Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Red Hat Enterprise Linux 8 — Vulnerabilities & Security Advisories 66

All 66 CVE vulnerabilities found in Red Hat Enterprise Linux 8, with AI-generated Chinese analysis, references, and POCs.

This page documents security vulnerabilities affecting the Red Hat Enterprise Linux 8 operating system, specifically categorized under the Common Weakness Enumeration (CWE) framework. It aggregates data regarding known flaws, configuration errors, and implementation bugs that have been identified within this specific enterprise-grade Linux distribution. The content covers vulnerabilities reported and analyzed from the initial release period up to the present date, ensuring a comprehensive historical perspective on the security posture of the platform. Here, users can track vendor advisories issued by Red Hat to understand the timeline of remediation efforts. The page also facilitates a deeper understanding of specific weakness classes by providing context on how particular CWE types manifest in real-world kernel and user-space components of RHEL 8. Additionally, visitors can look up a product's vulnerability history to assess long-term security trends and the effectiveness of patch management strategies over time. This resource serves as a centralized reference for security professionals, system administrators, and compliance officers who need to evaluate risks associated with this widely deployed enterprise operating system. The information is organized to support efficient decision-making regarding updates, mitigations, and architectural adjustments, allowing stakeholders to maintain a robust defense against emerging threats targeting the RHEL 8 ecosystem.

Vendor: Red Hat

CVE IDTitleCVSSSeverityPublished
CVE-2026-4887 Gimp: gimp:memory disclosure and denial of service via specially crafted pcx image CWE-193 6.1 Medium2026-03-26
CVE-2024-3446 Qemu: virtio: dma reentrancy issue leads to double free vulnerability CWE-415 8.2 High2024-04-09
CVE-2023-7250 Iperf3: possible denial of service CWE-183 5.3 Medium2024-03-18
CVE-2023-6681 Jwcrypto: denail of service via specifically crafted jwe CWE-400 5.3 Medium2024-02-12
CVE-2023-6536 Kernel: null pointer dereference in __nvmet_req_complete CWE-476 6.5 Medium2024-02-07
CVE-2023-6535 Kernel: null pointer dereference in nvmet_tcp_execute_request CWE-476 6.5 Medium2024-02-07
CVE-2023-6356 Kernel: null pointer dereference in nvmet_tcp_build_iovec CWE-476 6.5 Medium2024-02-07
CVE-2023-6240 Kernel: marvin vulnerability side-channel leakage in the rsa decryption operation CWE-203 6.5 Medium2024-02-04
CVE-2023-5992 Opensc: side-channel leaks while stripping encryption pkcs#1 padding CWE-203 5.6 Medium2024-01-31
CVE-2024-0841 Kernel: hugetlbfs: null pointer dereference in hugetlbfs_fill_super function CWE-476 6.6 Medium2024-01-28
CVE-2023-6915 Kernel: null pointer dereference vulnerability in ida_free in lib/idr.c CWE-476 6.2 Medium2024-01-15
CVE-2023-6683 Qemu: vnc: null pointer dereference in qemu_clipboard_request() CWE-476 6.5 Medium2024-01-12
CVE-2023-6004 Libssh: proxycommand/proxyjump features allow injection of malicious code through hostname CWE-74 4.8 Medium2024-01-03
CVE-2023-6693 Qemu: virtio-net: stack buffer overflow in virtio_net_flush_tx() CWE-121 4.9 Medium2024-01-02
CVE-2023-7008 Systemd-resolved: unsigned name response in signed zone is not refused when dnssec=yes CWE-300 5.9 Medium2023-12-23
CVE-2023-6546 Kernel: gsm multiplexing race condition leads to privilege escalation CWE-366 7.0 High2023-12-21
CVE-2023-6918 Libssh: missing checks for return values for digests CWE-252 3.7 Low2023-12-18
CVE-2023-6228 Libtiff: heap-based buffer overflow in cpstriptotile() in tools/tiffcp.c CWE-787 3.3 Low2023-12-18
CVE-2023-6622 Kernel: null pointer dereference vulnerability in nft_dynset_init() CWE-476 5.5 Medium2023-12-08
CVE-2023-6610 Kernel: oob access in smb2_dump_detail CWE-125 7.1 High2023-12-08
CVE-2023-6606 Kernel: out-of-bounds read vulnerability in smbcalcsize CWE-125 7.1 High2023-12-08
CVE-2023-5981 Gnutls: timing side-channel in the rsa-psk authentication CWE-208 5.9 Medium2023-11-28
CVE-2023-6176 Kernel: local dos vulnerability in scatterwalk_copychunks 4.7 Medium2023-11-16
CVE-2023-6121 Kernel: nvme: info leak due to out-of-bounds read in nvmet_ctrl_find_get CWE-125 4.3 Medium2023-11-16
CVE-2023-39198 Kernel: qxl: race condition leading to use-after-free in qxl_mode_dumb_create() CWE-416 7.5 High2023-11-09
CVE-2023-5090 Kernel: kvm: svm: improper check in svm_set_x2apic_msr_interception allows direct access to host x2apic msrs CWE-755 6.0 Medium2023-11-06
CVE-2023-5088 Qemu: improper ide controller reset can lead to mbr overwrite CWE-821 6.4 Medium2023-11-03
CVE-2023-3961 Samba: smbd allows client access to unix domain sockets on the file system as root CWE-22 9.1 Critical2023-11-03
CVE-2023-1476 Kpatch: mm/mremap.c: incomplete fix for cve-2022-41222 CWE-416 7.0 High2023-11-03
CVE-2023-4091 Samba: smb clients can truncate files with read-only permissions CWE-276 6.5 Medium2023-11-03

All 66 known CVE vulnerabilities affecting Red Hat Enterprise Linux 8 with full Chinese analysis, references, and POCs where available.