RED HAT — Vulnerabilities & Security Advisories 710

Browse all 710 CVE security advisories affecting RED HAT. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Red Hat operates primarily as a provider of open-source enterprise software solutions, most notably its Linux operating system and container platforms. With 688 recorded Common Vulnerabilities and Exposures, the organization’s historical attack surface frequently involves remote code execution, cross-site scripting, and privilege escalation flaws within its middleware and management tools. These vulnerabilities often stem from complex codebases and third-party dependencies integrated into its distribution. Security characteristics are defined by a rigorous patching lifecycle and the Red Hat Security Response Team, which issues timely advisories for critical issues. While major public breaches directly attributed to Red Hat core infrastructure are rare, individual component flaws have occasionally allowed attackers to gain unauthorized access or execute arbitrary commands. The company maintains a strong reputation for transparency, providing detailed technical guidance to help administrators mitigate risks associated with its widely deployed enterprise technologies.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-6277	Libtiff: out-of-memory in tiffopen via a craft file — Red Hat Enterprise Linux 6CWE-400	6.5	Medium	2023-11-24
CVE-2023-5341	Imagemagick: heap use-after-free in coders/bmp.c — Red Hat Enterprise Linux 6CWE-416	6.2	Medium	2023-11-19
CVE-2023-6176	Kernel: local dos vulnerability in scatterwalk_copychunks — Red Hat Enterprise Linux 8	4.7	Medium	2023-11-16
CVE-2023-6121	Kernel: nvme: info leak due to out-of-bounds read in nvmet_ctrl_find_get — Red Hat Enterprise Linux 8CWE-125	4.3	Medium	2023-11-16
CVE-2023-5189	Hub: insecure galaxy-importer tarfile extraction — Red Hat Ansible Automation Platform 2.4 for RHEL 8CWE-23	6.3	Medium	2023-11-14
CVE-2023-39198	Kernel: qxl: race condition leading to use-after-free in qxl_mode_dumb_create() — Red Hat Enterprise Linux 8CWE-416	7.5	High	2023-11-09
CVE-2023-4061	Wildfly-core: management user rbac permission allows unexpected reading of system-properties to an unauthorized actor — Red Hat JBoss Enterprise Application Platform 7CWE-200	6.5	Medium	2023-11-08
CVE-2023-4956	Quay: clickjacking on config-editor page severity — Red Hat Quay 3CWE-1021	6.5	Medium	2023-11-07
CVE-2023-4535	Opensc: out-of-bounds read in myeid driver handling encryption using symmetric keys — Red Hat Enterprise Linux 9CWE-125	4.5	Medium	2023-11-06
CVE-2023-4910	3scale-admin-portal: logged out users tokens can be accessed — Red Hat 3scale API Management Platform 2CWE-668	5.5	Medium	2023-11-06
CVE-2023-5090	Kernel: kvm: svm: improper check in svm_set_x2apic_msr_interception allows direct access to host x2apic msrs — Red Hat Enterprise Linux 8CWE-755	6.0	Medium	2023-11-06
CVE-2023-5088	Qemu: improper ide controller reset can lead to mbr overwrite — Red Hat Enterprise Linux 8CWE-821	6.4	Medium	2023-11-03
CVE-2023-3961	Samba: smbd allows client access to unix domain sockets on the file system as root — Red Hat Enterprise Linux 8CWE-22	9.1	Critical	2023-11-03
CVE-2023-1476	Kpatch: mm/mremap.c: incomplete fix for cve-2022-41222 — Red Hat Enterprise Linux 8CWE-416	7.0	High	2023-11-03
CVE-2023-5824	Squid: dos against http and https — Red Hat Enterprise Linux 8CWE-755	7.5	High	2023-11-03
CVE-2023-4091	Samba: smb clients can truncate files with read-only permissions — Red Hat Enterprise Linux 8CWE-276	6.5	Medium	2023-11-03
CVE-2023-5408	Openshift: modification of node role labels — Red Hat OpenShift Container Platform 4.11CWE-269	7.2	High	2023-11-02
CVE-2023-3397	Kernel: slab-use-after-free write in txend due to race condition — Red Hat Enterprise Linux 6CWE-416	7.0	High	2023-11-01
CVE-2023-5178	Kernel: use after free in nvmet_tcp_free_crypto in nvme — Red Hat Enterprise Linux 8CWE-416	8.8	High	2023-11-01
CVE-2023-3972	Insights-client: unsafe handling of temporary files and directories — Red Hat Enterprise Linux 7CWE-379	7.8	High	2023-11-01
CVE-2023-5625	Python-eventlet: patch regression for cve-2021-21419 in some red hat builds — Ironic content for Red Hat OpenShift Container Platform 4.12CWE-770	5.3	Medium	2023-11-01
CVE-2023-5574	Xorg-x11-server: use-after-free bug in damagedestroy — Red Hat Enterprise Linux 9CWE-416	7.0	High	2023-10-25
CVE-2023-5380	Xorg-x11-server: use-after-free bug in destroywindow — Red Hat Enterprise Linux 7CWE-416	4.7	Medium	2023-10-25
CVE-2023-5367	Xorg-x11-server: out-of-bounds write in xichangedeviceproperty/rrchangeoutputproperty — Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSIONCWE-787	7.8	High	2023-10-25
CVE-2023-4693	Grub2: out-of-bounds read at fs/ntfs.c — Red Hat Enterprise Linux 8CWE-125	5.3	Medium	2023-10-25
CVE-2023-5568	Samba: heap buffer overflow with freshness tokens in the heimdal kdc — Red Hat Enterprise Linux 6CWE-122	5.9	Medium	2023-10-24
CVE-2023-5633	Kernel: vmwgfx: reference count issue leads to use-after-free in surface handling — Red Hat Enterprise Linux 8CWE-911	7.8	High	2023-10-23
CVE-2023-5557	Tracker-miners: sandbox escape — Red Hat Enterprise Linux 8CWE-693	7.5	High	2023-10-13
CVE-2023-39194	Kernel: xfrm: out-of-bounds read in __xfrm_state_filter_match() — Red Hat Enterprise Linux 8CWE-125	3.2	Low	2023-10-09
CVE-2023-39193	Kernel: netfilter: xtables sctp out-of-bounds read in match_flags() — Red Hat Enterprise Linux 8CWE-125	6.1	Medium	2023-10-09

This page lists every published CVE security advisory associated with RED HAT. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

RED HAT — Vulnerabilities & Security Advisories 710