- kernel-2.6.32-754.10.1.el6 (oel6)
- 2.6.32-754.53.1.el6
- 2024-05-23 22:14:13
- 2024-08-15 08:55:37
- K20240523_08
- CVE-2018-10902, CVSSv2 Score: 7.8
- Description:
ALSA: rawmidi: Change resized buffers atomically
- CVE: https://access.redhat.com/security/cve/cve-2018-10902
- Patch: 2.6.32/cve-2018-10902.patch
- From: kernel-2.6.32-754.el6
- CVE-2018-10902, CVSSv2 Score: 7.8
- Description:
ALSA: rawmidi: Change resized buffers atomically
- CVE: https://access.redhat.com/security/cve/cve-2018-10902
- Patch: 3.10.0/CVE-2018-10902-ALSA-rawmidi-shange-resize-buffers-atomically-2-pre-514.patch
- From: >=kernel-3.10.0-123.1.2.el7
- CVE-2019-11190, CVSSv2 Score: 4.7
- Description:
binfmt_elf: switch to new creds when switching to new mm
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2019-11190
- Patch: 2.6.32/CVE-2019-11190.patch
- From: >4.8
- CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091, CVSSv2 Score: 6.5
- Description:
zombieload mitigation
- CVE: https://access.redhat.com/security/cve/cve-2018-12126 https://access.redhat.com/security/cve/cve-2018-12130 https://access.redhat.com/security/cve/cve-2018-12127
- Patch: 2.6.32/zombieload-mitigation.patch
- From: 2.6.32-754.14.2.el6
- CVE-2019-11477, CVSSv2 Score: 7.5
- Description:
tcp: limit payload size of sacked skbs
- CVE: https://access.redhat.com/security/cve/cve-2019-11477
- Patch: 2.6.32/cve-2019-11477-limit-payload-size-of-sacked-bits.patch
- From: kernel-2.6.32-754.15.3.el6
- CVE-2019-11478, CVSSv2 Score: 5.3
- Description:
tcp: tcp_fragment() should apply sane memory limits
- CVE: https://access.redhat.com/security/cve/cve-2019-11478
- Patch: 2.6.32/cve-2019-11478-tcp_fragments-to-apply-sane-memlims.patch
- From: kernel-2.6.32-754.15.3.el6
- CVE-2019-11479, CVSSv2 Score: 5.3
- Description:
tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()
- CVE: https://access.redhat.com/security/cve/cve-2019-11479
- Patch: 2.6.32/cve-2019-11479-tcp-enforce-tcp_min_snd_mss-in-tcp_mtu_probing.patch
- From: kernel-2.6.32-754.15.3.el6
- N/A, CVSSv2 Score: N/A
- Description:
kpatch adaptation - sysctl handle for minimal MSS
- CVE: N/A
- Patch: 2.6.32/cve-2019-11479-tcp-enforce-tcp_min_snd_mss-in-tcp_mtu_probing-kpatch-1.patch
- From: kernel-2.6.32-754.15.3.el6
- CVE-2019-11477, CVSSv2 Score: 7.5
- Description:
tcp: limit payload size of sacked skbs
- CVE: https://access.redhat.com/security/cve/cve-2019-11477
- Patch: 2.6.32/cve-2019-11477-move-mss-below.patch
- From: kernel-2.6.32-754.15.3.el6
- CVE-2019-3896, CVSSv2 Score: 7.0
- Description:
idr: fix backtrack logic in idr_remove_all
- CVE: https://access.redhat.com/security/cve/cve-2019-3896
- Patch: 2.6.32/cve-2019-3896-fix-backtrack-logic-in-idr_remove_all.patch
- From: kernel-2.6.32-754.15.3.el6
- CVE-2019-3896, CVSSv2 Score: 7.0
- Description:
idr: fix top layer handling
- CVE: https://access.redhat.com/security/cve/cve-2019-3896
- Patch: 2.6.32/cve-2019-3896-idr-fix-top-layer-handling.patch
- From: kernel-2.6.32-754.15.3.el6
- CVE-2019-11477, CVSSv2 Score: 7.5
- Description:
[net] tcp: pass previous skb to tcp_shifted_skb()
- CVE: https://access.redhat.com/security/cve/cve-2019-11477
- Patch: 2.6.32/cve-2019-11477-tcp_pass_previous_skb_to_tcp_shifted_skb-754.patch
- From: 3.10.0-957.21.3.el7
- CVE-2017-17805, CVSSv2 Score: 5.5
- Description:
[crypto] salsa20 - fix blkcipher_walk API usage
