KernelCare Directory

vzkernel-2.6.32-042stab111.11 (openvz)
Kernel Update Version: 2.6.32-042stab126.2
Build Date: 2017-12-28 15:46:51
Release Date: 2017-12-28 20:46:55
Release: 28122017_3

N/A, CVSSv2 Score: N/A
Description:
vfs: Test for and handle paths that are unreachable from their mnt_root
CVE: N/A
Patch: 2.6.32/diff-vfs-test-for-and-handle-paths-that-are-unreachable-from-their-mnt_root
From: >vzkernel-2.6.32-042stab111.11

CVE-2015-6937, CVSSv2 Score: 7.1
Description:
RDS: verify the underlying transport exists before creating a connection
CVE: https://access.redhat.com/security/cve/cve-2015-6937
Patch: 2.6.32/rds-verify-the-underlying-transport-exists-before-creating-a.patch
From: vzkernel-2.6.32-042stab112.15

CVE-2015-7990, CVSSv2 Score: 7.1
Description:
Complete earlier incomplete fix to CVE-2015-6937
CVE: https://access.redhat.com/security/cve/CVE-2015-7990
Patch: 2.6.32/fix-incomplete-CVE-2015-6937.patch
From: >vzkernel-2.6.32-042stab112.15

N/A, CVSSv2 Score: N/A
Description:
fix for performance degradation starting systemd-based containers
CVE: https://bugs.openvz.org/browse/OVZ-6510
Patch: 2.6.32/openvz/diff-virt-mnt-poll.patch
From: vzkernel-2.6.32-042stab112.4

N/A, CVSSv2 Score: N/A
Description:
fix for performance degradation starting systemd-based containers
CVE: https://bugs.openvz.org/browse/OVZ-6510
Patch: 2.6.32/openvz/diff-virt-mnt-poll.kpatch-1.patch
From: vzkernel-2.6.32-042stab112.4

CVE-2015-7613, CVSSv2 Score: 6.2
Description:
Initialize msg/shm IPC objects before doing ipc_addid()
CVE: https://access.redhat.com/security/cve/CVE-2015-7613
Patch: 2.6.32/openvz/34339-ipc-Initialize-msg-shm-IPC-objects-before-doing-ipc_addid.patch
From: kernel-2.6.32-573.12.1.el6

CVE-2015-7872, CVSSv2 Score: 7.2
Description:
keys: Fix race between key destruction and finding a keyring by name
CVE: https://access.redhat.com/security/cve/CVE-2015-7872
Patch: 2.6.32/34340-security-keys-Fix-race-between-key-destruction-and-finding-a-keyring-by-name.patch
From: kernel-2.6.32-573.12.1.el6

CVE-2015-7872, CVSSv2 Score: 7.2
Description:
keys: Fix crash when attempt to garbage collect an uninstantiated keyring
CVE: https://access.redhat.com/security/cve/CVE-2015-7872
Patch: 2.6.32/34341-security-keys-Fix-crash-when-attempt-to-garbage-collect-an-uninstantiated-keyring.patch
From: kernel-2.6.32-573.12.1.el6

CVE-2015-7872, CVSSv2 Score: 7.2
Description:
keys: Don't permit request_key() to construct a new keyring
CVE: https://access.redhat.com/security/cve/CVE-2015-7872
Patch: 2.6.32/34342-security-keys-Don-t-permit-request_key-to-construct-a-new-keyring.patch
From: kernel-2.6.32-573.12.1.el6

CVE-2015-5307, CVSSv2 Score: 5.2
Description:
virt: guest to host DoS by triggering an infinite loop in microcode
CVE: https://access.redhat.com/security/cve/CVE-2015-5307
Patch: 2.6.32/34344-x86-virt-guest-to-host-DoS-by-triggering-an-infinite-loop-in-microcode.patch
From: kernel-2.6.32-573.12.1.el6

