounds Write
CVE-2021-3612 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*
2024-11-21 15:21
2021-07-9
Show GitHub Exploit DB Packet Storm
530 8.8
8.0
HIGH
Network
A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or pote… CWE-787
 Out-of-bounds Write
CVE-2021-3570 cpe:2.3:o:redhat:enterprise_linux:8.0:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*
cpe:2.3:o:redhat:enterprise_linux…
2024-11-21 15:21
2021-07-9
Show GitHub Exploit DB Packet Storm