- CVE: https://access.redhat.com/security/cve/CVE-2017-17805
- Patch: 2.6.32/crypto-salsa20-fix-blkcipher_walk-API-usage.patch
- From: 2.6.32-754.18.2.el6
- CVE-2019-5489, CVSSv2 Score: 7.1
- Description:
[mm] mincore.c: make mincore() more conservative
- CVE: https://access.redhat.com/security/cve/CVE-2019-5489
- Patch: 2.6.32/mm-mincore.c-make-mincore-more-conservative.patch
- From: 2.6.32-754.18.2.el6
- CVE-2018-17972, CVSSv2 Score: 3.3
- Description:
[fs] proc: restrict kernel stack dumps to root
- CVE: https://access.redhat.com/security/cve/CVE-2018-17972
- Patch: 2.6.32/proc-restrict-kernel-stack-dumps-to-root.patch
- From: 2.6.32-754.18.2.el6
- CVE-2019-1125, CVSSv2 Score: 5.9
- Description:
[x86] x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations
- CVE: https://access.redhat.com/security/cve/CVE-2019-1125
- Patch: 2.6.32/swapgs-fix.patch
- From: 2.6.32-754.18.2.el6
- N/A, CVSSv2 Score:
- Description:
map kpatch code that patch .entry.text section code
- CVE:
- Patch: 2.6.32/kpatch_map_kaiser_kp_text-no-kaiser_enabled.patch
- From:
- CVE-2018-9568, CVSSv2 Score: 7
- Description:
net: Set sk_prot_creator when cloning sockets to the right proto
- CVE: https://access.redhat.com/security/cve/cve-2018-9568
- Patch: 2.6.32/CVE-2018-9568-el6.patch
- From: 2.6.32-754.22.1.el6
- CVE-2019-11810, CVSSv2 Score: 6.2
- Description:
scsi: megaraid_sas: return error when create DMA pool failed
- CVE: https://access.redhat.com/security/cve/cve-2019-11810
- Patch: 2.6.32/CVE-2019-11810.patch
- From: kernel-2.6.32-754.22.1.el6
- CVE-2019-14835, CVSSv2 Score: 7.2
- Description:
host: make sure log_num < in_num
- CVE: https://access.redhat.com/security/cve/CVE-2019-14835
- Patch: 2.6.32/CVE-2019-14835-vhost-make-sure-log_num-in_num.patch
- From: >2.6.32-754.22.1.el6
- CVE-2018-12207, CVSSv2 Score: 6.5
- Description:
kvm: mmu: ITLB_MULTIHIT mitigation (adaptation)
- CVE: https://access.redhat.com/security/cve/cve-2018-12207
- Patch: 2.6.32/CVE-2018-12207-mitigation.patch
- From: kernel-2.6.32-754.23.1.el6
- CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [1/13]
- CVE: https://access.redhat.com/security/cve/cve-2019-0155
- Patch: 2.6.32/i915/1171-drm-drm-i915-gtt-Add-read-only-pages-to-gen8_pte_enc.patch
- From: 2.6.32-754.24.3.el6
- CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [2/13] (kcare adaptation)
- CVE: https://access.redhat.com/security/cve/cve-2019-0155
- Patch: 2.6.32/i915/1172-drm-erm-i915-gtt-Read-only-pages-for-insert_entries-.patch
- From: 2.6.32-754.24.3.el6
- CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [3/13]
- CVE: https://access.redhat.com/security/cve/cve-2019-0155
- Patch: 2.6.32/i915/1173-drm-drm-i915-gtt-Disable-read-only-support-under-GVT.patch
- From: 2.6.32-754.24.3.el6
- CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [4/13]
- CVE: https://access.redhat.com/security/cve/cve-2019-0155
- Patch: 2.6.32/i915/1174-drm-drm-i915-Rename-gen7-cmdparser-tables.patch
- From: 2.6.32-754.24.3.el6
- CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [5/13]
- CVE: https://access.redhat.com/security/cve/cve-2019-0155
- Patch: 2.6.32/i915/1175-drm-drm-i915-Disable-Secure-Batches-for-gen6.patch
- From: 2.6.32-754.24.3.el6
- CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [6/13] (kcare adaptation)
- CVE: https://access.redhat.com/security/cve/cve-2019-0155
- Patch: 2.6.32/i915/1176-drm-drm-i915-Remove-Master-tables-from-cmdparser.patch