CVE-2015-8104, CVSSv2 Score: 5.2
Description:
svm: unconditionally intercept DB
CVE: https://access.redhat.com/security/cve/CVE-2015-8104
Patch: 2.6.32/34345-kvm-svm-unconditionally-intercept-DB.patch
From: kernel-2.6.32-573.12.1.el6

CVE-2015-5307 CVE-2015-8104, CVSSv2 Score: 5.2
Description:
CVE-2015-5307 and CVE-2015-8104 kpatch adaptation
CVE: https://access.redhat.com/security/cve/CVE-2015-8104
Patch: 2.6.32/34346-cve-2015-5307-cve-2015-8104-kpatch-1.patch
From: kernel-2.6.32-573.12.1.el6

CVE-2015-7550, CVSSv2 Score: 4.6
Description:
KEYS: Fix race between read and revoke
CVE: https://access.redhat.com/security/cve/CVE-2015-7550
Patch: 2.6.32/KEYS-Fix-race-between-read-and-revoke.patch
From: vzkernel-2.6.32-042stab113.17

CVE-2016-0774, CVSSv2 Score: 5.4
Description:
Fix pipe buffer state corruption.
CVE: https://access.redhat.com/security/cve/CVE-2016-0774
Patch: 2.6.32/CVE-2016-0774.patch
From: kernel-2.6.32-573.22.1.el6

CVE-2015-8543, CVSSv2 Score: 4.6
Description:
net: add validation for the socket syscall protocol argument
CVE: https://access.redhat.com/security/cve/CVE-2015-8543
Patch: 2.6.32/openvz/cve-2015-8543.patch
From: vzkernel-2.6.32-042stab113.21

CVE-2016-3134, CVSSv2 Score: 6.2
Description:
netfilter: x_tables: deal with bogus nextoffset values
CVE: https://access.redhat.com/security/cve/CVE-2016-3134
Patch: 2.6.32/openvz/cve-2016-3134.patch
From: vzkernel-2.6.32-042stab113.21

CVE-2015-5157, CVSSv2 Score: 5.7
Description:
Disable modification of LDT by userspace processes.
CVE: https://access.redhat.com/security/cve/cve-2015-5157
Patch: 2.6.32/kcare-mitigate-cve-2015-5157.patch
From: kernel-2.6.32-573.26.1.el6

CVE-2015-8767, CVSSv2 Score: 7.1
Description:
sctp: Prevent soft lockup when sctp_accept() is called during a timeout event
CVE: https://access.redhat.com/security/cve/CVE-2015-8767
Patch: 2.6.32/sctp-prevent-soft-lockup-when-sctp_accept-is-called-.patch
From: kernel-2.6.32-573.26.1.el6

CVE-2010-5313 CVE-2014-7842, CVSSv2 Score: 4
Description:
kvm: inject #UD if instruction emulation fails and exit to userspace
CVE: https://access.redhat.com/security/cve/CVE-2010-5313
Patch: 2.6.32/virt-kvm-inject-UD-if-instruction-emulation-fails-and-exit-to-userspace.patch
From: kernel-2.6.32-642.el6

CVE-2010-5313 CVE-2014-7842, CVSSv2 Score: 4
Description:
kvm: inject #UD if instruction emulation fails and exit to userspace (KernelCare adoptation)
CVE: https://access.redhat.com/security/cve/CVE-2010-5313
Patch: 2.6.32/virt-kvm-inject-UD-if-instruction-emulation-fails-and-exit-to-userspace.kpatch-1.patch
From: kernel-2.6.32-642.el6

CVE-2010-5313 CVE-2014-7842, CVSSv2 Score: 4
Description:
kvm: x86: Don't report guest userspace emulation error to userspace
CVE: https://access.redhat.com/security/cve/CVE-2010-5313
Patch: 2.6.32/virt-kvm-x86-Don-t-report-guest-userspace-emulation-error-to-userspace.patch
From: kernel-2.6.32-642.el6

