Red Hat Enterprise Linux Security Select Add-On
Overview
As part of all Red Hat® Enterprise Linux® subscriptions, Red Hat may provide Common Vulnerabilities and Exposures (CVEs) fixes for those defined by Red Hat as Critical, Important, and Moderate with a Common Vulnerability Scoring System (CVSS) score of 7.0 or higher. Red Hat’s standard Extended Life Cycle Support (ELS), Extended Update Support (EUS), and Enhanced Extended Update Support (EEUS) offer similar additional support for CVE fixes.
However, organizations in regulated industries—finance, healthcare, telecommunications, and the public sector—must meet strict security and compliance regulations, and Red Hat’s standard support, including ELS, EUS, and EEUS do not cover all CVEs, especially those rated Moderate or Low.
The Red Hat Enterprise Linux Security Select Add-On fills that gap. It lets organizations request specific CVE patches on demand, delivered directly for deployment in their environments.
What is the Red Hat Enterprise Linux Security Select Add-On?
For organizations using Red Hat Enterprise Linux with ELS or EUS/EEUS subscriptions, a new add-on enhances security patch availability. The Security Select Add-On lets these customers request fixes for a broader range of CVEs.
This service offers greater flexibility by allowing organizations to obtain patches for vulnerabilities classified as Critical, Important, Moderate, or even Low. This represents a significant expansion of the standard support, which typically focuses on higher-severity issues. By supporting the remediation of a wider array of security concerns, this add-on provides a more customizable security posture for enterprise systems.
A current ELS/EEUS/EUS subscription is required to qualify. Red Hat Enterprise Linux Security Select Add-Ons can be back-dated to align with the start date of an active ELS/EEUS/EUS subscription.
Benefits
- Gain faster access to requested CVE fixes, beyond standard delivery timelines.
- Strengthen security focus and compliance posture in regulated industries.
- Extend protection for Red Hat Enterprise Linux deployments across all versions.
- Maintain operational stability without waiting for public Red Hat CVE prioritization.
- Manage requests and hotfix delivery through a dedicated security Technical Account Manager (TAM).
- Organizations can purchase Red Hat Enterprise Linux Security Select 10-pack Add-On of CVE fixes associated with their ELS or EEUS/EUS subscriptions, allowing for fixes upon request.
How the Red Hat Enterprise Linux Security Select Add-On works
- The service requires an active Red Hat Enterprise Linux subscription and a security Technical Account Manager (TAM), who can be either existing or newly assigned.
- Organizations start by purchasing Red Hat Enterprise Linux Security Select 10-pack Add-On of CVE fixes.
- Organizations request CVE fixes associated with their ELS or EEUS/EUS subscriptions, using their allowances from the 10-pack.
- Individual CVE fixes beginning with CVE 11 and onward can be ordered at a value price.
- Organizations submit CVE fix requests through their security TAM.
- Fixes are delivered according to a 90-day service level agreement (SLA).
- Fixes are managed and eventually made publicly available by Red Hat Product Security.
- Contracts are valid for 1 year; unused CVE fix requests do not roll over.
- The Red Hat Enterprise Linux Security Select Add-On is not tied to any specific version of Red Hat Enterprise Linux.
Learn more
For more information about Red Hat Enterprise Linux Security Select Add-on, contact your Red Hat sales representative.
