Red Hat Enterprise Linux Ai
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Red Hat Enterprise Linux Ai.
Recent Red Hat Enterprise Linux Ai Security Advisories
| Advisory | Title | Published |
|---|---|---|
| RHSA-2026:10141 | (RHSA-2026:10141) Red Hat Enterprise Linux AI 3.3.1 | April 23, 2026 |
| RHSA-2026:10140 | (RHSA-2026:10140) Red Hat Enterprise Linux AI 3.3.1 | April 23, 2026 |
| RHSA-2025:19429 | (RHSA-2025:19429) Red Hat Enterprise Linux AI 1.5 (NVIDIA) | November 3, 2025 |
| RHSA-2025:19427 | (RHSA-2025:19427) Red Hat Enterprise Linux AI 1.5 (AMD) | November 3, 2025 |
| RHSA-2025:19430 | (RHSA-2025:19430) Red Hat Enterprise Linux AI 1.5 (NVIDIA) | November 3, 2025 |
| RHSA-2025:19426 | (RHSA-2025:19426) Red Hat Enterprise Linux AI 1.5 (NVIDIA) | November 3, 2025 |
| RHSA-2025:19428 | (RHSA-2025:19428) Red Hat Enterprise Linux AI 1.5 (NVIDIA) | November 3, 2025 |
| RHSA-2025:19425 | (RHSA-2025:19425) Red Hat Enterprise Linux AI 1.5 (AMD) | November 3, 2025 |
| RHSA-2025:19424 | (RHSA-2025:19424) Red Hat Enterprise Linux AI 1.5 (AMD) | November 3, 2025 |
| RHSA-2025:19423 | (RHSA-2025:19423) Red Hat Enterprise Linux AI 1.5 (NVIDIA) | November 3, 2025 |
By the Year
In 2026 there have been 3 vulnerabilities in Red Hat Enterprise Linux Ai with an average score of 7.5 out of ten. Last year, in 2025 Enterprise Linux Ai had 2 security vulnerabilities published. That is, 1 more vulnerability have already been reported in 2026 as compared to last year. However, the average CVE base score of the vulnerabilities in 2026 is greater by 2.07.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 3 | 7.47 |
| 2025 | 2 | 5.40 |
| 2024 | 4 | 6.18 |
It may take a day or so for new Enterprise Linux Ai vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Red Hat Enterprise Linux Ai Security Vulnerabilities
InstructLab: Arbitrary Code Exec via trust_remote_code True
CVE-2026-6859
8.8 - High
- April 22, 2026
A flaw was found in InstructLab. The `linux_train.py` script hardcodes `trust_remote_code=True` when loading models from HuggingFace. This allows a remote attacker to achieve arbitrary Python code execution by convincing a user to run `ilab train/download/generate` with a specially crafted malicious model from the HuggingFace Hub. This vulnerability can lead to complete system compromise.
Inclusion of Functionality from Untrusted Control Sphere
InstructLab: Path Traversal in logs_dir Enables Local File Write
CVE-2026-6855
7.1 - High
- April 22, 2026
A flaw was found in InstructLab. A local attacker could exploit a path traversal vulnerability in the chat session handler by manipulating the `logs_dir` parameter. This allows the attacker to create new directories and write files to arbitrary locations on the system, potentially leading to unauthorized data modification or disclosure.
Directory traversal
CVE-2026-6385 FFmpeg DVD Subtitle Signed Int Overflow -> Heap OOB Write
CVE-2026-6385
6.5 - Medium
- April 15, 2026
A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability is caused by a signed integer overflow in the DVD subtitle parser's fragment reassembly bounds checks, leading to a heap out-of-bounds write. Successful exploitation can result in a denial of service (DoS) due to an application crash, and potentially lead to arbitrary code execution.
Integer Overflow or Wraparound
vLLM MediaConnector SSRF via load_from_url
CVE-2025-6242
7.1 - High
- October 07, 2025
A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The load_from_url and load_from_url_async methods fetch and process media from user-provided URLs without adequate restrictions on the target hosts. This allows an attacker to coerce the vLLM server into making arbitrary requests to internal network resources.
SSRF
CIRCL FourQ RCE via Low-Order Point Injection in Diffie-Hellman
CVE-2025-8556
3.7 - Low
- August 06, 2025
A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange.
Improper Validation of Specified Type of Input
Ansible-Core Unsafe Content Protection Bypass via Hostvars Object
CVE-2024-11079
5.5 - Medium
- November 12, 2024
A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playbooks.
Improper Input Validation
vLLM API crash via empty prompt causes DoS
CVE-2024-8768
7.5 - High
- September 17, 2024
A flaw was found in the vLLM library. A completions API request with an empty prompt will crash the vLLM API server, resulting in a denial of service.
assertion failure
DoS via best_of overuse in ilab vllm API
CVE-2024-8939
6.2 - Medium
- September 17, 2024
A vulnerability was found in the ilab model serve component, where improper handling of the best_of parameter in the vllm JSON web API can lead to a Denial of Service (DoS). The API used for LLM-based sentence or chat completion accepts a best_of parameter to return the best completion from several options. When this parameter is set to a large value, the API does not handle timeouts or resource exhaustion properly, allowing an attacker to cause a DoS by consuming excessive system resources. This leads to the API becoming unresponsive, preventing legitimate users from accessing the service.
Resource Exhaustion
Ansible include_vars leak: Vault secrets exposed in logs
CVE-2024-8775
5.5 - Medium
- September 14, 2024
A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as include_vars to load vaulted variables without setting the no_log: true parameter, resulting in sensitive data being printed in the playbook output or logs. This can lead to the unintentional disclosure of secrets like passwords or API keys, compromising security and potentially allowing unauthorized access or actions.
Insertion of Sensitive Information into Log File
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Red Hat Enterprise Linux Ai or by Red Hat? Click the Watch button to subscribe.