CVE-2014-8134, CVSSv2 Score: 1.9
Description:
x86, kvm: Clear paravirt_enabled on KVM guests for espfix32's benefit
CVE: https://access.redhat.com/security/cve/CVE-2014-8134
Patch: 2.6.32/x86-kvm-clear-paravirt_enabled-on-kvm-guests-for-espfix32-s-benefit.patch
From: kernel-2.6.32-642.el6

CVE-2014-8134, CVSSv2 Score: 1.9
Description:
x86, kvm: Clear paravirt_enabled on KVM guests for espfix32's benefit
CVE: https://access.redhat.com/security/cve/CVE-2014-8134
Patch: 2.6.32/x86-kvm-clear-paravirt_enabled-on-kvm-guests-for-espfix32-s-benefit.kpatch-1.patch
From: kernel-2.6.32-642.el6

CVE-2015-7509, CVSSv2 Score: 6
Description:
ext4: make orphan functions be no-op in no-journal mode
CVE: https://access.redhat.com/security/cve/CVE-2015-7509
Patch: 2.6.32/ext4-make-orphan-functions-be-no-op-in-no-journal-mo.patch
From: kernel-2.6.32-642.el6

CVE-2015-7509, CVSSv2 Score: 6
Description:
ext4: avoid hang when mounting non-journal filesystems with orphan list
CVE: https://access.redhat.com/security/cve/CVE-2015-7509
Patch: 2.6.32/ext4-avoid-hang-when-mounting-non-journal-filesystem.patch
From: kernel-2.6.32-642.el6

CVE-2016-4997, CVE-2016-4998, CVSSv2 Score: N/A
Description:
netfilter: x_tables: validate e->target_offset early
CVE: http://www.openwall.com/lists/oss-security/2016/06/24/5
Patch: 2.6.32/netfilter-x_tables-validate-e-target_offset-early.patch
From: vzkernel-2.6.32-042stab116.2

CVE-2016-4997, CVE-2016-4998, CVSSv2 Score: N/A
Description:
netfilter: x_tables: make sure e->next_offset covers remaining blob size
CVE: http://www.openwall.com/lists/oss-security/2016/06/24/5
Patch: 2.6.32/netfilter-x_tables-make-sure-e-next_offset-covers-remaining-blob.patch
From: vzkernel-2.6.32-042stab116.2

CVE-2016-4997, CVE-2016-4998, CVSSv2 Score: N/A
Description:
netfilter: x_tables: check for bogus target offset
CVE: http://www.openwall.com/lists/oss-security/2016/06/24/5
Patch: 2.6.32/netfilter-x_tables-check-for-bogus-target-offset.patch
From: vzkernel-2.6.32-042stab116.2

CVE-2016-4565, CVSSv2 Score: 6.9
Description:
IB/security: Restrict use of the write() interface
CVE: https://access.redhat.com/security/cve/CVE-2016-4565
Patch: 2.6.32/IB-security-Restrict-use-of-the-write-interface.patch
From: kernel-2.6.32-642.3.1.el6

CVE-2016-5696, CVSSv2 Score: 5.8
Description:
tcp: make challenge acks less predictable
CVE: https://access.redhat.com/security/cve/cve-2016-5696
Patch: 2.6.32/tcp-make-challenge-acks-less-predictable.patch
From: >kernel-2.6.32-642.3.1.el6

CVE-2016-5696, CVSSv2 Score: 5.8
Description:
tcp: make challenge acks less predictable
CVE: https://access.redhat.com/security/cve/cve-2016-5696
Patch: 2.6.32/tcp-make-challenge-acks-less-predictable.kpatch-1.patch
From: >kernel-2.6.32-642.3.1.el6