- From: 2.6.32-754.24.3.el6
- CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [7/13] (kcare adaptation)
- CVE: https://access.redhat.com/security/cve/cve-2019-0155
- Patch: 2.6.32/i915/1177-drm-drm-i915-Add-support-for-mandatory-cmdparsing.patch
- From: 2.6.32-754.24.3.el6
- CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [8/13]
- CVE: https://access.redhat.com/security/cve/cve-2019-0155
- Patch: 2.6.32/i915/1178-drm-drm-i915-Support-ro-ppgtt-mapped-cmdparser-shado.patch
- From: 2.6.32-754.24.3.el6
- CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [9/13]
- CVE: https://access.redhat.com/security/cve/cve-2019-0155
- Patch: 2.6.32/i915/1179-drm-drm-i915-Allow-parsing-of-unsized-batches.patch
- From: 2.6.32-754.24.3.el6
- CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [10/13] (kcare adaptation)
- CVE: https://access.redhat.com/security/cve/cve-2019-0155
- Patch: 2.6.32/i915/1180-drm-drm-i915-Add-gen9-BCS-cmdparsing.patch
- From: 2.6.32-754.24.3.el6
- CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [11/13] (kcare adaptation)
- CVE: https://access.redhat.com/security/cve/cve-2019-0155
- Patch: 2.6.32/i915/1181-drm-drm-i915-cmdparser-Add-support-for-backward-jump.patch
- From: 2.6.32-754.24.3.el6
- CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [12/13] (kcare adaptation)
- CVE: https://access.redhat.com/security/cve/cve-2019-0155
- Patch: 2.6.32/i915/1182-drm-drm-i915-cmdparser-Ignore-Length-operands-during.patch
- From: 2.6.32-754.24.3.el6
- CVE-2019-0154, CVSSv2 Score: 6.5
- Description:
fixed possible hw level crash if MMIO registers were read while the i915 GPU was in a low-power state [1/2] (kcare adaptation)
- CVE: https://access.redhat.com/security/cve/cve-2019-0154
- Patch: 2.6.32/i915/1183-drm-drm-i915-gen8-Add-RC6-CTX-corruption-WA.patch
- From: 2.6.32-754.24.3.el6
- CVE-2019-0154, CVSSv2 Score: 6.5
- Description:
fixed possible hw level crash if MMIO registers were read while the i915 GPU was in a low-power state [2/2]
- CVE: https://access.redhat.com/security/cve/cve-2019-0154
- Patch: 2.6.32/i915/1184-drm-drm-i915-Lower-RM-timeout-to-avoid-DSI-hard-hang.patch
- From: 2.6.32-754.24.3.el6
- CVE-2019-3900, CVSSv2 Score: 6.3
- Description:
introduce vhost_exceeds_weight() (adaptation for CVE-2019-3900 dependency)
- CVE: https://access.redhat.com/security/cve/cve-2019-3900
- Patch: 2.6.32/cve-2019-3900-vhost.patch
- From:
- CVE-2019-3900, CVSSv2 Score: 6.3
- Description:
fix possible infinite loop in drivers/vhost/net.c (adaptation)
- CVE: https://access.redhat.com/security/cve/cve-2019-3900
- Patch: 2.6.32/cve-2019-3900-net.patch
- From:
- CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [13/13]
- CVE: https://access.redhat.com/security/cve/cve-2019-0155
- Patch: 2.6.32/i915/1195-drm-drm-i915-cmdparser-Fix-jump-whitelist-clearing-le-754.23.1.patch
- From: 2.6.32-754.24.3.el6
- CVE-2019-14821, CVSSv2 Score: 7.0
- Description:
KVM: MMIO: Lock coalesced device when checking for available entry
- CVE: https://access.redhat.com/security/cve/cve-2019-14821
- Patch: 2.6.32/CVE-2019-14821-1.patch
- From: 2.6.32-754.25.1.el6
- CVE-2019-14821, CVSSv2 Score: 7.0
- Description:
KVM: coalesced_mmio: add bounds checking
- CVE: https://access.redhat.com/security/cve/cve-2019-14821
- Patch: 2.6.32/CVE-2019-14821-2.patch
- From: 2.6.32-754.25.1.el6
- CVE-2019-17055, CVSSv2 Score: 3.3
