RED HAT — Vulnerabilities & Security Advisories 694

Browse all 694 CVE security advisories affecting RED HAT. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Red Hat operates primarily as a provider of open-source enterprise software solutions, most notably its Linux operating system and container platforms. With 688 recorded Common Vulnerabilities and Exposures, the organization’s historical attack surface frequently involves remote code execution, cross-site scripting, and privilege escalation flaws within its middleware and management tools. These vulnerabilities often stem from complex codebases and third-party dependencies integrated into its distribution. Security characteristics are defined by a rigorous patching lifecycle and the Red Hat Security Response Team, which issues timely advisories for critical issues. While major public breaches directly attributed to Red Hat core infrastructure are rare, individual component flaws have occasionally allowed attackers to gain unauthorized access or execute arbitrary commands. The company maintains a strong reputation for transparency, providing detailed technical guidance to help administrators mitigate risks associated with its widely deployed enterprise technologies.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-5824	Squid: dos against http and https — Red Hat Enterprise Linux 8CWE-755	7.5	High	2023-11-03
CVE-2023-5178	Kernel: use after free in nvmet_tcp_free_crypto in nvme — Red Hat Enterprise Linux 8CWE-416	8.8	High	2023-11-01
CVE-2023-4693	Grub2: out-of-bounds read at fs/ntfs.c — Red Hat Enterprise Linux 8CWE-125	5.3	Medium	2023-10-25
CVE-2023-5633	Kernel: vmwgfx: reference count issue leads to use-after-free in surface handling — Red Hat Enterprise Linux 8CWE-911	7.8	High	2023-10-23
CVE-2023-5557	Tracker-miners: sandbox escape — Red Hat Enterprise Linux 8CWE-693	7.5	High	2023-10-13
CVE-2023-39193	Kernel: netfilter: xtables sctp out-of-bounds read in match_flags() — Red Hat Enterprise Linux 8CWE-125	6.1	Medium	2023-10-09
CVE-2023-39194	Kernel: xfrm: out-of-bounds read in __xfrm_state_filter_match() — Red Hat Enterprise Linux 8CWE-125	3.2	Low	2023-10-09
CVE-2023-39192	Kernel: netfilter: xtables out-of-bounds read in u32_match_it() — Red Hat Enterprise Linux 8CWE-125	6.7	Medium	2023-10-09
CVE-2023-39189	Kernel: netfilter: nftables out-of-bounds read in nf_osf_match_one() — Red Hat Enterprise Linux 8CWE-125	5.1	Medium	2023-10-09
CVE-2023-42755	Kernel: rsvp: out-of-bounds read in rsvp_classify() — Red Hat Enterprise Linux 8CWE-125	6.5	Medium	2023-10-05
CVE-2023-42754	Kernel: ipv4: null pointer dereference in ipv4_send_dest_unreach() — Red Hat Enterprise Linux 8CWE-476	5.5	Medium	2023-10-05
CVE-2023-4732	Kernel: race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode bug in include/linux/swapops.h — Red Hat Enterprise Linux 8CWE-366	4.7	Medium	2023-10-03
CVE-2023-5157	Mariadb: node crashes with transport endpoint is not connected mysqld got signal 6 — Red Hat Enterprise Linux 8CWE-400	7.5	High	2023-09-26
CVE-2023-4806	Glibc: potential use-after-free in getaddrinfo() — Red Hat Enterprise Linux 8CWE-416	5.9	Medium	2023-09-18
CVE-2023-4527	Glibc: stack read overflow in getaddrinfo in no-aaaa mode — Red Hat Enterprise Linux 8CWE-121	6.5	Medium	2023-09-18
CVE-2023-3255	Qemu: vnc: infinite loop in inflate_buffer() leads to denial of service — Red Hat Enterprise Linux 8CWE-835	6.5	Medium	2023-09-13
CVE-2023-4813	Glibc: potential use-after-free in gaih_inet() — Red Hat Enterprise Linux 8CWE-416	5.9	Medium	2023-09-12
CVE-2023-4042	Ghostscript: incomplete fix for cve-2020-16305 — Red Hat Enterprise Linux 8CWE-125	5.5	Medium	2023-08-23
CVE-2023-4387	Kernel: vmxnet3: use-after-free in vmxnet3_rq_alloc_rx_buf() — Red Hat Enterprise Linux 8CWE-416	7.1	High	2023-08-16
CVE-2023-39418	Postgresql: merge fails to enforce update or select row security policies — Red Hat Enterprise Linux 8CWE-1220	3.1	Low	2023-08-11
CVE-2023-4132	Kernel: smsusb: use-after-free caused by do_submit_urb() — Red Hat Enterprise Linux 8CWE-416	5.5	Medium	2023-08-03
CVE-2023-4133	Kernel: cxgb4: use-after-free in ch_flower_stats_cb() — Red Hat Enterprise Linux 8CWE-416	5.5	Medium	2023-08-03
CVE-2023-38559	Ghostscript: out-of-bound read in base/gdevdevn.c:1973 in devn_pcx_write_rle could result in dos — Red Hat Enterprise Linux 8CWE-125	5.5	Medium	2023-08-01
CVE-2023-4004	Kernel: netfilter: use-after-free due to improper element removal in nft_pipapo_remove() — Red Hat Enterprise Linux 8CWE-416	7.8	High	2023-07-31
CVE-2023-3772	Kernel: xfrm: null pointer dereference in xfrm_update_ae_params() — Red Hat Enterprise Linux 8CWE-476	5.5	Medium	2023-07-25
CVE-2023-33951	Kernel: vmwgfx: race condition leading to information disclosure vulnerability — Red Hat Enterprise Linux 8CWE-413	6.7	Medium	2023-07-24
CVE-2023-3812	Kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags — Red Hat Enterprise Linux 8CWE-787	7.8	High	2023-07-24
CVE-2023-3019	Qemu: e1000e: heap use-after-free in e1000e_write_packet_to_guest() — Red Hat Enterprise Linux 8CWE-416	6.0	Medium	2023-07-24
CVE-2023-3567	Kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race — Red Hat Enterprise Linux 8CWE-416	7.1	High	2023-07-24
CVE-2023-33952	Kernel: vmwgfx: double free within the handling of vmw_buffer_object objects — Red Hat Enterprise Linux 8CWE-415	6.7	Medium	2023-07-24

This page lists every published CVE security advisory associated with RED HAT. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

RED HAT — Vulnerabilities & Security Advisories 694