- kernel-uek-5.15.0-303.171.5.2.2.el9uek (oel9-uek7)
- 5.15.0-306.177.4.el9uek
- 2025-04-01 16:01:17
- 2025-04-02 11:44:58
- K20250401_05
- CVE-2024-53227, CVSSv2 Score:
- Description:
Patch affects __init
- CVE:
- Patch: skipped/CVE-2024-53227.patch
- From:
- CVE-2024-49950, CVSSv2 Score:
- Description:
Complex adaptation required. Low impact CVE.
- CVE:
- Patch: skipped/CVE-2024-49950.patch
- From:
- CVE-2024-53104, CVSSv2 Score: 7.8
- Description:
media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format
- CVE: https://linux.oracle.com/cve/CVE-2024-53104.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-53104-media-uvcvideo-skip-parsing-frames-of-type-uvc-vs-undefined-in-uvc-parse-format.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-53142, CVSSv2 Score:
- Description:
Patch affects initramfs
- CVE:
- Patch: skipped/CVE-2024-53142.patch
- From:
- CVE-2024-53165, CVSSv2 Score:
- Description:
Out of scope: SuperH architecture isn't supported for current kernel
- CVE:
- Patch: skipped/CVE-2024-53165.patch
- From:
- CVE-2024-56581, CVSSv2 Score: 7.8
- Description:
btrfs: ref-verify: fix use-after-free after invalid ref action
- CVE: https://linux.oracle.com/cve/CVE-2024-56581.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56581-btrfs-ref-verify-fix-use-after-free-after-invalid-ref-action.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-56606, CVSSv2 Score: 7.8
- Description:
af_packet: avoid erroring out after sock_init_data() in packet_create()
- CVE: https://linux.oracle.com/cve/CVE-2024-56606.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56606-af-packet-avoid-erroring-out-after-sock-init-data-in-packet-create.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-56614, CVSSv2 Score: 7.8
- Description:
xsk: fix OOB map writes when deleting elements
- CVE: https://linux.oracle.com/cve/CVE-2024-56614.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56614-xsk-fix-oob-map-writes-when-deleting-elements.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-56615, CVSSv2 Score: 7.8
- Description:
bpf: fix OOB devmap writes when deleting elements
- CVE: https://linux.oracle.com/cve/CVE-2024-56615.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56615-bpf-fix-oob-devmap-writes-when-deleting-elements.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-42138, CVSSv2 Score: 7.8
- Description:
mlxsw: core_linecards: Fix double memory deallocation in case of invalid INI file
- CVE: https://linux.oracle.com/cve/CVE-2024-42138.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-42138-mlxsw-core-linecards-fix-double-memory-deallocation-in-case-of-invalid-ini-file.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-50264, CVSSv2 Score: 7.8
- Description:
vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans
- CVE: https://linux.oracle.com/cve/CVE-2024-50264.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-50264-vsock-virtio-initialization-of-the-dangling-pointer-occurring-in-vsk-trans.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-53156, CVSSv2 Score: 7.8
- Description:
wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service()
- CVE: https://linux.oracle.com/cve/CVE-2024-53156.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-53156-wifi-ath9k-add-range-check-for-conn-rsp-epid-in-htc-connect-service.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-44949, CVSSv2 Score:
- Description:
Architecture PARISC is not supported
- CVE:
- Patch: skipped/CVE-2024-44949.patch
- From:
- CVE-2024-56642, CVSSv2 Score: 7.8
- Description:
tipc: Fix use-after-free of kernel socket in cleanup_bearer().