CVE-2016-4470, CVSSv2 Score: 6.9
Description:
KEYS: potential uninitialized variable
CVE: https://access.redhat.com/security/cve/CVE-2016-4470
Patch: 2.6.32/KEYS-potential-uninitialized-variable-CVE-2016-4470.patch
From: kernel-2.6.32-642.6.1.el6

CVE-2016-5829, CVSSv2 Score: 6.9
Description:
HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands
CVE: https://access.redhat.com/security/cve/CVE-2016-5829
Patch: 2.6.32/hid-hiddev-validate-num_values-for-hidiocgusages-hidiocsusages.patch
From: kernel-2.6.32-642.6.1.el6

N/A, CVSSv2 Score: N/A
Description:
enable ipproto_icmp inside containers
CVE: N/A
Patch: 2.6.32/diff-ve-ipproto_icmp-workaround
From: vzkernel-2.6.32-042stab117.8

CVE-2016-5195, CVSSv2 Score: 6.9
Description:
mm: remove gup_flags FOLL_WRITE games from __get_user_pages()
CVE: https://access.redhat.com/security/cve/cve-2016-5195
Patch: 2.6.32/0001-mm-remove-gup_flags-FOLL_WRITE-games-from-__get_user.patch
From: >kernel-2.6.32-642.6.1.el6

N/A, CVSSv2 Score: N/A
Description:
count shared memory in used memory(PSBM-42024)
CVE: N/A
Patch: 2.6.32/openvz/diff-used-memory-does-not-count-shared-memory.after-079_6
From: vzkernel-2.6.32-042stab120.2

N/A, CVSSv2 Score: N/A
Description:
cpt/rst scm user
CVE: https://help.virtuozzo.com/customer/en/portal/articles/2559794-virtuozzo-6-0-update-11-hotfix-14-6-0-11-3478-
Patch: 2.6.32/openvz/diff-rst-restore-skb-scm-user_before_117.8
From: vzkernel-2.6.32-042stab117.14

CVE-2016-1583, CVSSv2 Score: 6.9
Description:
proc: prevent stacking filesystems on top
CVE: https://access.redhat.com/security/cve/cve-2016-1583
Patch: 2.6.32/proc-prevent-stacking-filesystems-on-top.patch
From: kernel-2.6.32-642.11.1.el6

CVE-2016-1583, CVSSv2 Score: 6.9
Description:
eCryptFS: allocate open requests on stack
CVE: https://access.redhat.com/security/cve/cve-2016-1583
Patch: 2.6.32/ecryptfs-allocate-open-requests-on-stack.patch
From: kernel-2.6.32-642.11.1.el6

CVE-2016-1583, CVSSv2 Score: 6.9
Description:
eCryptFS: forbid opening files without mmap handler
CVE: https://access.redhat.com/security/cve/cve-2016-1583
Patch: 2.6.32/ecryptfs-forbid-opening-without-mmap-handler.patch
From: kernel-2.6.32-642.11.1.el6

CVE-2016-6828, CVSSv2 Score: 3.6
Description:
tcp: fix use after free in tcp_xmit_retransmit_queue()
CVE: https://access.redhat.com/security/cve/CVE-2016-6828
Patch: 2.6.32/tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch
From: vzkernel-2.6.32-042stab120.11

CVE-2016-7117, CVSSv2 Score: 6.8
Description:
net: Fix use after free in the recvmmsg exit path
CVE: https://access.redhat.com/security/cve/cve-2016-7117
Patch: 2.6.32/cloudlinux-net-Fix-use-after-free-in-the-recvmmsg-exit-path.patch
From: >kernel-2.6.32-673.26.1.lve1.4.18.el6

CVE-2015-8539, CVSSv2 Score: 7.2
Description:
KEYS: Fix handling of stored error in a negatively instantiated user key
CVE: https://access.redhat.com/security/cve/CVE-2015-8539
Patch: 2.6.32/KEYS-Fix-handling-of-stored-error-in-a-negatively-in.patch
From: >kernel-2.6.32-642.13.1.el6

