- kernel-2.6.18-371.1.2.el5 (rhel5)
- 2.6.18-419.el5
- 2017-08-02 15:49:06
- 2017-08-02 12:49:14
- 02082017_2
- CVE-2013-2929, CVSSv2 Score: 1.9
- Description:
exec/ptrace: fix get_dumpable() incorrect tests
- CVE: https://access.redhat.com/security/cve/CVE-2013-2929
- Patch: 2.6.18/linux-2.6-fs-exec-ptrace-fix-get_dumpable-incorrect-tests.patch
- From: kernel-2.6.18-371.6.1.el5
- CVE-2013-7263, CVSSv2 Score: 2.1
- Description:
inet: prevent leakage of uninitialized memory to user in recv syscalls
- CVE: https://access.redhat.com/security/cve/CVE-2013-7263
- Patch: 2.6.18/linux-2.6-net-prevent-leakage-of-uninitialized-memory-to-user-in-recv.patch
- From: kernel-2.6.18-371.6.1.el5
- CVE-2013-7263, CVSSv2 Score: 2.1
- Description:
inet: fix addr_len/msg->msg_namelen assignment in recv_error functions
- CVE: https://access.redhat.com/security/cve/CVE-2013-7263
- Patch: 2.6.18/linux-2.6-net-fix-addr_len-msg-msg_namelen-assign-in-recv_error-funcs.patch
- From: kernel-2.6.18-371.6.1.el5
- CVE-2013-7263, CVSSv2 Score: 2.1
- Description:
ipv6: fix leaking uninitialized port number of offender sockaddr
- CVE: https://access.redhat.com/security/cve/CVE-2013-7263
- Patch: 2.6.18/linux-2.6-net-ipv6-fix-leaking-uninit-port-number-of-offender-sockaddr.patch
- From: kernel-2.6.18-371.6.1.el5
- CVE-2013-6381, CVSSv2 Score: 6.2
- Description:
qeth: buffer overflow in snmp ioctl
- CVE: https://access.redhat.com/security/cve/CVE-2013-6381
- Patch: 2.6.18/linux-2.6-s390-qeth-buffer-overflow-in-snmp-ioctl.patch
- From: kernel-2.6.18-371.6.1.el5
- CVE-2013-4483, CVSSv2 Score: 4.9
- Description:
ipc,sem: change refcount to atomic_t
- CVE: https://access.redhat.com/security/cve/CVE-2013-4483
- Patch: 2.6.18/linux-2.6-ipc-change-refcount-to-atomic_t.patch
- From: kernel-2.6.18-371.6.1.el5
- CVE-2012-6638, CVSSv2 Score: 6.4
- Description:
net ipv4: don't call conn_request() if the TCP flags includes SYN flag
- CVE: https://access.redhat.com/security/cve/CVE-2012-6638
- Patch: 2.6.18/linux-2.6-net-tcp-drop-SYNFIN-messages.patch
- From: kernel-2.6.18-371.8.1.el5
- CVE-2013-2888, CVSSv2 Score: 6.2
- Description:
Kernel: HID: memory corruption flaw
- CVE: https://access.redhat.com/security/cve/CVE-2013-2888
- Patch: 2.6.18/linux-2.6-hid-memory-corruption-flaw.patch
- From: kernel-2.6.18-371.8.1.el5
- CVE-2014-1738, CVSSv2 Score: 4.9
- Description:
floppy: don't write kernel-only members to FDRAWCMD ioctl output
- CVE: https://access.redhat.com/security/cve/CVE-2014-1738
- Patch: 2.6.18/linux-2.6-floppy-dont-write-kernel-only-members-to-FDRAWCMD-ioctl-input.patch
- From: kernel-2.6.18-371.9.1.el5
- CVE-2014-1737, CVSSv2 Score: 7.2
- Description:
floppy: ignore kernel-only members in FDRAWCMD ioctl input
- CVE: https://access.redhat.com/security/cve/CVE-2014-1737
- Patch: 2.6.18/linux-2.6-floppy-ignore-kernel-only-members-in-FDRAWCMD-ioctl-input.patch
- From: kernel-2.6.18-371.9.1.el5
- CVE-2013-7339, CVSSv2 Score: 4.7
- Description:
rds: prevent dereference of a NULL device
- CVE: https://access.redhat.com/security/cve/CVE-2013-7339
- Patch: 2.6.18/linux-2.6-rds-prevent-dereference-of-a-NULL-device.patch
- From: kernel-2.6.18-371.9.1.el5
- CVE-2014-4699, CVSSv2 Score: 6.9
- Description:
kernel: ptrace,x86: force IRET path after a ptrace_stop().