- CVE: https://linux.oracle.com/cve/CVE-2024-56642.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56642-tipc-fix-use-after-free-of-kernel-socket-in-cleanup-bearer.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-56661, CVSSv2 Score: 5.5
- Description:
tipc: fix NULL deref in cleanup_bearer()
- CVE: https://linux.oracle.com/cve/CVE-2024-56661.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56661-tipc-fix-null-deref-in-cleanup-bearer.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-53061, CVSSv2 Score: 7.8
- Description:
media: s5p-jpeg: prevent buffer overflows
- CVE: https://linux.oracle.com/cve/CVE-2024-53061.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-53061-media-s5p-jpeg-prevent-buffer-overflows.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-50121, CVSSv2 Score: 7.8
- Description:
nfsd: cancel nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net
- CVE: https://linux.oracle.com/cve/CVE-2024-50121.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-50121-nfsd-cancel-nfsd-shrinker-work-using-sync-mode-in-nfs4-state-shutdown-net.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-50267, CVSSv2 Score: 7.8
- Description:
USB: serial: io_edgeport: fix use after free in debug printk
- CVE: https://linux.oracle.com/cve/CVE-2024-50267.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-50267-usb-serial-io-edgeport-fix-use-after-free-in-debug-printk.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-53150, CVSSv2 Score: 7.1
- Description:
ALSA: usb-audio: Fix out of bounds reads when finding clock sources
- CVE: https://linux.oracle.com/cve/CVE-2024-53150.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-53150-alsa-usb-audio-fix-out-of-bounds-reads-when-finding-clock-sources.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-50275, CVSSv2 Score:
- Description:
Irrelevant for x64 kernels
- CVE:
- Patch: skipped/CVE-2024-50275.patch
- From:
- CVE-2024-50036, CVSSv2 Score: 7.0
- Description:
net: do not delay dst_entries_add() in dst_release()
- CVE: https://linux.oracle.com/cve/CVE-2024-50036.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-50036-net-do-not-delay-dst-entries-add-in-dst-release.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-53239, CVSSv2 Score: 7.8
- Description:
ALSA: 6fire: Release resources at card release
- CVE: https://linux.oracle.com/cve/CVE-2024-53239.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-53239-ALSA-6fire-Release-resources-at-card-release.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-53239, CVSSv2 Score: 7.8
- Description:
ALSA: 6fire: Release resources at card release
- CVE: https://linux.oracle.com/cve/CVE-2024-53239.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-53239-ALSA-6fire-Release-resources-at-card-release-kpatch.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-56650, CVSSv2 Score: 7.1
- Description:
netfilter: x_tables: fix LED ID check in led_tg_check()
- CVE: https://linux.oracle.com/cve/CVE-2024-56650.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56650-netfilter-x-tables-fix-led-id-check-in-led-tg-check.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-56627, CVSSv2 Score: 7.1
- Description:
ksmbd: fix Out-of-Bounds Read in ksmbd_vfs_stream_read
- CVE: https://linux.oracle.com/cve/CVE-2024-56627.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56627-ksmbd-fix-out-of-bounds-read-in-ksmbd-vfs-stream-read.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-56662, CVSSv2 Score: 7.1
- Description:
acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl
- CVE: https://linux.oracle.com/cve/CVE-2024-56662.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56662-acpi-nfit-vmalloc-out-of-bounds-read-in-acpi-nfit-ctl.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-53155, CVSSv2 Score: 7.1
- Description:
ocfs2: fix uninitialized value in ocfs2_file_read_iter()
- CVE: https://linux.oracle.com/cve/CVE-2024-53155.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-53155-ocfs2-fix-uninitialized-value-in-ocfs2-file-read-iter.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-53099, CVSSv2 Score: 7.1
- Description:
bpf: Check validity of link->type in bpf_link_show_fdinfo()
- CVE: https://linux.oracle.com/cve/CVE-2024-53099.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-53099-bpf-check-validity-of-link-type-in-bpf-link-show-fdinfo.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-50268, CVSSv2 Score: 7.1
- Description:
usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd()
- CVE: https://linux.oracle.com/cve/CVE-2024-50268.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-50268-usb-typec-fix-potential-out-of-bounds-in-ucsi-ccg-update-set-new-cam-cmd.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-50279, CVSSv2 Score: 7.1