CVE-2017-6074, CVSSv2 Score: 7.8
Description:
dccp: fix freeing skb too early for IPV6_RECVPKTINFO
CVE: https://access.redhat.com/security/cve/CVE-2017-6074
Patch: 2.6.32/dccp-fix-freeing-skb-too-early-for-ipv6_recvpktinfo.patch
From: kernel-2.6.32-642.13.2.el6

CVE-2016-6136, CVSSv2 Score: 3.3
Description:
[kernel] audit: fix a double fetch in audit_log_single_execve_arg()
CVE: https://access.redhat.com/security/cve/CVE-2016-6136
Patch: 2.6.32/kernel-audit-fix-a-double-fetch-in-audit_log_single_execve_arg.patch
From: kernel-2.6.32-642.15.1.el6

CVE-2016-9555, CVSSv2 Score: 7.1
Description:
[net] sctp: validate chunk len before actually using it
CVE: https://access.redhat.com/security/cve/CVE-2016-9555
Patch: 2.6.32/net-sctp-validate-chunk-len-before-actually-using-it.patch
From: kernel-2.6.32-642.15.1.el6

CVE-2017-2636, CVSSv2 Score: 7.8
Description:
tty: n_hdlc: get rid of racy n_hdlc.tbuf
CVE: https://access.redhat.com/security/cve/CVE-2017-2636
Patch: 2.6.32/fix-CVE-2017-2636.patch
From: 2.6.32-696.1.1.el6

CVE-2017-2647, CVSSv2 Score: 1.9
Description:
kernel: Null pointer dereference in search_keyring
CVE: https://access.redhat.com/security/cve/CVE-2017-2647
Patch: 2.6.32/kernel-Null-pointer-dereference-in-search_keyring_279.patch
From: vzkernel-2.6.32-042stab120.20

CVE-2016-10229, CVSSv2 Score: critical
Description:
udp: properly support MSG_PEEK with truncated buffers
CVE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-10229
Patch: 2.6.32/CVE-2016-10229.patch
From: >2.6.32-642.15.1.el6

CVE-2016-2069, CVSSv2 Score: N/A
Description:
x86/mm: Add barriers and document switch_mm()-vs-flush synchronization
CVE: https://access.redhat.com/security/cve/cve-2016-2069
Patch: 2.6.32/x86-mm-Add-barriers-and-document-switch_mm-vs-flush-.patch
From: kernel-2.6.32-696.el6

CVE-2016-2384, CVSSv2 Score: N/A
Description:
ALSA: usb-audio: avoid freeing umidi object twice
CVE: https://access.redhat.com/security/cve/cve-2016-2384
Patch: 2.6.32/ALSA-usb-audio-avoid-freeing-umidi-object-twice.patch
From: kernel-2.6.32-696.el6

CVE-2016-6480, CVSSv2 Score: N/A
Description:
aacraid: Check size values after double-fetch from user
CVE: https://access.redhat.com/security/cve/cve-2016-6480
Patch: 2.6.32/aacraid-Check-size-values-after-double-fetch-from-us.patch
From: kernel-2.6.32-696.el6

CVE-2016-7097, CVSSv2 Score: N/A
Description:
posix_acl: Clear SGID bit when setting file permissions
CVE: https://access.redhat.com/security/cve/cve-2016-7097
Patch: 2.6.32/posix_acl-Clear-SGID-bit-when-setting-file-permissio.patch
From: kernel-2.6.32-696.el6

CVE-2016-8399, CVSSv2 Score: N/A
Description:
net: ping: check minimum size on ICMP header length
CVE: https://access.redhat.com/security/cve/cve-2016-8399
Patch: 2.6.32/net-ping-check-minimum-size-on-ICMP-header-length.patch
From: kernel-2.6.32-696.el6