- Description:
mISDN: enforce CAP_NET_RAW for raw sockets
- CVE: https://linux.oracle.com/cve/CVE-2019-17055.html
- Patch: 2.6.32/CVE-2019-17055.patch
- From: 2.6.39-400.317.1.el6uek
- CVE-2019-17133, CVSSv2 Score: 8.8
- Description:
cfg80211: wext: avoid copying malformed SSIDs
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2019-17133
- Patch: 2.6.32/cve-2019-17133-cfg80211-wext-avoid-copying-malformed-SSID.patch
- From: kernel-2.6.32-754.28.1.el6
- CVE-2017-1000371, CVSSv2 Score: 7.8
- Description:
binfmt_elf: use ELF_ET_DYN_BASE only for PIE
- CVE: https://access.redhat.com/security/cve/CVE-2017-1000371
- Patch: rhel6/kernel-2.6.32-754.29.1.el6/CVE-2017-1000371-binfmt-elf-use-elf-et-dyn-base-only-for-pie.patch
- From: kernel-2.6.32-754.29.1.el6
- CVE-2019-17666, CVSSv2 Score: 6.3
- Description:
rtlwifi: Fix potential overflow on P2P code
- CVE: https://access.redhat.com/security/cve/CVE-2019-17666
- Patch: rhel6/kernel-2.6.32-754.29.1.el6/CVE-2019-17666-rtlwifi-Fix-potential-overflow-on-P2P-code.patch
- From: kernel-2.6.32-754.29.1.el6
- CVE-2020-10711, CVSSv2 Score: 5.9
- Description:
netlabel: cope with NULL catmap
- CVE: https://access.redhat.com/security/cve/cve-2020-10711
- Patch: 2.6.32/CVE-2020-10711.patch
- From: kernel-2.6.32-754.29.2.el6
- CVE-2017-12192, CVSSv2 Score: 5.5
- Description:
keys: prevent KEYCTL_READ on negative key
- CVE: https://access.redhat.com/security/cve/CVE-2017-12192
- Patch: 3.10.0/security-keys-prevent-KEYCTL_READ-on-negative-key.patch
- From: 3.10.0-693.17.1.el7
- CVE-2020-0543, CVSSv2 Score: 6.5
- Description:
x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation
- CVE: https://www.vusec.net/projects/crosstalk/
- Patch: srbds-enable.patch
- From: N/A
- CVE-2020-11565, CVSSv2 Score: 7.8
- Description:
mm: mempolicy: require at least one nodeid for MPOL_PREFERRED
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2020-11565
- Patch: 2.6.32/cve-2020-11565-mempolicy-require-at-least-one-nodeid.patch
- From: kernel-2.6.32-754.29.1.el6
- CVE-2020-10942, CVSSv2 Score: 5.3
- Description:
vhost: Check docket sk_family instead of call getname
- CVE: https://access.redhat.com/security/cve/cve-2020-10942
- Patch: 2.6.32/cve-2020-10942-vhost-check-docket-sk_family.patch
- From: kernel-2.6.32-754.29.1.el6
- CVE-2019-14897 CVE-2019-14896, CVSSv2 Score: 9.8
- Description:
more overflows in marvell wifi driver
- CVE: https://security-tracker.debian.org/tracker/CVE-2019-14896
- Patch: 2.6.32/cve-2019-14896-14897-fix-two-buffer-overflows-at-parsing-bss-desc.patch
- From: kernel-2.6.32-754.33.1
- CVE-2017-2647, CVSSv2 Score: 1.9
- Description:
kernel: Null pointer dereference in search_keyring
- CVE: https://access.redhat.com/security/cve/CVE-2017-2647
- Patch: 2.6.32/kernel-Null-pointer-dereference-in-search_keyring.patch
- From: vzkernel-2.6.32-042stab120.20
- CVE-2019-11487, CVSSv2 Score: 7.8
- Description:
prevent page refcount overflow
- CVE: https://access.redhat.com/security/cve/cve-2019-11487
- Patch: 2.6.32/cve-2019-11487.patch
- From: kernel-2.6.32-754.35.1.el6
- CVE-2014-4508, CVSSv2 Score:
- Description:
Out of scope as the patch is for x86_32 arch only, x86_64 is not affected
- CVE:
- Patch: skipped/CVE-2014-4508.patch
- From:
- CVE-2021-27365, CVSSv2 Score: 7.0
- Description:
sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output
- CVE: https://access.redhat.com/security/cve/cve-2021-27365