- Description:
dm cache: fix out-of-bounds access to the dirty bitset when resizing
- CVE: https://linux.oracle.com/cve/CVE-2024-50279.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-50279-dm-cache-fix-out-of-bounds-access-to-the-dirty-bitset-when-resizing.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-50278, CVSSv2 Score: 7.1
- Description:
dm cache: optimize dirty bit checking with find_next_bit when resizing
- CVE: https://linux.oracle.com/cve/CVE-2024-50278.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-50278-dm-cache-optimize-dirty-bit-checking-with-find_next_bit-when-resizing.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-50278, CVSSv2 Score: 7.1
- Description:
dm cache: fix potential out-of-bounds access on the first resume
- CVE: https://linux.oracle.com/cve/CVE-2024-50278.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-50278-dm-cache-fix-potential-out-of-bounds-access-on-the-first-resume.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-38538, CVSSv2 Score: 7.1
- Description:
net: bridge: xmit: make sure we have at least eth header len bytes
- CVE: https://linux.oracle.com/cve/CVE-2024-38538.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-38538-net-bridge-xmit-make-sure-we-have-at-least-eth-header-len-bytes.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-50283, CVSSv2 Score: 7.8
- Description:
ksmbd: fix slab-use-after-free in smb3_preauth_hash_rsp
- CVE: https://linux.oracle.com/cve/CVE-2024-50283.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-50283-ksmbd-fix-slab-use-after-free-in-smb3-preauth-hash-rsp.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-53141, CVSSv2 Score: 7.8
- Description:
netfilter: ipset: add missing range check in bitmap_ip_uadt
- CVE: https://linux.oracle.com/cve/CVE-2024-53141.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-53141-netfilter-ipset-add-missing-range-check-in-bitmap-ip-uadt.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-53171, CVSSv2 Score: 7.8
- Description:
ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit
- CVE: https://linux.oracle.com/cve/CVE-2024-53171.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-53171-ubifs-authentication-fix-use-after-free-in-ubifs-tnc-end-commit.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-56704, CVSSv2 Score: 7.8
- Description:
9p/xen: fix release of IRQ
- CVE: https://linux.oracle.com/cve/CVE-2024-56704.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56704-9p-xen-fix-release-of-irq.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-56602, CVSSv2 Score: 7.8
- Description:
net: ieee802154: do not leave a dangling sk pointer in ieee802154_create()
- CVE: https://linux.oracle.com/cve/CVE-2024-56602.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56602-net-ieee802154-do-not-leave-a-dangling-sk-pointer-in-ieee802154-create.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-56596, CVSSv2 Score: 7.8
- Description:
jfs: fix array-index-out-of-bounds in jfs_readdir
- CVE: https://linux.oracle.com/cve/CVE-2024-56596.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56596-jfs-fix-array-index-out-of-bounds-in-jfs-readdir.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-47730, CVSSv2 Score: 7.8
- Description:
crypto: hisilicon/qm - inject error before stopping queue
- CVE: https://linux.oracle.com/cve/CVE-2024-47730.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-47730-crypto-hisilicon-qm-inject-error-before-stopping-queue.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-39494, CVSSv2 Score: 7.8
- Description:
ima: Fix use-after-free on a dentry's dname.name
- CVE: https://linux.oracle.com/cve/CVE-2024-39494.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-39494-ima-fix-use-after-free-on-a-dentry-s-dname-name.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-56626, CVSSv2 Score: 7.8
- Description:
ksmbd: fix Out-of-Bounds Write in ksmbd_vfs_stream_write
- CVE: https://linux.oracle.com/cve/CVE-2024-56626.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56626-ksmbd-fix-out-of-bounds-write-in-ksmbd-vfs-stream-write.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-56759, CVSSv2 Score: 7.8
- Description:
btrfs: rename and export __btrfs_cow_block()
- CVE: https://linux.oracle.com/cve/CVE-2024-56759.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56759-btrfs-rename-and-export-__btrfs_cow_block.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-56759, CVSSv2 Score: 7.8
- Description:
btrfs: fix use-after-free when COWing tree bock and tracing is enabled
- CVE: https://linux.oracle.com/cve/CVE-2024-56759.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56759-btrfs-fix-use-after-free-when-cowing-tree-bock-and-tracing-is-enabled.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-53240, CVSSv2 Score: 6.8