CVE-2016-10088, CVSSv2 Score: N/A
Description:
sg_write()/bsg_write() is not fit to be called under KERNEL_DS
CVE: https://access.redhat.com/security/cve/cve-2016-10088
Patch: 2.6.32/sg_write-bsg_write-is-not-fit-to-be-called-under-KER.patch
From: kernel-2.6.32-696.el6

CVE-2016-10142, CVSSv2 Score: N/A
Description:
ipv6: stop sending PTB packets for MTU < 1280
CVE: https://access.redhat.com/security/cve/cve-2016-10142
Patch: 2.6.32/ipv6-stop-sending-PTB-packets-for-MTU-1280.patch
From: kernel-2.6.32-696.el6

CVE-2016-7042, CVSSv2 Score: N/A
Description:
KEYS: Fix short sprintf buffer in /proc/keys show function
CVE: https://access.redhat.com/security/cve/cve-2016-7042
Patch: 2.6.32/KEYS-Fix-short-sprintf-buffer-in-proc-keys-show-func.patch
From: kernel-2.6.32-696.el6

CVE-2016-7910, CVSSv2 Score:
Description:
block: fix use-after-free in seq file
CVE: https://access.redhat.com/security/cve/CVE-2016-7910
Patch: 2.6.32/block-fix-use-after-free-in-seq-file.patch
From: kernel-2.6.32-696.1.1.el6

N/A, CVSSv2 Score: N/A
Description:
rst: safe restore of tcp_flags and ip_dsfield fields
CVE: N/A
Patch: 2.6.32/openvz/diff-rst-safe-restore-of-tcp_flags-and-ip_dsfield-fields-of-TCP_SKB_CB
From: vzkernel-2.6.32-042stab117.8

CVE-2017-7472, CVSSv2 Score: 5.5
Description:
keyctl_set_reqkey_keyring() leaks thread keyrings
CVE: https://access.redhat.com/security/cve/CVE-2017-7472
Patch: 2.6.32/CVE-2017-7472-pre-642.patch
From: vzkernel-2.6.32-042stab123.2

CVE-2017-7895, CVSSv2 Score: 6.5
Description:
nfsd: stricter decoding of write-like NFSv2/v3 ops
CVE: https://access.redhat.com/security/cve/cve-2017-7895
Patch: 2.6.32/nfsd-stricter-decoding-of-write-like-NFSv2-v3-ops.patch
From: >kernel-2.6.32-673.26.1.lve1.4.26.el6

CVE-2017-6214, CVSSv2 Score: 6.5
Description:
tcp: avoid infinite loop in tcp_splice_read()
CVE: https://access.redhat.com/security/cve/CVE-2017-6214
Patch: 2.6.32/tcp-avoid-infinite-loop-in-tcp_splice_read.patch
From: kernel-2.6.32-696.3.1.el6

CVE-2017-1000364, CVSSv2 Score: 7.4
Description:
mm: enlarge stack guard gap
CVE: https://access.redhat.com/security/cve/cve-2017-1000364
Patch: 2.6.32/CVE-2017-1000364-upstream.patch
From: 2.6.32-696.3.2.el6

CVE-2017-7308, CVSSv2 Score: 7
Description:
net/packet: fix overflow in check for tp_reserve
CVE: https://access.redhat.com/security/cve/cve-2017-7308
Patch: 2.6.32/net-packet-fix-overflow-in-check-for-tp_reserve.patch
From: >kernel-2.6.32-696.6.3.el6

CVE-2017-1000111, CVSSv2 Score: unknown
Description:
net-packet: fix race in packet_set_ring on PACKET_RESERVE
CVE: http://seclists.org/oss-sec/2017/q3/279
Patch: 2.6.32/CVE-2017-1000111.patch
From: >kernel-2.6.32-696.6.3.el6

CVE-2017-1000112, CVSSv2 Score: unknown
Description:
udp: consistently apply ufo or fragmentation
CVE: http://seclists.org/oss-sec/2017/q3/277
Patch: 2.6.32/CVE-2017-1000112-before-696.patch
From: >2.6.32-696.6.3.el6

