- kernel-uek-5.15.0-205.149.5.1.el8uek (oel8-uek7)
- 5.15.0-303.171.5.2.1.el8uek
- 2025-01-14 09:04:47
- 2025-01-16 07:54:36
- K20250114_02
- CVE-2024-41090, CVSSv2 Score: 7.1
- Description:
tap: add missing verification for short frame
- CVE: https://access.redhat.com/security/cve/CVE-2024-41090
- Patch: 5.15.0/CVE-2024-41090-tap-add-missing-verification-for-short-frame.patch
- From: 5.15.0-208.159.3.2
- CVE-2024-41091, CVSSv2 Score: 7.1
- Description:
tun: add missing verification for short frame
- CVE: https://access.redhat.com/security/cve/CVE-2024-41091
- Patch: 5.15.0/CVE-2024-41091-tun-add-missing-verification-for-short-frame.patch
- From: 5.15.0-208.159.3.2
- CVE-2024-41049, CVSSv2 Score: 7.8
- Description:
filelock: fix potential use-after-free in posix_lock_inode
- CVE: https://linux.oracle.com/cve/CVE-2024-41049.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-41049-filelock-fix-potential-use-after-free-in-posix-lock-inode.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-39495, CVSSv2 Score: 7.8
- Description:
greybus: Fix use-after-free bug in gb_interface_release due
- CVE: https://linux.oracle.com/cve/CVE-2024-39495.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-39495-greybus-fix-use-after-free-bug-in-gb-interface-release-due.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-40994, CVSSv2 Score: 7.8
- Description:
ptp: fix integer overflow in max_vclocks_store
- CVE: https://linux.oracle.com/cve/CVE-2024-40994.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-40994-ptp-fix-integer-overflow-in-max-vclocks-store.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-42093, CVSSv2 Score: 7.8
- Description:
net/dpaa2: Avoid explicit cpumask var allocation on stack
- CVE: https://linux.oracle.com/cve/CVE-2024-42093.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-42093-net-dpaa2-avoid-explicit-cpumask-var-allocation-on-stack.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-41087, CVSSv2 Score: 7.8
- Description:
ata: libata-core: Fix double free on error
- CVE: https://linux.oracle.com/cve/CVE-2024-41087.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-41087-ata-libata-core-fix-double-free-on-error.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-42224, CVSSv2 Score: 7.8
- Description:
net: dsa: mv88e6xxx: Correct check for empty list
- CVE: https://linux.oracle.com/cve/CVE-2024-42224.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-42224-net-dsa-mv88e6xxx-correct-check-for-empty-list.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-42161, CVSSv2 Score: 7.8
- Description:
bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD
- CVE: https://linux.oracle.com/cve/CVE-2024-42161.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-42161-bpf-avoid-uninitialized-value-in-bpf-core-read-bitfield.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-42154, CVSSv2 Score: 9.8
- Description:
tcp_metrics: validate source addr length
- CVE: https://linux.oracle.com/cve/CVE-2024-42154.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-42154-tcp-metrics-validate-source-addr-length.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-42154, CVSSv2 Score: 9.8
- Description:
tcp_metrics: validate source addr length
- CVE: https://linux.oracle.com/cve/CVE-2024-42154.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-42154-tcp-metrics-validate-source-addr-length-kpatch.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-41046, CVSSv2 Score: 7.8
- Description:
net: ethernet: lantiq_etop: fix double free in detach
- CVE: https://linux.oracle.com/cve/CVE-2024-41046.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-41046-net-ethernet-lantiq-etop-fix-double-free-in-detach.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2022-3567, CVSSv2 Score: 6.4
- Description:
ipv6: annotate some data-races around sk->sk_prot
- CVE: https://linux.oracle.com/cve/CVE-2022-3567.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2022-3567-ipv6-annotate-some-data-races-around-sk-sk_prot.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2022-3567, CVSSv2 Score: 6.4
- Description:
ipv6: Fix data races around sk->sk_prot.
- CVE: https://linux.oracle.com/cve/CVE-2022-3567.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2022-3567-ipv6-fix-data-races-around-sk-sk_prot.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2022-3566, CVSSv2 Score: 7.1
- Description:
tcp: Fix data races around icsk->icsk_af_ops.
- CVE: https://linux.oracle.com/cve/CVE-2022-3566.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2022-3566-tcp-fix-data-races-around-icsk-icsk_af_ops.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-36978, CVSSv2 Score: 7.8
- Description:
net: sched: sch_multiq: fix possible OOB write in multiq_tune()
- CVE: https://linux.oracle.com/cve/CVE-2024-36978.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-36978-net-sched-sch-multiq-fix-possible-oob-write-in.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-39487, CVSSv2 Score: 7.1
- Description:
bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()
- CVE: https://linux.oracle.com/cve/CVE-2024-39487.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-39487-bonding-fix-out-of-bounds-read-in.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-40902, CVSSv2 Score: 7.8
- Description:
jfs: xattr: fix buffer overflow for invalid xattr
- CVE: https://linux.oracle.com/cve/CVE-2024-40902.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-40902-jfs-xattr-fix-buffer-overflow-for-invalid-xattr.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-40956, CVSSv2 Score: 7.8
- Description:
dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list
- CVE: https://linux.oracle.com/cve/CVE-2024-40956.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-40956-dmaengine-idxd-fix-possible-use-after-free-in.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-40958, CVSSv2 Score: 7.8
- Description:
netns: Make get_net_ns() handle zero refcount net
- CVE: https://linux.oracle.com/cve/CVE-2024-40958.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-40958-netns-make-get-net-ns-handle-zero-refcount-net.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-41000, CVSSv2 Score: 7.8
- Description:
block/ioctl: prefer different overflow check
- CVE: https://linux.oracle.com/cve/CVE-2024-41000.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-41000-block-ioctl-prefer-different-overflow-check.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-41040, CVSSv2 Score: 7.0
- Description:
net/sched: Fix UAF when resolving a clash
- CVE: https://linux.oracle.com/cve/CVE-2024-41040.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-41040-net-sched-fix-uaf-when-resolving-a-clash.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-41092, CVSSv2 Score: 7.8
- Description:
drm/i915/gt: Fix potential UAF by revoke of fence registers
- CVE: https://linux.oracle.com/cve/CVE-2024-41092.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-41092-drm-i915-gt-fix-potential-uaf-by-revoke-of-fence-registers.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-42094, CVSSv2 Score: 7.8
- Description:
net/iucv: Avoid explicit cpumask var allocation on stack
- CVE: https://linux.oracle.com/cve/CVE-2024-42094.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-42094-net-iucv-avoid-explicit-cpumask-var-allocation-on-stack.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-42104, CVSSv2 Score: 7.8
- Description:
nilfs2: add missing check for inode numbers on directory
- CVE: https://linux.oracle.com/cve/CVE-2024-42104.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-42104-nilfs2-add-missing-check-for-inode-numbers-on-directory.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-42225, CVSSv2 Score: 7.5
- Description:
wifi: mt76: replace skb_put with skb_put_zero
- CVE: https://linux.oracle.com/cve/CVE-2024-42225.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-42225-wifi-mt76-replace-skb-put-with-skb-put-zero.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-40911, CVSSv2 Score: 5.5
- Description:
wifi: cfg80211: Lock wiphy in cfg80211_get_station
- CVE: https://linux.oracle.com/cve/CVE-2024-40911.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-40911-wifi-cfg80211-lock-wiphy-in-cfg80211-get-station.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-40947, CVSSv2 Score: 5.5
- Description:
ima: Avoid blocking in RCU read-side critical section
- CVE: https://linux.oracle.com/cve/CVE-2024-40947.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-40947-ima-Avoid-blocking-in-RCU-read-side-critical-section.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-40978, CVSSv2 Score: 5.5
- Description:
scsi: qedi: Fix crash while reading debugfs
- CVE: https://linux.oracle.com/cve/CVE-2024-40978.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-40978-scsi-qedi-fix-crash-while-reading-debugfs.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-40981, CVSSv2 Score: 5.5
- Description:
batman-adv: bypass empty buckets in batadv_purge_orig_ref()
- CVE: https://linux.oracle.com/cve/CVE-2024-40981.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-40981-batman-adv-bypass-empty-buckets-in-batadv-purge-orig-ref.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-41027, CVSSv2 Score:
- Description:
Vendor reverted due to missing fixes a591d35c4023 and a47a7af9b511
- CVE:
- Patch: skipped/CVE-2024-41027.patch
- From:
- CVE-2024-42070, CVSSv2 Score: 5.5
- Description:
netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data transfers
- CVE: https://linux.oracle.com/cve/CVE-2024-42070.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-42070-netfilter-nf_tables-fully-validate-NFT_DATA_VALUE-on-store-to-data-registers.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-42090, CVSSv2 Score: 5.5
- Description:
pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER
- CVE: https://linux.oracle.com/cve/CVE-2024-42090.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-42090-pinctrl-fix-deadlock-in-create_pinctrl-when-handling-EPROBE_DEFER.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-42105, CVSSv2 Score: 5.5
- Description:
nilfs2: fix inode number range checks
- CVE: https://linux.oracle.com/cve/CVE-2024-42105.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-42105-nilfs2-fix-inode-number-range-checks.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-42143, CVSSv2 Score: 5.5
- Description:
orangefs: fix out-of-bounds fsid access
- CVE: https://linux.oracle.com/cve/CVE-2024-42143.html
- Patch: oel9-uek7/5.15.0-210.163.7.el9uek/CVE-2024-42143-orangefs-fix-out-of-bounds-fsid-access.patch
- From: 5.15.0-210.163.7.el9uek
- CVE-2024-21823, CVSSv2 Score: 7.5
- Description:
VFIO: Add the SPR_DSA and SPR_IAX devices to the denylist
- CVE: https://linux.oracle.com/cve/CVE-2024-21823.html
- Patch: oel9-uek7/5.15.0-300.163.18.el9uek/CVE-2024-21823-vfio-add-the-spr-dsa-and-spr-iax-devices-to-the-denylist.patch
- From: 5.15.0-300.163.18.el9uek
- CVE-2024-42159, CVSSv2 Score: 7.8
- Description:
scsi: mpi3mr: Sanitise num_phys
- CVE: https://linux.oracle.com/cve/CVE-2024-42159.html
- Patch: oel9-uek7/5.15.0-300.163.18.el9uek/CVE-2024-42159-scsi-mpi3mr-sanitise-num-phys.patch
- From: 5.15.0-300.163.18.el9uek
- N/A, CVSSv2 Score: N/A
- Description:
vhost/scsi: null-ptr-dereference in vhost_scsi_get_req()
- CVE: https://linux.oracle.com/errata/ELSA-2024-12713.html
- Patch: oel9-uek7/5.15.0-300.163.18.1.el9uek/vhost-scsi-null-ptr-dereference-in-vhost_scsi_get_req-uek7.patch
- From: 5.15.0-300.163.18.1
- CVE-2024-35801, CVSSv2 Score: 7.8
- Description:
x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD
- CVE: https://linux.oracle.com/cve/CVE-2024-35801.html
- Patch: oel9-uek7/5.15.0-301.163.5.2.el9uek/CVE-2024-35801-x86-fpu-keep-xfd-state-in-sync-with-msr-ia32-xfd.patch
- From: 5.15.0-301.163.5.2.el8uek
- CVE-2024-35959, CVSSv2 Score: 5.5
- Description:
net/mlx5e: Fix mlx5e_priv_init() cleanup flow
- CVE: https://linux.oracle.com/cve/CVE-2024-35959.html
- Patch: oel9-uek7/5.15.0-301.163.5.2.el9uek/CVE-2024-35959-net-mlx5e-fix-mlx5e-priv-init-cleanup-flow.patch
- From: 5.15.0-301.163.5.2.el8uek
- CVE-2024-42269, CVSSv2 Score: 5.5
- Description:
netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init().
- CVE: https://linux.oracle.com/cve/CVE-2024-42269.html
- Patch: oel9-uek7/5.15.0-301.163.5.2.el9uek/CVE-2024-42269-netfilter-iptables-fix-potential-null-ptr-deref-in-ip6table-nat-table-init.patch
- From: 5.15.0-301.163.5.2.el8uek
- CVE-2024-42270, CVSSv2 Score: 5.5
- Description:
netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init().
- CVE: https://linux.oracle.com/cve/CVE-2024-42270.html
- Patch: oel9-uek7/5.15.0-301.163.5.2.el9uek/CVE-2024-42270-netfilter-iptables-fix-null-ptr-deref-in-iptable-nat-table-init.patch
- From: 5.15.0-301.163.5.2.el8uek
- CVE-2024-47674, CVSSv2 Score: 5.5
- Description:
mm: avoid leaving partial pfn mappings around in error case
- CVE: https://linux.oracle.com/cve/CVE-2024-47674.html
- Patch: oel9-uek7/5.15.0-301.163.5.2.el9uek/CVE-2024-47674-mm-avoid-leaving-partial-pfn-mappings-around-in-error-case.patch
- From: 5.15.0-301.163.5.2.el8uek
- CVE-2024-26681, CVSSv2 Score: 5.5
- Description:
netdevsim: avoid potential loop in nsim_dev_trap_report_work()
- CVE: https://linux.oracle.com/cve/CVE-2024-26681.html
- Patch: oel9-uek7/5.15.0-301.163.5.2.el9uek/CVE-2024-26681-netdevsim-avoid-potential-loop-in-nsim-dev-trap-report-work.patch
- From: 5.15.0-301.163.5.2.el8uek
- CVE-2024-40940, CVSSv2 Score: 5.5
- Description:
net/mlx5: Fix tainted pointer delete is case of flow rules creation fail
- CVE: https://linux.oracle.com/cve/CVE-2024-40940.html
- Patch: oel9-uek7/5.15.0-301.163.5.2.el9uek/CVE-2024-40940-net-mlx5-fix-tainted-pointer-delete-is-case-of-flow-rules-creation-fail.patch
- From: 5.15.0-301.163.5.2.el8uek
- CVE-2024-26734, CVSSv2 Score:
- Description:
Affects only boot __init stage, already booted kernels are not affected
- CVE:
- Patch: skipped/CVE-2024-26734.patch
- From:
- CVE-2024-27397, CVSSv2 Score: 7.0
- Description:
netfilter: nf_tables: use timestamp to check for set element timeout
- CVE: https://linux.oracle.com/cve/CVE-2024-27397.html
- Patch: oel9-uek7/5.15.0-301.163.5.2.el9uek/CVE-2024-27397-netfilter-nf_tables-use-timestamp-to-check-for-set-element-timeout.patch
- From: 5.15.0-301.163.5.2.el8uek
- CVE-2024-27397, CVSSv2 Score: 7.0
- Description:
netfilter: nf_tables: use timestamp to check for set element timeout
- CVE: https://linux.oracle.com/cve/CVE-2024-27397.html
- Patch: oel9-uek7/5.15.0-301.163.5.2.el9uek/CVE-2024-27397-netfilter-nf_tables-use-timestamp-to-check-for-set-element-timeout-kpatch.patch
- From: 5.15.0-301.163.5.2.el9uek
- CVE-2024-45026, CVSSv2 Score:
- Description:
Architecture is not supported
- CVE:
- Patch: skipped/CVE-2024-45026.patch
- From:
- CVE-2024-46814, CVSSv2 Score: 5.5
- Description:
drm/amd/display: Check msg_id before processing transcation
- CVE: https://linux.oracle.com/cve/CVE-2024-46814.html
- Patch: oel9-uek7/5.15.0-302.167.6.el9uek/CVE-2024-46814-drm-amd-display-Check-msg_id-before-processing-transcation.patch
- From: 5.15.0-302.167.6.el9uek
- CVE-2024-41011, CVSSv2 Score: 4.1
- Description:
drm/amdkfd: don't allow mapping the MMIO HDP page with large pages
- CVE: https://linux.oracle.com/cve/CVE-2024-41011.html
- Patch: oel9-uek7/5.15.0-302.167.6.el9uek/CVE-2024-41011-drm-amdkfd-don-t-allow-mapping-the-mmio-hdp-page-with-large-pages.patch
- From: 5.15.0-302.167.6.el9uek
- CVE-2024-42284, CVSSv2 Score: 7.3
- Description:
tipc: Return non-zero value from tipc_udp_addr2str() on error
- CVE: https://linux.oracle.com/cve/CVE-2024-42284.html
- Patch: oel9-uek7/5.15.0-302.167.6.el9uek/CVE-2024-42284-tipc-return-non-zero-value-from-tipc-udp-addr2str-on-error.patch
- From: 5.15.0-302.167.6.el9uek
- CVE-2024-42302, CVSSv2 Score:
- Description:
Patched function waits for external events, which may prevent patching/unpatching.
- CVE:
- Patch: skipped/CVE-2024-42302.patch
- From:
- CVE-2024-46844, CVSSv2 Score: 5.5
- Description:
um: line: always fill *error_out in setup_one_line()
- CVE: https://linux.oracle.com/cve/CVE-2024-46844.html
- Patch: oel9-uek7/5.15.0-302.167.6.el9uek/CVE-2024-46844-um-line-always-fill-error-out-in-setup-one-line.patch
- From: 5.15.0-302.167.6.el9uek
- CVE-2024-46674, CVSSv2 Score: 7.8
- Description:
usb: dwc3: st: fix probed platform device ref count on probe error path
- CVE: https://linux.oracle.com/cve/CVE-2024-46674.html
- Patch: oel9-uek7/5.15.0-302.167.6.el9uek/CVE-2024-46674-usb-dwc3-st-fix-probed-platform-device-ref-count-on-probe-error-path.patch
- From: 5.15.0-302.167.6.el9uek
- CVE-2024-46725, CVSSv2 Score: 5.5
- Description:
drm/amdgpu: Fix out-of-bounds write warning
- CVE: https://linux.oracle.com/cve/CVE-2024-46725.html
- Patch: oel9-uek7/5.15.0-302.167.6.el9uek/CVE-2024-46725-drm-amdgpu-Fix-out-of-bounds-write-warning.patch
- From: 5.15.0-302.167.6.el9uek
- CVE-2024-41070, CVSSv2 Score:
- Description:
CVE patch is for powerpc arch only
- CVE:
- Patch: skipped/CVE-2024-41070.patch
- From:
- CVE-2024-42301, CVSSv2 Score: 5.5
- Description:
dev/parport: fix the array out-of-bounds risk
- CVE: https://linux.oracle.com/cve/CVE-2024-42301.html
- Patch: oel9-uek7/5.15.0-302.167.6.el9uek/CVE-2024-42301-dev-parport-fix-the-array-out-of-bounds-risk.patch
- From: 5.15.0-302.167.6.el9uek
- CVE-2024-49966, CVSSv2 Score: 7.8
- Description:
ocfs2: cancel dqi_sync_work before freeing oinfo
- CVE: https://linux.oracle.com/cve/CVE-2024-49966.html
- Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-49966-ocfs2-cancel-dqi-sync-work-before-freeing-oinfo.patch
- From: 5.15.0-303.171.5.2.el9uek
- CVE-2024-49930, CVSSv2 Score: 7.8
- Description:
wifi: ath11k: fix array out-of-bound access in SoC stats
- CVE: https://linux.oracle.com/cve/CVE-2024-49930.html
- Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-49930-wifi-ath11k-fix-array-out-of-bound-access-in-soc-stats.patch
- From: 5.15.0-303.171.5.2.el9uek
- CVE-2024-49995, CVSSv2 Score: 7.8
- Description:
tipc: guard against string buffer overrun
- CVE: https://linux.oracle.com/cve/CVE-2024-49995.html
- Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-49995-tipc-guard-against-string-buffer-overrun.patch
- From: 5.15.0-303.171.5.2.el9uek
- CVE-2024-49924, CVSSv2 Score: 7.8
- Description:
fbdev: pxafb: Fix possible use after free in pxafb_task()
- CVE: https://linux.oracle.com/cve/CVE-2024-49924.html
- Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-49924-fbdev-pxafb-fix-possible-use-after-free-in-pxafb-task.patch
- From: 5.15.0-303.171.5.2.el9uek
- CVE-2024-49983, CVSSv2 Score: 7.8
- Description:
ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free
- CVE: https://linux.oracle.com/cve/CVE-2024-49983.html
- Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-49983-ext4-drop-ppath-from-ext4-ext-replay-update-ex-to-avoid-double-free.patch
- From: 5.15.0-303.171.5.2.el9uek
- CVE-2024-50151, CVSSv2 Score: 7.8
- Description:
smb: client: fix OOBs when building SMB2_IOCTL request
- CVE: https://linux.oracle.com/cve/CVE-2024-50151.html
- Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-50151-smb-client-fix-oobs-when-building-smb2-ioctl-request.patch
- From: 5.15.0-303.171.5.2.el9uek
- CVE-2024-53059, CVSSv2 Score: 7.8
- Description:
wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd()
- CVE: https://linux.oracle.com/cve/CVE-2024-53059.html
- Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-53059-wifi-iwlwifi-mvm-fix-response-handling-in-iwl-mvm-send-recovery-cmd.patch
- From: 5.15.0-303.171.5.2.el9uek
- CVE-2024-50257, CVSSv2 Score: 7.8
- Description:
netfilter: Fix use-after-free in get_info()
- CVE: https://linux.oracle.com/cve/CVE-2024-50257.html
- Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-50257-netfilter-fix-use-after-free-in-get-info.patch
- From: 5.15.0-303.171.5.2.el9uek
- CVE-2024-50230, CVSSv2 Score: 7.8
- Description:
nilfs2: fix kernel bug due to missing clearing of checked flag
- CVE: https://linux.oracle.com/cve/CVE-2024-50230.html
- Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-50230-nilfs2-fix-kernel-bug-due-to-missing-clearing-of-checked-flag.patch
- From: 5.15.0-303.171.5.2.el9uek
- CVE-2024-38384, CVSSv2 Score:
- Description:
Issue was backported and fixed in the same 5.15.0-303.168.3.el9uek, previous kernels are not affected
- CVE:
- Patch: skipped/CVE-2024-38384.patch
- From:
- CVE-2024-39463, CVSSv2 Score: 7.8
- Description:
9p: add missing locking around taking dentry fid list
- CVE: https://linux.oracle.com/cve/CVE-2024-39463.html
- Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-39463-9p-add-missing-locking-around-taking-dentry-fid-list.patch
- From: 5.15.0-303.171.5.2.el9uek
- CVE-2024-46852, CVSSv2 Score: 7.8
- Description:
dma-buf: heaps: Fix off-by-one in CMA heap fault handler
- CVE: https://linux.oracle.com/cve/CVE-2024-46852.html
- Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-46852-dma-buf-heaps-Fix-off-by-one-in-CMA-heap-fault-handler.patch
- From: 5.15.0-303.171.5.2.el9uek
- CVE-2024-47685, CVSSv2 Score: 9.1
- Description:
netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put()
- CVE: https://linux.oracle.com/cve/CVE-2024-47685.html
- Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-47685-netfilter-nf_reject_ipv6-fix-nf_reject_ip6_tcphdr_put.patch
- From: 5.15.0-303.171.5.2.el9uek
- CVE-2024-47698, CVSSv2 Score: 7.8
- Description:
drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error
- CVE: https://linux.oracle.com/cve/CVE-2024-47698.html
- Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-47698-drivers-media-dvb-frontends-rtl2832-fix-an-out-of-bounds-write-error.patch
- From: 5.15.0-303.171.5.2.el9uek
- CVE-2024-49982, CVSSv2 Score: 7.8
- Description:
aoe: fix the potential use-after-free problem in more places
- CVE: https://linux.oracle.com/cve/CVE-2024-49982.html
- Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-49982-aoe-fix-the-potential-use-after-free-problem-in-more-places.patch
- From: 5.15.0-303.171.5.2.el9uek
- CVE-2024-50007, CVSSv2 Score: 7.8
- Description:
ALSA: asihpi: Fix potential OOB array access
- CVE: https://linux.oracle.com/cve/CVE-2024-50007.html
- Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-50007-ALSA-asihpi-Fix-potential-OOB-array-access.patch
- From: 5.15.0-303.171.5.2.el9uek
- CVE-2024-50143, CVSSv2 Score: 7.8
- Description:
udf: fix uninit-value use in udf_get_fileshortad
- CVE: https://linux.oracle.com/cve/CVE-2024-50143.html
- Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-50143-udf-fix-uninit-value-use-in-udf_get_fileshortad.patch
- From: 5.15.0-303.171.5.2.el9uek
- CVE-2024-50262, CVSSv2 Score: 7.8
- Description:
bpf: Fix out-of-bounds write in trie_get_next_key()
- CVE: https://linux.oracle.com/cve/CVE-2024-50262.html
- Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-50262-bpf-Fix-out-of-bounds-write-in-trie_get_next_key.patch
- From: 5.15.0-303.171.5.2.el9uek
- CVE-2024-53057, CVSSv2 Score: 7.8
- Description:
net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT
- CVE: https://linux.oracle.com/cve/CVE-2024-53057.html
- Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-53057-net-sched-stop-qdisc_tree_reduce_backlog-on-TC_H_ROOT.patch
- From: 5.15.0-303.171.5.2.el9uek
- N/A, CVSSv2 Score: N/A
- Description:
kpatch add alt asm definitions
- CVE: https://www.kernel.org
- Patch: 5.15.0/kpatch-add-alt-asm-definitions.patch
- From: N/A
- N/A, CVSSv2 Score: N/A
- Description:
kpatch add paravirt asm definitions
- CVE: N/A
- Patch: 5.15.0/kpatch-add-paravirt-asm-definitions.patch
- From: N/A