Each year, Red Hat Product Security reflects back and reviews the vulnerabilities that impacted our products. We’ve shared the results of this analysis in our annual Red Hat Product Security Risk report.
Looking back, 2018 was a busy year in the field of incident response and vulnerability management. Many high-profile issues were discovered that had broad-reaching impacts to operations in all sectors, from traditional data-centers all the way out to the edges of the cloud. Customers potentially affected by issues with kernels, Kubernetes and others looked to Red Hat to help understand the potential to impact their operations.
Our annual risk report provides context for these security-related flaws, informs you how/if our products were affected by major vulnerabilities over the past year, and elaborates on our methodology for identifying potential impact on our customers. Our philosophy of providing clear advice and analysis along with our security errata has continued as we have faced an increased number of new exploits and vulnerabilities across the open source spectrum. It is about managing risks versus letting risks manage you.
This year we reviewed:
- Security response metrics.
- Specific vulnerabilities.
- The most common ways Red Hat users were affected by security vulnerabilities.
Among our findings from 2018:
- Across the Red Hat portfolio, we issued 111 Critical advisories addressing 57 Critical vulnerabilities. (An overall increase over the last several years of reporting.)
- 80% of Critical issues were addressed within one week.
- 2894 issues were reported to Product Security; of those only 430 (14.8%) were embargoed for some period of time.
- A catchy name or a flashy headline for a vulnerability doesn't tell much about its risk. Red Hat Product Security helps customers determine the actual vulnerability impact. Like previous years, the majority of issues that mattered were not branded.
Learn more about the flaws that made an impact in 2018 by reading the full report.
About the author
Christopher Robinson, better known as CRob to his colleagues, is a former Product Security Program Architect at Red Hat.
Browse by channel
Automation
The latest on IT automation for tech, teams, and environments
Artificial intelligence
Updates on the platforms that free customers to run AI workloads anywhere
Open hybrid cloud
Explore how we build a more flexible future with hybrid cloud
Security
The latest on how we reduce risks across environments and technologies
Edge computing
Updates on the platforms that simplify operations at the edge
Infrastructure
The latest on the world’s leading enterprise Linux platform
Applications
Inside our solutions to the toughest application challenges
Original shows
Entertaining stories from the makers and leaders in enterprise tech
Products
- Red Hat Enterprise Linux
- Red Hat OpenShift
- Red Hat Ansible Automation Platform
- Cloud services
- See all products
Tools
- Training and certification
- My account
- Customer support
- Developer resources
- Find a partner
- Red Hat Ecosystem Catalog
- Red Hat value calculator
- Documentation
Try, buy, & sell
Communicate
About Red Hat
We’re the world’s leading provider of enterprise open source solutions—including Linux, cloud, container, and Kubernetes. We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.
Select a language
Red Hat legal and privacy links
- About Red Hat
- Jobs
- Events
- Locations
- Contact Red Hat
- Red Hat Blog
- Diversity, equity, and inclusion
- Cool Stuff Store
- Red Hat Summit