CVE-2017-7542, CVSSv2 Score: 5.5
Description:
ipv6: avoid overflow of offset in ip6_find_1stfragopt
CVE: https://access.redhat.com/security/cve/CVE-2017-7542
Patch: 2.6.32/ipv6-avoid-overflow-of-offset-in-ip6_find_1stfragopt-042stab123.3.patch
From: vzkernel-2.6.32-042stab124.2

CVE-2017-11176, CVSSv2 Score: 7.8
Description:
mqueue: fix a use-after-free in sys_mq_notify()
CVE: https://access.redhat.com/security/cve/CVE-2017-11176
Patch: 2.6.32/mqueue-fix-a-use-after-free-in-sys_mq_notify.patch
From: vzkernel-2.6.32-042stab124.2

CVE-2017-14106, CVSSv2 Score: 5.5
Description:
tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0
CVE: https://access.redhat.com/security/cve/CVE-2017-14106
Patch: 2.6.32/tcp-initialize-rcv_mss-to-TCP_MIN_MSS-instead-of-0.patch
From: vzkernel-2.6.32-042stab124.2

CVE-2017-1000251, CVSSv2 Score: 7.5
Description:
Bluetooth: Properly check L2CAP config option output buffer length
CVE: https://access.redhat.com/security/cve/cve-2017-1000251
Patch: 2.6.32/CVE-2017-1000251.patch
From: 2.6.32-696.10.2.el6

CVE-2017-1000253, CVSSv2 Score: 7.8
Description:
fs/binfmt_elf.c: fix bug in loading of PIE binaries
CVE: https://access.redhat.com/security/cve/cve-2017-1000253
Patch: 2.6.32/fs-binfmt_elfc-fix-bug-in-loading-of-pie-binaries.patch
From: >2.6.32-696.10.2.el6

CVE-2017-15274, CVSSv2 Score: 5.5
Description:
KEYS: fix dereferencing NULL payload with nonzero length
CVE: https://access.redhat.com/security/cve/cve-2017-15274
Patch: 2.6.32/keys-fix-dereferencing-null-payload-with-nonzero-length-pre-117.patch
From: 2.6.32-042stab125.5

CVE-2017-15265, CVSSv2 Score: 5.5
Description:
ALSA: seq: Fix use-after-free at creating a port
CVE: https://access.redhat.com/security/cve/cve-2017-15265
Patch: 2.6.32/ALSA-seq-Fix-use-after-free-at-creating-a-port.patch
From: vzkernel-2.6.32-042stab126.1

n/a, CVSSv2 Score: n/a
Description:
cpt: fix possible crash when restoring container with active NFS mount (PSBM-76898)
CVE: n/a
Patch: 2.6.32/openvz/cpt-fix-crash-during-restore-with-nfs-mounts.patch
From: vzkernel-2.6.32-042stab126.1

CVE-2017-8824, CVSSv2 Score: 7.8
Description:
dccp: fix use-after-free (CVE-2017-8824)
CVE: https://access.redhat.com/security/cve/cve-2017-8824
Patch: 2.6.32/dccp-fix-use-after-free.patch
From: kernel-2.6.32-773.26.1.lve1.4.46.el6

Description:
CVE:
Patch: 2.6.32/kernelcare-openvz-cpt-rst-deadlock-workaround.patch
From:

Description:
vmx_vcpu_run wrapper
CVE:
Patch: 2.6.32/x86-kvm-vmx_vcpu_run-wrapper.patch
From:

CVE-2016-8633, CVSSv2 Score: 6.8
Description:
firewire: net: guard against rx buffer overflows
CVE: https://access.redhat.com/security/cve/CVE-2016-8633
Patch: 2.6.32/CVE-2016-8633.patch
From: >kernel-2.6.32-696.13.2.el6