- Description:
xen/netfront: fix crash when removing device
- CVE: https://linux.oracle.com/cve/CVE-2024-53240.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-53240-xen-netfront-fix-crash-when-removing-device.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-50302, CVSSv2 Score: 6.1
- Description:
HID: core: zero-initialize the report buffer
- CVE: https://linux.oracle.com/cve/CVE-2024-50302.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-50302-hid-core-zero-initialize-the-report-buffer.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-40939, CVSSv2 Score: 5.5
- Description:
net: wwan: iosm: Fix tainted pointer delete is case of region creation fail
- CVE: https://linux.oracle.com/cve/CVE-2024-40939.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-40939-net-wwan-iosm-fix-tainted-pointer-delete-is-case-of-region-creation-fail.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-46841, CVSSv2 Score: 5.5
- Description:
btrfs: don't BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc()
- CVE: https://linux.oracle.com/cve/CVE-2024-46841.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-46841-btrfs-don-t-bug-on-on-enomem-from-btrfs-lookup-extent-info-in-walk-down-proc.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-56597, CVSSv2 Score: 5.5
- Description:
jfs: fix shift-out-of-bounds in dbSplit
- CVE: https://linux.oracle.com/cve/CVE-2024-56597.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56597-jfs-fix-shift-out-of-bounds-in-dbsplit.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-53181, CVSSv2 Score:
- Description:
Out of scope: User-mode Linux isn't supported for current kernel
- CVE:
- Patch: skipped/CVE-2024-53181.patch
- From:
- CVE-2024-56532, CVSSv2 Score: 5.5
- Description:
ALSA: us122l: Use snd_card_free_when_closed() at disconnection
- CVE: https://linux.oracle.com/cve/CVE-2024-56532.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56532-alsa-us122l-use-snd-card-free-when-closed-at-disconnection.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-53112, CVSSv2 Score: 5.5
- Description:
ocfs2: uncache inode which has failed entering the group
- CVE: https://linux.oracle.com/cve/CVE-2024-53112.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-53112-ocfs2-uncache-inode-which-has-failed-entering-the-group.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-53173, CVSSv2 Score: 7.8
- Description:
NFSv4.0: Fix a use-after-free problem in the asynchronous open()
- CVE: https://linux.oracle.com/cve/CVE-2024-53173.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-53173-nfsv4-0-fix-a-use-after-free-problem-in-the-asynchronous-open.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-56640, CVSSv2 Score: 7.8
- Description:
net/smc: fix LGR and link use-after-free issue
- CVE: https://linux.oracle.com/cve/CVE-2024-56640.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56640-net-smc-fix-lgr-and-link-use-after-free-issue-304.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-56605, CVSSv2 Score: 7.8
- Description:
Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()
- CVE: https://linux.oracle.com/cve/CVE-2024-56605.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56605-bluetooth-l2cap-do-not-leave-dangling-sk-pointer-on-error-in-l2cap-sock-create.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-56605, CVSSv2 Score: 7.8
- Description:
Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()
- CVE: https://linux.oracle.com/cve/CVE-2024-56605.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56605-bluetooth-l2cap-do-not-leave-dangling-sk-pointer-on-error-in-l2cap-sock-create-continuation.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-56601, CVSSv2 Score: 7.8
- Description:
net: inet: do not leave a dangling sk pointer in inet_create()
- CVE: https://linux.oracle.com/cve/CVE-2024-56601.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56601-net-inet-do-not-leave-a-dangling-sk-pointer-in-inet-create.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-56600, CVSSv2 Score: 7.8
- Description:
net: inet6: do not leave a dangling sk pointer in inet6_create()
- CVE: https://linux.oracle.com/cve/CVE-2024-56600.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56600-net-inet6-do-not-leave-a-dangling-sk-pointer-in-inet6-create.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-56595, CVSSv2 Score: 7.8
- Description:
jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree
- CVE: https://linux.oracle.com/cve/CVE-2024-56595.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56595-jfs-add-a-check-to-prevent-array-index-out-of-bounds-in-dbadjtree.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-44940, CVSSv2 Score: 7.8
- Description:
fou: remove warn in gue_gro_receive on unsupported protocol
- CVE: https://linux.oracle.com/cve/CVE-2024-44940.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-44940-fou-remove-warn-in-gue-gro-receive-on-unsupported-protocol.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-40906, CVSSv2 Score: 7.8
- Description:
net/mlx5: Always stop health timer during driver removal
- CVE: https://linux.oracle.com/cve/CVE-2024-40906.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-40906-net-mlx5-always-stop-health-timer-during-driver-removal.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-49996, CVSSv2 Score: 7.8
- Description:
cifs: Fix buffer overflow when parsing NFS reparse points
- CVE: https://linux.oracle.com/cve/CVE-2024-49996.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-49996-cifs-fix-buffer-overflow-when-parsing-nfs-reparse-points.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-50055, CVSSv2 Score: 7.8
- Description:
driver core: bus: Fix double free in driver API bus_register()
- CVE: https://linux.oracle.com/cve/CVE-2024-50055.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-50055-driver-core-bus-fix-double-free-in-driver-api-bus-register.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-50269, CVSSv2 Score: 7.8
- Description:
usb: musb: sunxi: Fix accessing an released usb phy
- CVE: https://linux.oracle.com/cve/CVE-2024-50269.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-50269-usb-musb-sunxi-fix-accessing-an-released-usb-phy.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-50282, CVSSv2 Score:
- Description:
Kernel is not affected
- CVE:
- Patch: skipped/CVE-2024-50282.patch
- From:
- CVE-2024-53096, CVSSv2 Score: 7.8
- Description:
mm: resolve faulty mmap_region() error path behaviour
- CVE: https://linux.oracle.com/cve/CVE-2024-53096.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-53096-mm-resolve-faulty-mmap-region-error-path-behaviour.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-53103, CVSSv2 Score: 7.8
- Description:
hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer
- CVE: https://linux.oracle.com/cve/CVE-2024-53103.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-53103-hv-sock-initializing-vsk-trans-to-null-to-prevent-a-dangling-pointer.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-53237, CVSSv2 Score: 7.8
- Description:
Bluetooth: fix use-after-free in device_for_each_child()
- CVE: https://linux.oracle.com/cve/CVE-2024-53237.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-53237-bluetooth-fix-use-after-free-in-device-for-each-child.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-53237, CVSSv2 Score: 7.8
- Description:
driver core: Introduce device_find_any_child() helper
- CVE: https://linux.oracle.com/cve/CVE-2024-53237.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-53237-driver-core-introduce-device_find_any_child-helper.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-56598, CVSSv2 Score: 7.8
- Description:
jfs: array-index-out-of-bounds fix in dtReadFirst
- CVE: https://linux.oracle.com/cve/CVE-2024-56598.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56598-jfs-array-index-out-of-bounds-fix-in-dtreadfirst.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-56603, CVSSv2 Score: 7.8
- Description:
net: af_can: do not leave a dangling sk pointer in can_create()
- CVE: https://linux.oracle.com/cve/CVE-2024-56603.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56603-net-af-can-do-not-leave-a-dangling-sk-pointer-in-can-create.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-56708, CVSSv2 Score: 7.8
- Description:
EDAC/igen6: Avoid segmentation fault on module unload
- CVE: https://linux.oracle.com/cve/CVE-2024-56708.html
- Patch: oel9-uek7/5.15.0-305.176.4.el9uek/CVE-2024-56708-edac-igen6-avoid-segmentation-fault-on-module-unload.patch
- From: 5.15.0-305.176.4.el9uek
- CVE-2024-53135, CVSSv2 Score: 6.5
- Description:
KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN
- CVE: https://linux.oracle.com/cve/CVE-2024-53135.html
- Patch: 2024/CVE-2024-53135/CVE-2024-53135-kvm-vmx-bury-intel-pt-virtualization-guest-host-mode-behind-config-broken.patch
- From: 5.4.17-2136.340.4.1.el8uek
- CVE-2024-53135, CVSSv2 Score: 6.5
- Description:
KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN
- CVE: https://linux.oracle.com/cve/CVE-2024-53135.html
- Patch: 2024/CVE-2024-53135/CVE-2024-53135-kvm-vmx-bury-intel-pt-virtualization-guest-host-mode-behind-config-broken-kpatch-uek7.patch
- From: 5.15.0-305.176.4.el9uek
- N/A, CVSSv2 Score: N/A
- Description:
kpatch add alt asm definitions
- CVE: https://www.kernel.org
- Patch: 5.15.0/kpatch-add-alt-asm-definitions.patch
- From: N/A
- N/A, CVSSv2 Score: N/A
- Description:
kpatch add paravirt asm definitions
- CVE: N/A
- Patch: 5.15.0/kpatch-add-paravirt-asm-definitions.patch
- From: N/A