Security Bulletins

Red Hat Product Security strives to provide the most actionable information to help you make appropriate risk-based decisions. There are vulnerabilities that may require more contextual information to help in the decision-making process, so specialized Security Bulletins are created to offer the best experience and information possible. Here you will fix these bulletins which aggregate information, diagnostic tools, and updates in one easy to understand interface. In addition, when new product releases are made available that have security fixes included, these Security Bulletins will highlight those fixes to assist in decisions about upgrading to newer versions.

A full list of all CVEs affecting Red Hat Products can be found in our CVE Database.

Browse Red Hat CVES

Topic	Impact	Status	Public Date Sort descending
Use-after-free in the IPv6 implementation of the DCCP protocol in the Linux kernel - CVE-2017-6074	Important	Resolved	Tuesday, February 21, 2017 - 19:00
Local kernel privilege escalation in the HDLC TTY line discipline implementation - CVE-2017-2636	Important	Resolved	Monday, March 6, 2017 - 19:00
openstack-glance API v1 copy_from() has SSRF flaw - CVE-2017-7200	Moderate	Resolved	Tuesday, March 14, 2017 - 20:00
Samba - Loading shared modules from any path in the system leading to Remote Code Execution. - CVE-2017-7494	Important	Resolved	Tuesday, May 23, 2017 - 20:00
sudo: Privilege escalation via improper get_process_ttyname() parsing	Important	Resolved	Monday, May 29, 2017 - 20:00
Stack Guard Page Circumvention Affecting Multiple Packages	Important	Resolved	Sunday, June 18, 2017 - 20:00
Kernel slab corruption in the inotify subsystem of the linux Linux kernel - CVE-2017-7533	Important	Resolved	Wednesday, August 2, 2017 - 20:00
Blueborne - Linux Kernel Remote Denial of Service in Bluetooth subsystem - CVE-2017-1000251	Important	Resolved	Monday, September 11, 2017 - 20:00
CVE-2017-1000253 - load_elf_binary does not allocate sufficient space	Important	Resolved	Monday, September 25, 2017 - 20:00
dnsmasq: Multiple Critical and Important vulnerabilities	Critical	Resolved	Sunday, October 1, 2017 - 20:00
Solr/Lucene -security bypass to access sensitive data - CVE-2017-12629	Critical	Resolved	Wednesday, October 11, 2017 - 20:00
KRACKs - wpa_supplicant Multiple Vulnerabilities	Important	Resolved	Sunday, October 15, 2017 - 20:00
"Dirty COW" variant on transparent huge pages - CVE-2017-1000405	Important	Resolved	Wednesday, November 29, 2017 - 19:00
Possible RCE via Heketi server API - CVE-2017-15103	Important	Resolved	Sunday, December 17, 2017 - 19:00
Meltdown & Spectre - Kernel Side-Channel Attacks - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715	Important	Resolved	Wednesday, January 3, 2018 - 17:00
OpenShift Source-To-Image Vulnerability - CVE-2018-1102	Critical	Resolved	Thursday, April 26, 2018 - 20:00
POP SS debug exception - CVE-2018-8897 [Moderate] & CVE-2018-1087 [Important]	Important	Resolved	Monday, May 7, 2018 - 20:00
DHCP Client Script Code Execution Vulnerability - CVE-2018-1111	Critical	Resolved	Tuesday, May 15, 2018 - 08:00
Kernel Side-Channel Attack using Speculative Store Bypass - CVE-2018-3639	Important	Resolved	Monday, May 21, 2018 - 17:00
L1TF - L1 Terminal Fault Attack - CVE-2018-3620 & CVE-2018-3646	Important	Resolved	Tuesday, August 14, 2018 - 13:00

Select Your Language

Security Bulletins

Quick Links

Help

Site Info

Related Sites

About

Red Hat legal and privacy links

Red Hat legal and privacy links

Security Bulletins

Quick Links

Help

Site Info

Related Sites

Systems Status

About

Red Hat legal and privacy links

Red Hat legal and privacy links