- CVE: https://security-tracker.debian.org/tracker/CVE-2014-4699
- Patch: 2.6.18/linux-2.6-ptrace-bugfix-CVE-2014-4699.patch
- From: >kernel-2.6.32-431.20.3el6
- CVE-2014-2678, CVSSv2 Score: 4.7
- Description:
kernel: rds: prevent dereference of a NULL device in rds_iw_laddr_check
- CVE: https://access.redhat.com/security/cve/CVE-2014-2678
- Patch: 2.6.18/linux-2.6-rds-prevent-dereference-of-a-NULL-device-in-rds_iw_laddr_check.patch
- From: kernel-2.6.18-371.11.1.el5
- CVE-2014-3917, CVSSv2 Score: 4.7
- Description:
auditsc: audit_krule mask accesses need bounds checking
- CVE: https://access.redhat.com/security/cve/CVE-2014-3917
- Patch: 2.6.18/auditsc_audit_krule_mask_accesses_need_bounds_checking.patch
- From: kernel-2.6.18-371.12.1.el5
- CVE-2014-9322, CVSSv2 Score: 7.2
- Description:
x86_64, traps: Stop using IST for #SS
- CVE: https://access.redhat.com/security/cve/CVE-2014-9322
- Patch: 2.6.18/x86_64-traps-Stop-using-IST-for-SS.patch
- From: kernel-2.6.18-400.1.1.el6
- CVE-2014-9322, CVSSv2 Score: 7.2
- Description:
x86_64, traps: Stop using IST for #SS
- CVE: https://access.redhat.com/security/cve/CVE-2014-9322
- Patch: 2.6.18/x86_64-traps-Stop-using-IST-for-SS.kpatch-1.patch
- From: kernel-2.6.18-400.1.1.el6
- CVE-2014-7822, CVSSv2 Score: 4.9
- Description:
splice: lack of generic write checks
- CVE: https://access.redhat.com/security/cve/CVE-2014-7822
- Patch: 2.6.18/diff-fix-for-CVE-2014-7822
- From: kernel-2.6.18-402.el5
- CVE-2014-8159, CVSSv2 Score: 6.9
- Description:
[infiniband] core: Prevent integer overflow in ib_umem_get
- CVE: https://access.redhat.com/security/cve/CVE-2014-8159
- Patch: 2.6.18/linux-2.6-infiniband-core-Prevent-integer-overflow-in-ib_umem_get.patch
- From: kernel-2.6.18-404.el5
- CVE-2015-1805, CVSSv2 Score: 6.9
- Description:
kernel: pipe: iovec overrun leading to memory corruption
- CVE: https://access.redhat.com/security/cve/CVE-2015-1805
- Patch: 2.6.18/CVE-2015-1805.patch
- From: kernel-2.6.18-406.el5
- CVE-2015-5364 CVE-2015-5366, CVSSv2 Score: 7.1
- Description:
kernel: net: incorrect processing of checksums in UDP implementation
- CVE: https://access.redhat.com/security/cve/CVE-2015-5366
- Patch: 2.6.18/udp-fix-behavior-of-wrong-checksums.patch
- From: >kernel-2.6.18-406.el5
- CVE-2013-2596, CVSSv2 Score: 6
- Description:
vm: add vm_iomap_memory() helper function
- CVE: https://access.redhat.com/security/cve/cve-2013-2596
- Patch: 2.6.18/mm-vm-add-vm_iomap_memory-helper-function.patch
- From: kernel-2.6.18-409.el5
- CVE-2013-2596, CVSSv2 Score: 6
- Description:
vm: convert fb_mmap to vm_iomap_memory() helper
- CVE: https://access.redhat.com/security/cve/cve-2013-2596
- Patch: 2.6.18/fb-vm-convert-fb_mmap-to-vm_iomap_memory-helper.patch
- From: kernel-2.6.18-409.el5
- CVE-2013-2596, CVSSv2 Score: 6
- Description:
CVE-2013-2596 adaptation to reduce amaunt of generated changes
- CVE: https://access.redhat.com/security/cve/cve-2013-2596
- Patch: 2.6.18/CVE-2013-2596-kpatch1.patch
- From: N/A
- CVE-2016-5195, CVSSv2 Score: 6.9
- Description:
CVE-2016-5195 fix
- CVE: https://access.redhat.com/security/cve/CVE-2016-5195
- Patch: 2.6.18/CVE-2016-5195.patch
- From: kernel-2.6.18-412.el5
- CVE-2016-7117, CVSSv2 Score: 6.8
- Description:
net: Fix use after free in the recvmmsg exit path
- CVE: https://access.redhat.com/security/cve/cve-2016-7117
- Patch: 2.6.18/net-fix-use-after-free-in-the-recvmmsg-exit-path.patch
- From: kernel-2.6.18-417.el5
- CVE-2017-6074, CVSSv2 Score: 7.8
- Description:
dccp: fix freeing skb too early for IPV6_RECVPKTINFO
- CVE: https://access.redhat.com/security/cve/CVE-2017-6074
- Patch: 2.6.18/dccp-fix-freeing-skb-too-early-for-ipv6_recvpktinfo.patch
- From: kernel-2.6.18-419.el5
- CVE-2017-2634, CVSSv2 Score: 7.5
- Description:
DCCP: Use AF-independent rebuild_header routine
- CVE: https://access.redhat.com/security/cve/CVE-2017-2634
- Patch: 2.6.18/dccp-use-af-independent-rebuild_header-routine.patch
- From: kernel-2.6.18-419.el5
- CVE-2017-1000364, CVSSv2 Score: 7.4
- Description:
mm: enlarge stack guard gap
- CVE: https://access.redhat.com/security/cve/cve-2017-1000364
- Patch: 2.6.18/CVE-2017-1000364.patch
- From: >kernel-2.6.18-419.el5