Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Red Hat Enterprise Linux 6 — Vulnerabilities & Security Advisories 35

All 35 CVE vulnerabilities found in Red Hat Enterprise Linux 6, with AI-generated Chinese analysis, references, and POCs.

This page documents known security weaknesses affecting the Red Hat Enterprise Linux 6 product line, specifically categorized under general operating system vulnerabilities. It serves as a centralized repository for understanding the security posture and historical remediation efforts associated with this legacy enterprise operating system. The content collected herein encompasses a wide variety of vulnerability types, including buffer overflows, privilege escalation flaws, information disclosures, and input validation errors that may lead to remote code execution or denial of service. The data spans the entire lifecycle of Red Hat Enterprise Linux 6, covering issues discovered and addressed from its initial release through the end of general support, ensuring a comprehensive view of the product's security history. By reviewing this aggregation, users can effectively track vendor advisories issued by Red Hat, including errata notices and security updates that mitigate these risks. It allows security professionals and system administrators to understand the specific characteristics of each weakness class as it applies to this environment, facilitating better risk assessment and patch management decisions. Furthermore, the page provides a chronological look at a product’s vulnerability history, helping teams identify persistent security patterns or recurring issues within the codebase. This resource is essential for compliance auditing, post-incident analysis, and maintaining a secure configuration for systems still running or migrating away from this platform, ensuring that all known defects are accounted for in security planning and remediation strategies.

Vendor: Red Hat

CVE IDTitleCVSSSeverityPublished
CVE-2025-66286 Webkitgtk: authorization bypass through webpage::send-request signal handler CWE-639 4.7 Medium2026-04-23
CVE-2026-6384 Gimp: gimp: arbitrary code execution or denial of service via buffer overflow in gif image processing CWE-120 7.3 High2026-04-15
CVE-2026-40919 Gimp: gimp: denial of service via specially crafted seattle filmworks file CWE-787 6.1 Medium2026-04-15
CVE-2026-40918 Gimp: gimp: denial of service via crafted pvr image file CWE-131 5.5 Medium2026-04-15
CVE-2026-40917 Gimp: gimp: application crashes or information disclosure via crafted icns image files CWE-125 5.0 Medium2026-04-15
CVE-2026-40916 Gimp: gimp: denial of service due to stack buffer overflow in tim image loader CWE-787 5.0 Medium2026-04-15
CVE-2026-40915 Gimp: gimp: heap buffer overflow due to integer overflow in fits image loader CWE-190 5.5 Medium2026-04-15
CVE-2026-2272 Gimp: gimp: memory corruption due to integer overflow in ico file handling CWE-190 4.3 Medium2026-03-26
CVE-2026-2271 Gimp: gimp: denial of service via crafted psp image file CWE-190 3.3 Low2026-03-26
CVE-2024-43168 Unbound: heap-buffer-overflow in unbound CWE-122 4.8 Medium2024-08-08
CVE-2024-43167 Unbound: null pointer dereference in unbound CWE-476 2.8 Low2024-08-08
CVE-2024-1013 Unixodbc: out of bounds stack write due to pointer-to-integer types conversion CWE-823 7.8 High2024-03-18
CVE-2023-7216 Cpio: extraction allows symlinks which enables remote command execution CWE-59 5.3 Medium2024-02-05
CVE-2023-39197 Kernel: dccp: conntrack out-of-bounds read in nf_conntrack_dccp_packet() CWE-125 4.0 Medium2024-01-23
CVE-2023-6270 Kernel: aoe: improper reference count leads to use-after-free vulnerability CWE-416 7.0 High2024-01-04
CVE-2023-7042 Kernel: null pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() CWE-476 4.4 Medium2023-12-21
CVE-2023-6277 Libtiff: out-of-memory in tiffopen via a craft file CWE-400 6.5 Medium2023-11-24
CVE-2023-5341 Imagemagick: heap use-after-free in coders/bmp.c CWE-416 6.2 Medium2023-11-19
CVE-2023-3397 Kernel: slab-use-after-free write in txend due to race condition CWE-416 7.0 High2023-11-01
CVE-2023-5568 Samba: heap buffer overflow with freshness tokens in the heimdal kdc CWE-122 5.9 Medium2023-10-24
CVE-2023-3428 Imagemagick: heap-buffer-overflow in coders/tiff.c CWE-122 6.2 Medium2023-10-04
CVE-2023-5156 Glibc: dos due to memory leak in getaddrinfo.c CWE-401 7.5 High2023-09-25
CVE-2023-4385 Kernel: jfs: null pointer dereference in dbfree() CWE-476 5.5 Medium2023-08-16
CVE-2023-38560 Ghostscript: integer overflow in pcl/pl/plfont.c:418 in pl_glyph_name CWE-190 5.5 Medium2023-08-01
CVE-2023-4010 Kernel: usb: hcd: malformed usb descriptor leads to infinite loop in usb_giveback_urb() CWE-835 4.6 Medium2023-07-31
CVE-2023-3745 Imagemagick: heap-buffer-overflow in pushcharpixel() in quantum-private.h CWE-125 5.5 Medium2023-07-24
CVE-2023-38252 W3m: out of bounds read in strnew_size() at w3m/str.c CWE-125 4.7 Medium2023-07-14
CVE-2023-3106 Kernel: netlink socket crash (null pointer deref) in netlink_dump function CWE-476 6.6 Medium2023-07-12
CVE-2023-3108 Kernel: a race condition in crypto module in the function skcipher_recvmsg 6.2 Medium2023-07-11
CVE-2012-0059 Spacewalk-backend: spacewalk-backend: information disclosure via cleartext passwords in error messages CWE-209 4.9 Medium2014-02-05

All 35 known CVE vulnerabilities affecting Red Hat Enterprise Linux 6 with full Chinese analysis, references, and POCs where available.