- Patch: 2.6.32/CVE-2021-27365-sysfs-Add-sysfs_emit-and-sysfs_emit_at-to-format-sys.patch
- From: 2.6.32-754.35.3.el6
- CVE-2021-27364 CVE-2021-27363, CVSSv2 Score: 6.3
- Description:
scsi: iscsi: Restrict sessions and handles to admin capabilities
- CVE: https://access.redhat.com/security/cve/cve-2021-27364
- Patch: 2.6.32/CVE-2021-27363-CVE-2021-27364-scsi-iscsi-Restrict-sessions-and-handles-to-admin-ca.patch
- From: 2.6.32-754.35.3.el6
- CVE-2021-27365, CVSSv2 Score: 7.0
- Description:
scsi: iscsi: Verify lengths on passthrough PDU
- CVE: https://access.redhat.com/security/cve/cve-2021-27365
- Patch: 2.6.32/CVE-2021-27365-scsi-iscsi-Verify-lengths-on-passthrough-PDUs.patch
- From: 2.6.32-754.35.3.el6
- CVE-2021-27365, CVSSv2 Score: 7.0
- Description:
scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE
- CVE: https://access.redhat.com/security/cve/cve-2021-27365
- Patch: 2.6.32/CVE-2021-27365-scsi-iscsi-Ensure-sysfs-attributes-are-limited-to-PA.patch
- From: 2.6.32-754.35.3.el6
- CVE-2020-29661, CVSSv2 Score: 7.8
- Description:
tty: Fix ->pgrp locking in tiocspgrp()
- CVE: https://access.redhat.com/security/cve/CVE-2020-29661
- Patch: 2.6.32/CVE-2020-29661-tty-Fix-pgrp-locking-in-tiocspgrp.patch
- From: 2.6.32-754.39.1
- CVE-2021-20265, CVSSv2 Score: 5.1
- Description:
af_unix: fix struct pid memory leak
- CVE: https://access.redhat.com/security/cve/cve-2021-20265
- Patch: 2.6.32/CVE-2021-20265-0001-af_unix-fix-struct-pid-memory-leak.patch
- From: 2.6.32-754.39.1.el6
- CVE-2021-22555, CVSSv2 Score: 7.8
- Description:
netfilter: x_tables: fix compat match/target pad out-of-bound write
- CVE: https://access.redhat.com/security/cve/CVE-2021-22555
- Patch: 2.6.32/CVE-2021-22555.patch
- From: v5.12
- CVE-2021-33909, CVSSv2 Score: 7.0
- Description:
seq_file: Disallow extremely large seq buffer allocations
- CVE: https://access.redhat.com/security/cve/cve-2021-33909
- Patch: 2.6.32/CVE-2021-33909-seq_file-Disallow-extremely-large-seq-buffer-allocations.patch
- From: 2.6.32-754.41.2.el6
- CVE-2020-12362, CVSSv2 Score:
- Description:
Mitigation is made with intel firmware update, el8 kernels also need 'i915.enable_guc' specified in cmdline to be affected
- CVE:
- Patch: skipped/CVE-2020-12362.patch
- From:
- CVE-2021-3347, CVSSv2 Score: 7.4
- Description:
futex: Handle faults correctly for PI futexes
- CVE: https://access.redhat.com/security/cve/cve-2021-3347
- Patch: 2.6.32/CVE-2021-3347-futex-Handle-faults-correctly-for-PI-futexes.patch
- From: >2.6.32-754.35.1
- CVE-2021-3347, CVSSv2 Score: 7.4
- Description:
futex: Provide and use pi_state_update_owner()
- CVE: https://access.redhat.com/security/cve/cve-2021-3347
- Patch: 2.6.32/CVE-2021-3347-futex-Provide-and-use-pi_state_update_owner.patch
- From: >2.6.32-754.35.1
- CVE-2021-3612, CVSSv2 Score: 7.8
- Description:
Input: joydev - use memdup_user() to duplicate memory from user-space
- CVE: https://access.redhat.com/security/cve/cve-2021-3612
- Patch: 2.6.32/CVE-2021-3612-1-Input-joydev-use-memdup_user-to-duplicate.patch
- From: 2.6.32-754.35.8.el6
- CVE-2021-3612, CVSSv2 Score: 7.8
- Description:
Input: joydev - fix possible ERR_PTR() dereferencing
- CVE: https://access.redhat.com/security/cve/cve-2021-3612
- Patch: 2.6.32/CVE-2021-3612-2-Input-joydev-fix-possible-ERR_PTR-derefer.patch
- From: 2.6.32-754.35.8.el6
- CVE-2021-3612, CVSSv2 Score: 7.8
