Security Bulletins

Red Hat Product Security strives to provide the most actionable information to help you make appropriate risk-based decisions. There are vulnerabilities that may require more contextual information to help in the decision-making process, so specialized Security Bulletins are created to offer the best experience and information possible. Here you will fix these bulletins which aggregate information, diagnostic tools, and updates in one easy to understand interface. In addition, when new product releases are made available that have security fixes included, these Security Bulletins will highlight those fixes to assist in decisions about upgrading to newer versions.

A full list of all CVEs affecting Red Hat Products can be found in our CVE Database.

Browse Red Hat CVES
Topic Impact Status Public Date Sort ascending
Machine Check Error on Page Size Change - CVE-2018-12207 Important Resolved
VHOST-NET GUEST TO HOST ESCAPE - Kernel vulnerability - CVE-2019-14835 Important Resolved
TCP SACK PANIC - Kernel vulnerabilities - CVE-2019-11477, CVE-2019-11478 & CVE-2019-11479 Important Resolved
MDS - Microarchitectural Data Sampling - CVE-2018-12130, CVE-2018-12126, CVE-2018-12127, and CVE-2019-11091 Important Resolved
runc - Malicious container escape - CVE-2019-5736 Important Resolved
Kubernetes privilege escalation and access to sensitive information in OpenShift products and services - CVE-2018-1002105 Critical Resolved
Mutagen Astronomy - Local privilege escalation - CVE-2018-14634 Important Resolved
L1TF - L1 Terminal Fault Attack - CVE-2018-3620 & CVE-2018-3646 Important Resolved
Kernel Side-Channel Attack using Speculative Store Bypass - CVE-2018-3639 Important Resolved
DHCP Client Script Code Execution Vulnerability - CVE-2018-1111 Critical Resolved
POP SS debug exception - CVE-2018-8897 [Moderate] & CVE-2018-1087 [Important] Important Resolved
OpenShift Source-To-Image Vulnerability - CVE-2018-1102 Critical Resolved
Meltdown & Spectre - Kernel Side-Channel Attacks - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715 Important Resolved
Possible RCE via Heketi server API - CVE-2017-15103 Important Resolved
"Dirty COW" variant on transparent huge pages - CVE-2017-1000405 Important Resolved
KRACKs - wpa_supplicant Multiple Vulnerabilities Important Resolved
Solr/Lucene -security bypass to access sensitive data - CVE-2017-12629 Critical Resolved
dnsmasq: Multiple Critical and Important vulnerabilities Critical Resolved
CVE-2017-1000253 - load_elf_binary does not allocate sufficient space Important Resolved
Blueborne - Linux Kernel Remote Denial of Service in Bluetooth subsystem - CVE-2017-1000251 Important Resolved