- Red Hat Customer Portal

Red Hat Product Security strives to provide the most actionable information to help you make appropriate risk-based decisions. There are vulnerabilities that may require more contextual information to help in the decision-making process, so specialized Security Bulletins are created to offer the best experience and information possible. Here you will fix these bulletins which aggregate information, diagnostic tools, and updates in one easy to understand interface. In addition, when new product releases are made available that have security fixes included, these Security Bulletins will highlight those fixes to assist in decisions about upgrading to newer versions.

A full list of all CVEs affecting Red Hat Products can be found in our CVE Database.

Browse Red Hat CVES

Topic	Impact	Status	Public Date
Solr/Lucene -security bypass to access sensitive data - CVE-2017-12629	Critical	Resolved	Thursday, October 12, 2017 (All day)
dnsmasq: Multiple Critical and Important vulnerabilities	Critical	Resolved	Monday, October 2, 2017 (All day)
CVE-2017-1000253 - load_elf_binary does not allocate sufficient space	Important	Resolved	Tuesday, September 26, 2017 (All day)
Blueborne - Linux Kernel Remote Denial of Service in Bluetooth subsystem - CVE-2017-1000251	Important	Resolved	Tuesday, September 12, 2017 (All day)
Kernel slab corruption in the inotify subsystem of the linux Linux kernel - CVE-2017-7533	Important	Resolved	Thursday, August 3, 2017 (All day)
Stack Guard Page Circumvention Affecting Multiple Packages	Important	Resolved	Monday, June 19, 2017 (All day)
sudo: Privilege escalation via improper get_process_ttyname() parsing	Important	Resolved	Tuesday, May 30, 2017 (All day)
Samba - Loading shared modules from any path in the system leading to Remote Code Execution. - CVE-2017-7494	Important	Resolved	Wednesday, May 24, 2017 (All day)
openstack-glance API v1 copy_from() has SSRF flaw - CVE-2017-7200	Moderate	Resolved	Wednesday, March 15, 2017 (All day)
Local kernel privilege escalation in the HDLC TTY line discipline implementation - CVE-2017-2636	Important	Resolved	Tuesday, March 7, 2017 (All day)
Use-after-free in the IPv6 implementation of the DCCP protocol in the Linux kernel - CVE-2017-6074	Important	Resolved	Wednesday, February 22, 2017 (All day)
On-entry container attack - CVE-2016-9962	Important	Resolved	Wednesday, January 11, 2017 (All day)
Kernel Local Privilege Escalation "Dirty COW" - CVE-2016-5195	Important	Resolved	Wednesday, October 19, 2016 (All day)
systemd - Denial of Service Vulnerability	Moderate	Resolved	Wednesday, September 28, 2016 (All day)
HTTPoxy - CGI "HTTP_PROXY" variable name clash	Important	Resolved	Monday, July 18, 2016 (All day)
Shared challenge ack vulnerability - CVE-2016-5696	Important	Resolved	Tuesday, July 12, 2016 (All day)
Director - Default root password set in Overcloud images - CVE-2016-4474	Important	Resolved	Monday, June 13, 2016 (All day)
ImageTragick - ImageMagick Filtering Vulnerability - CVE-2016-3714	Important	Resolved	Tuesday, May 3, 2016 (All day)
Badlock Security flaw in Samba - CVE-2016-2118	Important	Resolved	Tuesday, April 12, 2016 (All day)
DROWN - Cross-protocol attack on TLS using SSLv2 (CVE-2016-0800)	Important	Resolved	Tuesday, March 1, 2016 (All day)

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories

Pages