- Description:
Input: joydev - prevent potential read overflow in ioctl
- CVE: https://access.redhat.com/security/cve/cve-2021-3612
- Patch: 2.6.32/CVE-2021-3612-3-Input-joydev-prevent-potential-read-overf.patch
- From: 2.6.32-754.35.8.el6
- CVE-2021-3612, CVSSv2 Score: 7.8
- Description:
Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl
- CVE: https://access.redhat.com/security/cve/cve-2021-3612
- Patch: 2.6.32/CVE-2021-3612-4-Input-joydev-prevent-use-of.patch
- From: 2.6.32-754.35.8.el6
- CVE-2021-28972, CVSSv2 Score: 6.7
- Description:
PCI: rpadlpar: Fix potential drc_name corruption in store functions
- CVE: https://access.redhat.com/security/cve/cve-2021-28972
- Patch: 2.6.32/CVE-2021-28972-PCI-rpadlpar-Fix-potential.patch
- From: 2.6.32-754.35.8.el6
- CVE-2021-3178, CVSSv2 Score: 5.7
- Description:
nfsd: make local functions static
- CVE: https://access.redhat.com/security/cve/cve-2021-3178
- Patch: 2.6.32/CVE-2021-3178-1-nfsd-make-local-functions-static.patch
- From: 2.6.32-754.35.8.el6
- CVE-2021-3178, CVSSv2 Score: 5.7
- Description:
nfsd: make local functions static
- CVE: https://access.redhat.com/security/cve/cve-2021-3178
- Patch: 2.6.32/CVE-2021-3178-1-nfsd-make-local-functions-static-kpatch.patch
- From: 2.6.32-754.35.8.el6
- CVE-2021-3178, CVSSv2 Score: 5.7
- Description:
nfsd: fix compose_entry_fh() failure exits
- CVE: https://access.redhat.com/security/cve/cve-2021-3178
- Patch: 2.6.32/CVE-2021-3178-2-nfsd-fix-compose_entry_fh-failure-exits.patch
- From: 2.6.32-754.35.8.el6
- CVE-2021-3178, CVSSv2 Score: 5.7
- Description:
nfsd4: readdirplus shouldn't return parent of export
- CVE: https://access.redhat.com/security/cve/cve-2021-3178
- Patch: 2.6.32/CVE-2021-3178-3-nfsd4-readdirplus-shouldn-t.patch
- From: 2.6.32-754.35.8.el6
- CVE-2021-38205, CVSSv2 Score: 3.3
- Description:
net: xilinx_emaclite: Do not print real IOMEM pointer
- CVE: https://access.redhat.com/security/cve/cve-2021-38205
- Patch: 2.6.32/CVE-2021-38205-net-xilinx_emaclite-Do-not.patch
- From: 2.6.32-754.35.8.el6
- CVE-2021-37159, CVSSv2 Score: 6.4
- Description:
hso: fix a use after free condition
- CVE: https://access.redhat.com/security/cve/cve-2021-37159
- Patch: 2.6.32/CVE-2021-37159-hso-fix-a-use-after-free-c.patch
- From: 2.6.32-754.35.8.el6
- CVE-2021-32399, CVSSv2 Score: 7.0
- Description:
bluetooth: eliminate the potential race condition
- CVE: https://access.redhat.com/security/cve/cve-2021-21299
- Patch: 2.6.32/CVE-2021-32399-bluetooth-eliminate-the-po.patch
- From: 2.6.32-754.35.8.el6
- CVE-2021-3573, CVSSv2 Score: 6.7
- Description:
Bluetooth: use correct lock to prevent UAF of hdev object
- CVE: https://access.redhat.com/security/cve/cve-2021-3573
- Patch: 2.6.32/CVE-2021-3573-Bluetooth-use-correct-lock-.patch
- From: 2.6.32-754.35.8.el6
- CVE-2021-38160, CVSSv2 Score: 7.8
- Description:
virtio_console: Assure used length from device is limited
- CVE: https://access.redhat.com/security/cve/cve-2021-38160
- Patch: 2.6.32/CVE-2021-38160-2-virtio_console-Assure-used.patch
- From: 2.6.32-754.35.8.el6
- CVE-2021-34693, CVSSv2 Score: 4.0
- Description:
can: bcm: fix infoleak in struct bcm_msg_head
- CVE: https://access.redhat.com/security/cve/cve-2021-34693
- Patch: 2.6.32/CVE-2021-34693-can-bcm-fix-infoleak-in-st.patch
- From: 2.6.32-754.35.8.el6
- CVE-2020-36385, CVSSv2 Score: 7.8
- Description:
RDMA/ucma: Put a lock around every call to the rdma_cm layer
