{"product_id":11526,"v_id":11526,"product_name":"Red Hat Enterprise Linux 9.4","certification_status":"Certified","certification_date":"2025-02-25T00:00:00Z","tech_type":"Operating System","vendor_id":{"name":"Red Hat, Inc.","website":"http://www.redhat.com"},"vendor_poc":"Chris Zinda","vendor_phone":"+1-717-360-1923","vendor_email":"czinda@redhat.com","assigned_lab":{"cctl_name":"Lightship Security USA, Inc."},"product_description":"

Red Hat Enterprise Linux 9.4 is an open-source operating system that supports a general-purpose computing environment for multiple users and applications.

","evaluation_configuration":"

The TOE operates with the following components in the environment:

\r\n\r\n

The following product functions are not included within the scope of the evaluation:

\r\n","security_evaluation_summary":"

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Red Hat Enterprise Linux 9.4 was evaluated are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 Rev. 5. The product, when configured as identified in the Red Hat Enterprise Linux 9.4 Common Criteria Guide, satisfies all of the security functional requirements stated in the Red Hat Enterprise Linux 9.4 Security Target. The project underwent CCEVS Validator review. The evaluation was completed in December 2025. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.

","environmental_strengths":"

The expected use cases (as defined by PP_OS_V4.3) for the TOE are:

\r\n\r\n

Users interact with the TOE locally (console) via serial connection or remotely (SSH) via a CLI.

\r\n

This section summarizes the security functionality of the TOE:
Security Audit

\r\n

The TOE generates and stores security relevant audit events. These logs are stored locally and are protected by restricting access to system administrators only.

\r\n

Cryptographic Support

\r\n

The TOE implements cryptographic operations in support of its security functions.

\r\n

User Data Protection

\r\n

The TOE implements access controls to prevent unauthorized access to files and directories.

\r\n

Identification and Authentication

\r\n

The TOE supports password and public-key authentication. The TOE supports a configurable password and account lockout policy.

\r\n

Security Management

\r\n

The security management facilities provided by the TOE are usable by authorized users and/or authorized administrators to modify the configuration of TSF.

\r\n

Protection of the TSF

\r\n

The TOE implements self-protection mechanisms that protect the security mechanisms of the TOE as well as software executed by the TOE. The following kernel-space isolation and TSF self-protection mechanisms are implemented and enforced (full details are provided in the TSS):

\r\n\r\n

TOE Access

\r\n

The TOE displays informative banners before users are allowed to establish a session.

\r\n

Trusted Path/Channels

\r\n

The TOE supports TLSv1.2 and SSHv2 to secure remote communications.  Both protocols may be used for communications with remote IT entities. Remote administration is only supported using SSHv2.

","features":[{"id":2283,"feature_name":"Asymmetric Key Generation"},{"id":2461,"feature_name":"Auditing"},{"id":2275,"feature_name":"Certificate Authentication"},{"id":2276,"feature_name":"Certificate Validation"},{"id":2279,"feature_name":"Cryptograhic Hashing"},{"id":2280,"feature_name":"Cryptographic Key Establishment”"},{"id":2299,"feature_name":"Cryptographic Signature Generation"},{"id":2278,"feature_name":"DRBG"},{"id":2464,"feature_name":"Key Destruction"},{"id":2277,"feature_name":"Keyed-hash message authentication"},{"id":2287,"feature_name":"Operating System"},{"id":2272,"feature_name":"SSH Client"},{"id":2273,"feature_name":"SSH Server"},{"id":2274,"feature_name":"TLS 1.2"}]}