- kernel-4.18.0-513.11.1.el8_9 (rhel8)
- 4.18.0-513.18.1.el8_9
- 2024-03-19 22:01:08
- 2024-03-25 08:08:22
- K20240319_13
- CVE-2023-4623, CVSSv2 Score: 7.8
- Description:
net/sched: sch_hfsc: Ensure inner classes have fsc curve
- CVE: https://access.redhat.com/security/cve/CVE-2023-4623
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-4623-net-sched-sch-hfsc-Ensure-inner-classes-have-fsc-curve.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-4623, CVSSv2 Score: 7.8
- Description:
net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve
- CVE: https://access.redhat.com/security/cve/CVE-2023-4623
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-4623-net-sched-sch_hfsc-upgrade-rt-to-sc-when-it-becomes-.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-45871, CVSSv2 Score: 9.8
- Description:
igb: set max size RX buffer when store bad packet is enabled
- CVE: https://access.redhat.com/security/cve/CVE-2023-45871
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-45871-igb-set-max-size-rx-buffer-when-store-bad-packet-is-enabled.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-45871, CVSSv2 Score: 9.8
- Description:
igb: set max size RX buffer when store bad packet is enabled
- CVE: https://access.redhat.com/security/cve/CVE-2023-45871
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-45871-igb-set-max-size-rx-buffer-when-store-bad-packet-is-enabled-kpatch.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-4921, CVSSv2 Score: 7.8
- Description:
net: sched: sch_qfq: Fix UAF in qfq_dequeue()
- CVE: https://access.redhat.com/security/cve/CVE-2023-4921
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-4921-net-sched-sch-qfq-Fix-UAF-in-qfq-dequeue.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-4921, CVSSv2 Score: 7.8
- Description:
net: sched: sch_qfq: Fix UAF in qfq_dequeue() (adaptation)
- CVE: https://access.redhat.com/security/cve/CVE-2023-4921
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-4921-net-sched-sch-qfq-Fix-UAF-in-qfq_dequeue-kpatch.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2022-3545, CVSSv2 Score: 7.8
- Description:
nfp: fix use-after-free in area_cache_get()
- CVE: https://access.redhat.com/security/cve/CVE-2022-3545
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2022-3545-nfp-fix-use-after-free-in-area-cache-get.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-2166, CVSSv2 Score: 5.5
- Description:
can: af_can: fix NULL pointer dereference in can_rcv_filter
- CVE: https://access.redhat.com/security/cve/CVE-2023-2166
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-2166-7998-can-af_can-fix-NULL-pointer-dereference-in-can_rcv_f.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2022-41858, CVSSv2 Score: 7.1
- Description:
drivers: net: slip: fix NPD bug in sl_tx_timeout()
- CVE: https://access.redhat.com/security/cve/CVE-2022-41858
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2022-41858-7989-drivers-net-slip-fix-NPD-bug-in-sl_tx_timeout.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-1838, CVSSv2 Score: 7.1
- Description:
Fix double fget() in vhost_net_set_backend()
- CVE: https://access.redhat.com/security/cve/CVE-2023-1838
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-1838-7974-Fix-double-fget-in-vhost_net_set_backend.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-1073, CVSSv2 Score: 6.6
- Description:
HID: check empty report_list in hid_validate_values()
- CVE: https://access.redhat.com/security/cve/CVE-2023-1073
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-1073-8006-HID-check-empty-report_list-in-hid_validate_values.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-6606, CVSSv2 Score: 7.1
- Description:
smb: client: fix OOB in smbCalcSize()
- CVE: https://access.redhat.com/security/cve/CVE-2023-6606
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-6606-8022-smb-client-fix-OOB-in-smbCalcSize.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-6610, CVSSv2 Score: 7.1
- Description:
smb: client: fix potential OOB in cifs_dump_detail()
- CVE: https://access.redhat.com/security/cve/CVE-2023-6610
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-6610-8023-smb-client-fix-potential-OOB-in-cifs_dump_detail.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-6610, CVSSv2 Score: 7.1
- Description:
smb: client: fix potential OOB in smb2_dump_detail()
- CVE: https://access.redhat.com/security/cve/CVE-2023-6610
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-6610-8024-smb-client-fix-potential-OOB-in-smb2_dump_detail.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-46813, CVSSv2 Score: 7.0
- Description:
x86/sev-es: Fix SEV-ES OUT/IN immediate opcode vc handling
- CVE: https://access.redhat.com/security/cve/CVE-2023-46813
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-46813-7993-x86-sev-es-Fix-SEV-ES-OUT-IN-immediate-opcode-vc-han.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-46813, CVSSv2 Score: 7.0
- Description:
x86/sev: Disable MMIO emulation from user mode
- CVE: https://access.redhat.com/security/cve/CVE-2023-46813
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-46813-7994-x86-sev-Disable-MMIO-emulation-from-user-mode.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-46813, CVSSv2 Score: 7.0
- Description:
x86/sev: Check IOBM for IOIO exceptions from user-space
- CVE: https://access.redhat.com/security/cve/CVE-2023-46813
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-46813-7995-x86-sev-Check-IOBM-for-IOIO-exceptions-from-user-spa.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-46813, CVSSv2 Score: 7.0
- Description:
x86/sev: Check for user-space IOIO pointing to kernel space
- CVE: https://access.redhat.com/security/cve/CVE-2023-46813
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-46813-7996-x86-sev-Check-for-user-space-IOIO-pointing-to-kernel.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-6535, CVSSv2 Score: 7.5
- Description:
Fix a kernel panic when host sends an invalid H2C PDU length
- CVE: https://access.redhat.com/security/cve/CVE-2023-6535
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-6535-8030-nvmet-tcp-Fix-a-kernel-panic-when-host-sends-an-inva.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-6536, CVSSv2 Score: 7.5
- Description:
nvmet-tcp: fix a crash in nvmet_req_complete()
- CVE: https://access.redhat.com/security/cve/CVE-2023-6536
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-6536-8031-nvmet-tcp-fix-a-crash-in-nvmet_req_complete.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-6356, CVSSv2 Score: 7.5
- Description:
nvmet-tcp: remove boilerplate code
- CVE: https://access.redhat.com/security/cve/CVE-2023-6356
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-6356-CVE-2023-6535-CVE-2023-6536-8032-nvmet-tcp-remove-boilerplate-code.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-6535, CVSSv2 Score: 7.5
- Description:
nvmet-tcp: Fix the H2C expected PDU len calculation
- CVE: https://access.redhat.com/security/cve/CVE-2023-6535
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-6535-8033-nvmet-tcp-Fix-the-H2C-expected-PDU-len-calculation.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-5717, CVSSv2 Score: 7.8
- Description:
perf: Disallow mis-matched inherited group reads
- CVE: https://access.redhat.com/security/cve/CVE-2023-5717
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-5717-7991-perf-Disallow-mis-matched-inherited-group-reads.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-5717, CVSSv2 Score: 7.8
- Description:
perf: Disallow mis-matched inherited group reads (adaptation)
- CVE: https://access.redhat.com/security/cve/CVE-2023-5717
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-5717-perf-disallow-mis-matched-inherited-group-reads-kpatch.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-5717, CVSSv2 Score: 7.8
- Description:
perf/core: Fix potential NULL deref
- CVE: https://access.redhat.com/security/cve/CVE-2023-5717
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-5717-7992-perf-core-Fix-potential-NULL-deref.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-6817, CVSSv2 Score: 7.8
- Description:
netfilter: nft_set_pipapo: skip inactive elements during set walk
- CVE: https://access.redhat.com/security/cve/CVE-2023-6817
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-6817-8019-netfilter-nft_set_pipapo-skip-inactive-elements-duri.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-40283, CVSSv2 Score: 7.8
- Description:
Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
- CVE: https://access.redhat.com/security/cve/CVE-2023-40283
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-40283-7990-Bluetooth-L2CAP-Fix-use-after-free-in-l2cap_sock_rea.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2024-0646, CVSSv2 Score: 7.8
- Description:
net: tls, update curr on splice as well
- CVE: https://access.redhat.com/security/cve/CVE-2024-0646
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2024-0646-8028-net-tls-update-curr-on-splice-as-well.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-2176, CVSSv2 Score: 7.8
- Description:
RDMA/core: Refactor rdma_bind_addr
- CVE: https://access.redhat.com/security/cve/CVE-2023-2176
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-2176-RDMA-core-Refactor-rdma-bind-addr.patch
- From: 4.18.0-513.18.1.el8_9
- CVE-2023-2176, CVSSv2 Score: 7.8
- Description:
RDMA/core: Update CMA destination address on rdma_resolve_addr
- CVE: https://access.redhat.com/security/cve/CVE-2023-2176
- Patch: rhel8/4.18.0-513.18.1.el8_9/CVE-2023-2176-RDMA-core-Update-CMA-destination-address-on-rdma-res.patch
- From: 4.18.0-513.18.1.el8_9
- N/A, CVSSv2 Score: N/A
- Description:
x86 xen add xenpv restore regs and return to usermode
- CVE: N/A
- Patch: 4.18.0/x86-xen-Add-xenpv_restore_regs_and_return_to_usermode-el8-372.patch
- From: N/A
- N/A, CVSSv2 Score: N/A
- Description:
kpatch add alt asm definitions
- CVE: N/A
- Patch: 4.18.0/kpatch-add-alt-asm-definitions-el8-372.patch
- From: N/A
- N/A, CVSSv2 Score: N/A
- Description:
kpatch add paravirt asm definitions
- CVE: N/A
- Patch: 4.18.0/0003-kpatch-add-paravirt-asm-definitions.patch
- From: N/A