- CVE: https://access.redhat.com/security/cve/CVE-2020-36385
- Patch: 2.6.32/CVE-2020-36385-1201-RDMA-ucma-Put-a-lock-around-every-call-to-the-rdma_cm_layer.patch
- From: 2.6.32-754.35.8.el6
- CVE-2020-36385, CVSSv2 Score: n/a
- Description:
RDMA/ucma: Put a lock around every call to the rdma_cm layer (adaptation)
- CVE: n/a
- Patch: 2.6.32/CVE-2020-36385-1201-RDMA-ucma-Put-a-lock-around-every-call-to-the-rdma_cm_layer-kpatch.patch
- From: 2.6.32-754.35.8.el6
- CVE-2020-36385, CVSSv2 Score: 7.8
- Description:
RDMA/cma: Add missing locking to rdma_accept()
- CVE: https://access.redhat.com/security/cve/CVE-2020-36385
- Patch: 2.6.32/CVE-2020-36385-1202-RDMA-ucma-Add-missing-locking-to-rdma_accept.patch
- From: 2.6.32-754.35.8.el6
- CVE-2020-36385, CVSSv2 Score: 7.8
- Description:
RDMA/ucma: Fix the locking of ctx->file
- CVE: https://access.redhat.com/security/cve/CVE-2020-36385
- Patch: 2.6.32/CVE-2020-36385-1203-RDMA-ucma-Fix-the-locking-of-ctx-file.patch
- From: 2.6.32-754.35.8.el6
- CVE-2020-36385, CVSSv2 Score: 7.8
- Description:
RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy
- CVE: https://access.redhat.com/security/cve/CVE-2020-36385
- Patch: 2.6.32/CVE-2020-36385-1205-RDMA-ucma-Rework-ucma_migrate_id-to-avoid-races-with.patch
- From: 2.6.32-754.35.8.el6
- CVE-2020-0466, CVSSv2 Score: 7.8
- Description:
epoll: Keep a reference on files added to the check list
- CVE: https://access.redhat.com/security/cve/CVE-2020-0466
- Patch: 2.6.32/CVE-2020-0466-epoll-Keep-a-reference-on-files-added-to-the-check.patch
- From: 2.6.32-754.35.1.el6
- CVE-2021-0920, CVSSv2 Score: 6.4
- Description:
af_unix: fix garbage collect vs MSG_PEEK
- CVE: https://security-tracker.debian.org/tracker/CVE-2021-0920
- Patch: 2.6.32/CVE-2021-0920-af_unix-fix-garbage-collect-vs-MSG_PEEK.patch
- From: 2.6.32-754.35.1.el6
- CVE-2021-0920, CVSSv2 Score: 6.4
- Description:
af_unix: fix garbage collect vs MSG_PEEK (adaptation)
- CVE: https://security-tracker.debian.org/tracker/CVE-2021-0920
- Patch: 3.10.0/CVE-2021-0920-kpatch.patch
- From: 4.1.12-124.59.1.2
- CVE-2021-4155, CVSSv2 Score: 5.5
- Description:
xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like
- CVE: https://access.redhat.com/security/cve/CVE-2021-4155
- Patch: 2.6.32/CVE-2021-4155-xfs-map-unwritten-blocks-in-XFS_IOC_ALLOC-FREESP-just-like.patch
- From: 2.6.32-754.35.8.el6
- CVE-2022-0492, CVSSv2 Score: 7.8
- Description:
cgroup-v1: Require capabilities to set release_agent
- CVE: https://security-tracker.debian.org/tracker/CVE-2022-0492
- Patch: 2.6.32/CVE-2022-0492-cgroup-v1-Require-capabilities-to-set-release_agent.patch
- From: 2.6.32-754.35.1.el6
- CVE-2022-0492, CVSSv2 Score: 7.8
- Description:
cgroup-v1: Require capabilities to set release_agent (adaptation)
- CVE: n/a
- Patch: 2.6.32/CVE-2022-0492-cgroup-v1-Require-capabilities-to-set-release_agent-kpatch.patch
- From: 2.6.32-754.35.1.el6
- CVE-2021-22543, CVSSv2 Score: 7.8
- Description:
KVM: do not allow mapping valid but non-reference-counted pages
- CVE: https://access.redhat.com/security/cve/cve-2021-22543
- Patch: 2.6.32/CVE-2021-22543-KVM-do-not-allow-mapping-valid-but-non-reference-co.patch
- From: 2.6.32-754.48.1.el6
- CVE-2021-26401, CVSSv2 Score:
- Description:
An introduction of required changes through KernelCare could cause unavoidable problems to applications which use unprivileged eBPF.
