- kernel-3.10.0-1160.105.1.el7 (centos7)
- 3.10.0-1160.118.1.el7
- 2024-05-09 07:40:05
- 2024-05-16 07:36:36
- K20240509_05
- CVE-2023-42753, CVSSv2 Score: 7.0
- Description:
revert of: netfilter: ipset: actually allow allowable CIDR 0 in hash:net, port, net
- CVE: https://access.redhat.com/security/cve/CVE-2023-42753
- Patch: rhel7/3.10.0-1160.108.1.el7/CVE-2023-42753-REVERT-net-netfilter-ipset-actually-allow-allowable-CIDR-0-.patch
- From: 3.10.0-1160.108.1.el7
- CVE-2022-42896, CVSSv2 Score: 8.1
- Description:
Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
- CVE: https://access.redhat.com/security/cve/CVE-2022-42896
- Patch: rhel7/3.10.0-1160.114.2.el7/CVE-2022-42896-Bluetooth-L2CAP-Fix-accepting-connection-request-for-invalid-SPSM.patch
- From: 3.10.0-1160.114.2.el7
- CVE-2022-42896, CVSSv2 Score: 8.1
- Description:
Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm
- CVE: https://access.redhat.com/security/cve/CVE-2022-42896
- Patch: rhel7/3.10.0-1160.114.2.el7/CVE-2022-42896-Bluetooth-L2CAP-Fix-l2cap_global_chan_by_psm.patch
- From: 3.10.0-1160.114.2.el7
- CVE-2023-4921, CVSSv2 Score: 7.8
- Description:
net: sched: sch_qfq: Fix UAF in qfq_dequeue()
- CVE: https://access.redhat.com/security/cve/CVE-2023-4921
- Patch: rhel7/3.10.0-1160.114.2.el7/CVE-2023-4921-net-sched-sch-qfq-fix-uaf-in-qfq-dequeue.patch
- From: 3.10.0-1160.114.2.el7
- CVE-2023-4921, CVSSv2 Score: 7.8
- Description:
net: sched: sch_qfq: Fix UAF in qfq_dequeue() (adaptation)
- CVE: https://access.redhat.com/security/cve/CVE-2023-4921
- Patch: rhel7/3.10.0-1160.114.2.el7/CVE-2023-4921-net-sched-sch-qfq-fix-uaf-in-qfq-dequeue-kpatch.patch
- From: 3.10.0-1160.114.2.el7
- CVE-2023-38409, CVSSv2 Score:
- Description:
fbcon driver was updated and patched in the same kernel 3.10.0-1160.111.1.el7. Older versions don't contain vulnerabilities b07db3958485 and d443d9386472
- CVE:
- Patch: skipped/CVE-2023-38409.patch
- From:
- CVE-2023-45871, CVSSv2 Score: 7.5
- Description:
igb: set max size RX buffer when store bad packet is enabled
- CVE: https://access.redhat.com/security/cve/CVE-2023-45871
- Patch: rhel7/3.10.0-1160.114.2.el7/CVE-2023-45871-igb-set-max-size-rx-buffer-when-store-bad-packet-is-enabled.patch
- From: 3.10.0-1160.114.2.el7
- CVE-2023-45871, CVSSv2 Score: 7.5
- Description:
igb: set max size RX buffer when store bad packet is enabled (adaptation)
- CVE: https://access.redhat.com/security/cve/CVE-2023-45871
- Patch: rhel7/3.10.0-1160.114.2.el7/CVE-2023-45871-igb-set-max-size-rx-buffer-when-store-bad-packet-is-enabled-kpatch.patch
- From: 3.10.0-1160.114.2.el7
- CVE-2024-1086, CVSSv2 Score: 7.0
- Description:
netfilter: nf_tables: reject QUEUE/DROP verdict parameters
- CVE: https://access.redhat.com/security/cve/CVE-2024-1086
- Patch: rhel7/3.10.0-1160.114.2.el7/CVE-2024-1086-netfilter-nf-tables-reject-queue-drop-verdict-parameters.patch
- From: 3.10.0-1160.114.2.el7
- CVE-2024-26602, CVSSv2 Score: 5.5
- Description:
sched/membarrier: reduce the ability to hammer on sys_membarrier
- CVE: https://access.redhat.com/security/cve/CVE-2024-26602
- Patch: rhel7/3.10.0-1160.114.2.el7/CVE-2024-26602-sched-membarrier-reduce-the-ability-to-hammer-on-sys_membarrier.patch
- From: 3.10.0-1160.114.2.el7
- CVE-2023-4622, CVSSv2 Score: 7.8
- Description:
[PATCH 1681/1699] af_unix: Fix null-ptr-deref in
- CVE: https://access.redhat.com/security/cve/CVE-2023-4622
- Patch: rhel7/3.10.0-1160.118.1.el7/CVE-2023-4622-patch-1681-1699-af-unix-fix-null-ptr-deref-in.patch
- From: 3.10.0-1160.118.1.el7
- CVE-2023-4623, CVSSv2 Score: 7.8
- Description:
[PATCH 1658/1699] net/sched: sch_hfsc: Ensure inner classes have fsc
- CVE: https://access.redhat.com/security/cve/CVE-2023-4623
- Patch: rhel7/3.10.0-1160.118.1.el7/CVE-2023-4623-patch-1658-1699-net-sched-sch-hfsc-ensure-inner-classes-have-fsc.patch
- From: 3.10.0-1160.118.1.el7
- CVE-2023-4623, CVSSv2 Score: 7.8
- Description:
[PATCH 1659/1699] net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it
- CVE: https://access.redhat.com/security/cve/CVE-2023-4623
- Patch: rhel7/3.10.0-1160.118.1.el7/CVE-2023-4623-patch-1659-1699-net-sched-sch-hfsc-upgrade-rt-to-sc-when-it.patch
- From: 3.10.0-1160.118.1.el7
- CVE-2023-2002, CVSSv2 Score: 6.8
- Description:
[PATCH 1686/1699] bluetooth: Perform careful capability checks in
- CVE: https://access.redhat.com/security/cve/CVE-2023-2002
- Patch: rhel7/3.10.0-1160.118.1.el7/CVE-2023-2002-patch-1686-1699-bluetooth-perform-careful-capability-checks-in.patch
- From: 3.10.0-1160.118.1.el7
- CVE-2023-2002, CVSSv2 Score: 6.8
- Description:
[PATCH 1689/1699] bluetooth: Add cmd validity checks at the start of
- CVE: https://access.redhat.com/security/cve/CVE-2023-2002
- Patch: rhel7/3.10.0-1160.118.1.el7/CVE-2023-2002-patch-1689-1699-bluetooth-add-cmd-validity-checks-at-the-start-of.patch
- From: 3.10.0-1160.118.1.el7
- CVE-2020-36558, CVSSv2 Score: 5.1
- Description:
[PATCH 1696/1699] vt: vt_ioctl: fix race in VT_RESIZEX
- CVE: https://access.redhat.com/security/cve/CVE-2020-36558
- Patch: rhel7/3.10.0-1160.118.1.el7/CVE-2020-36558-patch-1696-1699-vt-vt-ioctl-fix-race-in-vt-resizex.patch
- From: 3.10.0-1160.118.1.el7
- N/A, CVSSv2 Score: N/A
- Description:
Restrict access to pagemap/kpageflags/kpagecount
- CVE: http://googleprojectzero.blogspot.ru/2015/03/exploiting-dram-rowhammer-bug-to-gain.html
- Patch: 3.10.0/proc-restrict-pagemap-access-1062.patch
- From: N/A