- CVE:
- Patch: skipped/CVE-2021-26401.patch
- From:
- CVE-2022-4378, CVSSv2 Score: 7.8
- Description:
proc: avoid integer type confusion in get_proc_long
- CVE: https://access.redhat.com/security/cve/CVE-2022-4378
- Patch: 2.6.32/CVE-2022-4378-0001-proc-avoid-integer-type-confusion-in-get_proc_long.patch
- From: 2.6.32-754.50.1.el6
- CVE-2022-4378, CVSSv2 Score: 7.8
- Description:
proc: proc_skip_spaces() shouldn't think it is working on C strings
- CVE: https://access.redhat.com/security/cve/CVE-2022-4378
- Patch: 2.6.32/CVE-2022-4378-0002-proc-proc_skip_spaces-shouldn-t-think-it-is-working-.patch
- From: 2.6.32-754.50.1.el6
- CVE-2023-3611, CVSSv2 Score: 7.8
- Description:
net/sched: sch_qfq: account for stab overhead in qfq_enqueue
- CVE: https://access.redhat.com/security/cve/CVE-2023-3611
- Patch: rhel6/kernel-2.6.32-754.53.1.el6/CVE-2023-3611.patch
- From: kernel-2.6.32-754.53.1.el6
- CVE-2023-3776, CVSSv2 Score: 7.0
- Description:
net/sched: cls_fw: Fix improper refcount update leads to use-after-free
- CVE: https://access.redhat.com/security/cve/CVE-2023-3776
- Patch: rhel6/kernel-2.6.32-754.53.1.el6/CVE-2023-3776.patch
- From: kernel-2.6.32-754.53.1.el6
- CVE-2023-4921, CVSSv2 Score: 7.8
- Description:
net: sched: sch_qfq: Fix UAF in qfq_dequeue()
- CVE: https://access.redhat.com/security/cve/CVE-2023-4921
- Patch: rhel6/kernel-2.6.32-754.53.1.el6/CVE-2023-4921.patch
- From: kernel-2.6.32-754.53.1.el6
- CVE-2023-31436, CVSSv2 Score: 7.0
- Description:
net: sched: sch_qfq: prevent slab-out-of-bounds in
- CVE: https://access.redhat.com/security/cve/CVE-2023-31436
- Patch: rhel6/kernel-2.6.32-754.53.1.el6/CVE-2023-31436.patch
- From: kernel-2.6.32-754.53.1.el6
- N/A, CVSSv2 Score:
- Description:
Restrict access to pagemap/kpageflags/kpagecount
- CVE: http://googleprojectzero.blogspot.ru/2015/03/exploiting-dram-rowhammer-bug-to-gain.html
- Patch: 2.6.32/proc-restrict-pagemap-access.patch
- From:
- N/A, CVSSv2 Score: N/A
- Description:
N/A
- CVE: N/A
- Patch: 2.6.32/kpatch-add-paravirt-asm-definitions.patch
- From: N/A
- N/A, CVSSv2 Score:
- Description:
vmx_vcpu_run wrapper
- CVE:
- Patch: 2.6.32/x86-kvm-vmx_vcpu_run-wrapper.patch
- From: