- linux-3.16.81-1 (debian8)
- 3.16.84-1
- 2021-07-24 12:05:19
- 2021-07-26 07:06:47
- K20210724_03
- CVE-2018-12207, CVSSv2 Score: 6.5
- Description:
kvm: mmu: ITLB_MULTIHIT mitigation (adaptation)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-12207
- Patch: 3.16.0/cve-2018-12207-01-x86-kvm-Do-not-release-the-page-inside-mmu_set_spte.patch
- From: 3.16.56-1+deb8u1
- Description:
- CVE:
- Patch: 3.16.0/cve-2018-12207-02-cleanup.patch
- From:
- CVE-2018-12207, CVSSv2 Score: 6.5
- Description:
x86: kvm: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON (CVE-2018-12207 prerequirement)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-12207
- Patch: 3.16.0/cve-2018-12207-03-x86-kvm-change-kvm_mmu_page_get_gfn-BUG_ON-to-WARN_ON.patch
- From: 4.9.189-3+deb9u2
- Description:
- CVE:
- Patch: 3.16.0/cve-2018-12207-04-kvm-vmx-svm-always-run-with-EFER.NXE-1-when-shadow-paging-is-active.patch
- From:
- Description:
- CVE:
- Patch: 3.16.0/cve-2018-12207-05-kvm-Convert-kvm_lock-to-a-mutex.patch
- From:
- Description:
- CVE:
- Patch: 3.16.0/cve-2018-12207-06-mitigation.patch
- From:
- CVE-2019-19447, CVSSv2 Score: 7.8
- Description:
ext4: work around deleting a file with i_nlink == 0 safely
- CVE: https://security-tracker.debian.org/tracker/CVE-2019-19447
- Patch: 3.16.0/CVE-2019-19447-ext4-work-around-deleting-a-file-with-i_nlink0-safely.patch
- From: 3.16.84-1
- CVE-2019-5108, CVSSv2 Score: 6.5
- Description:
cfg80211/mac80211: make ieee80211_send_layer2_update a public function
- CVE: https://security-tracker.debian.org/tracker/CVE-2019-5108
- Patch: 3.16.0/CVE-2019-5108-cfg80211-mac80211-make-ieee80211_send_layer2_update-a-public-function.patch
- From: 3.16.84-1
- CVE-2019-5108, CVSSv2 Score: 6.5
- Description:
mac80211: Do not send Layer 2 Update frame before authorization
- CVE: https://security-tracker.debian.org/tracker/CVE-2019-5108
- Patch: 3.16.0/CVE-2019-5108-mac80211-Do-not-send-Layer-2-Update-frame-before-authorization.patch
- From: 3.16.84-1
- CVE-2015-8839, CVSSv2 Score: 5.1
- Description:
ext4: only call ext4_truncate when size <= isize (CVE-2015-8839 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2015-8839
- Patch: 3.16.0/CVE-2015-8839-ext4-only-call-ext4_truncate-when-size.patch
- From: 3.16.84-1
- CVE-2015-8839, CVSSv2 Score: 5.1
- Description:
ext4: fix races between page faults and hole punching
- CVE: https://security-tracker.debian.org/tracker/CVE-2015-8839
- Patch: 3.16.0/CVE-2015-8839-ext4-fix-races-between-page-faults-and-hole-punching.patch
- From: 3.16.84-1
- CVE-2015-8839, CVSSv2 Score: 5.1
- Description:
ext4: fix races between page faults and hole punching (adaptation)
- CVE: https://security-tracker.debian.org/tracker/CVE-2015-8839
- Patch: 3.16.0/CVE-2015-8839-ext4-fix-races-between-page-faults-and-hole-punching-kpatch.patch
- From: 3.16.84-1
- CVE-2015-8839, CVSSv2 Score: 5.1
- Description:
ext4: wait for existing dio workers in ext4_alloc_file_blocks() (CVE-2015-8839 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2015-8839
- Patch: 3.16.0/CVE-2015-8839-ext4-wait-for-existing-dio-workers-in-ext4_alloc_file_blocks.patch
- From: 3.16.84-1
- CVE-2015-8839, CVSSv2 Score: 5.1
- Description:
ext4: move unlocked dio protection from ext4_alloc_file_blocks()
- CVE: https://security-tracker.debian.org/tracker/CVE-2015-8839
- Patch: 3.16.0/CVE-2015-8839-ext4-move-unlocked-dio-protection-from-ext4_alloc_file_blocks.patch
- From: 3.16.84-1
- CVE-2015-8839, CVSSv2 Score: 5.1
- Description:
ext4: fix races between buffered IO and collapse / insert range
- CVE: https://security-tracker.debian.org/tracker/CVE-2015-8839
- Patch: 3.16.0/CVE-2015-8839-ext4-fix-races-between-buffered-IO-and-collapse_insert-range.patch
- From: 3.16.84-1
- CVE-2015-8839, CVSSv2 Score: 5.1
- Description:
ext4: fix races of writeback with punch hole and zero range
- CVE: https://security-tracker.debian.org/tracker/CVE-2015-8839
- Patch: 3.16.0/CVE-2015-8839-ext4-fix-races-of-writeback-with-punch-hole-and-zero-range.patch
- From: 3.16.84-1
- CVE-2018-14613, CVSSv2 Score: 5.5
- Description:
Btrfs: fix wrong max inline data size limit (CVE-2018-14613 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14613
- Patch: 3.16.0/CVE-2018-14613-Btrfs-fix-wrong-max-inline-data-size-limit.patch
- From: 3.16.84-1
- CVE-2018-14613, CVSSv2 Score: 5.5
- Description:
btrfs: new define for the inline extent data start (CVE-2018-14613 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14613
- Patch: 3.16.0/CVE-2018-14613-btrfs-new-define-for-the-inline-extent-data-start.patch
- From: 3.16.84-1
- CVE-2018-14611, CVSSv2 Score: 5.5
- Description:
btrfs: cleanup, rename a few variables in btrfs_read_sys_array (CVE-2018-14611 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14611
- Patch: 3.16.0/CVE-2018-14611-btrfs-cleanup-rename-a-few-variables-in-btrfs_read_sys_array.patch
- From: 3.16.84-1
- CVE-2018-14611, CVSSv2 Score: 5.5
- Description:
btrfs: add more checks to btrfs_read_sys_array (CVE-2018-14611 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14611
- Patch: 3.16.0/CVE-2018-14611-btrfs-add-more-checks-to-btrfs_read_sys_array.patch
- From: 3.16.84-1
- CVE-2018-14611, CVSSv2 Score: 5.5
- Description:
btrfs: handle invalid num_stripes in sys_array (CVE-2018-14611 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14611
- Patch: 3.16.0/CVE-2018-14611-btrfs-handle-invalid-num_stripes-in-sys_array.patch
- From: 3.16.84-1
- CVE-2018-14611, CVSSv2 Score: 5.5
- Description:
btrfs: Enhance chunk validation check (CVE-2018-14611 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14611
- Patch: 3.16.0/CVE-2018-14611-btrfs-Enhance-chunk-validation-check.patch
- From: 3.16.84-1
- CVE-2018-14611, CVSSv2 Score: 5.5
- Description:
Btrfs: add validadtion checks for chunk loading (CVE-2018-14611 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14611
- Patch: 3.16.0/CVE-2018-14611-Btrfs-add-validadtion-checks-for-chunk-loading.patch
- From: 3.16.84-1
- CVE-2018-14610, CVSSv2 Score: 5.5
- Description:
Btrfs: check inconsistence between chunk and block group (CVE-2018-14610 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14610
- Patch: 3.16.0/CVE-2018-14610-Btrfs-check-inconsistence-between-chunk-and-block-group.patch
- From: 3.16.84-1
- CVE-2018-14610, CVSSv2 Score: 5.5
- Description:
Btrfs: fix em leak in find_first_block_group (CVE-2018-14610 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14610
- Patch: 3.16.0/CVE-2018-14610-Btrfs-fix-em-leak-in-find_first_block_group.patch
- From: 3.16.84-1
- CVE-2018-14613, CVSSv2 Score: 5.5
- Description:
Btrfs: detect corruption when non-root leaf has zero item (CVE-2018-14613 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14613
- Patch: 3.16.0/CVE-2018-14613-Btrfs-detect-corruption-when-non-root-leaf-has-zero-item.patch
- From: 3.16.84-1
- CVE-2018-14613, CVSSv2 Score: 5.5
- Description:
Btrfs: check btree node's nritems (CVE-2018-14613 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14613
- Patch: 3.16.0/CVE-2018-14613-Btrfs-check-btree-node_s-nritems.patch
- From: 3.16.84-1
- CVE-2018-14613, CVSSv2 Score: 5.5
- Description:
Btrfs: fix BUG_ON in btrfs_mark_buffer_dirty (CVE-2018-14613 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14613
- Patch: 3.16.0/CVE-2018-14613-Btrfs-fix-BUG_ON-in-btrfs_mark_buffer_dirty.patch
- From: 3.16.84-1
- CVE-2018-14613, CVSSv2 Score: 5.5
- Description:
Btrfs: improve check_node to avoid reading corrupted nodes (CVE-2018-14613 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14613
- Patch: 3.16.0/CVE-2018-14613-Btrfs-improve-check_node-to-avoid-reading-corrupted-nodes.patch
- From: 3.16.84-1
- CVE-2018-14613, CVSSv2 Score: 5.5
- Description:
Btrfs: fix emptiness check for dirtied extent buffers at check_leaf() (CVE-2018-14613 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14613
- Patch: 3.16.0/CVE-2018-14613-Btrfs-fix-emptiness-check-for-dirtied-extent-buffers-at-check_leaf.patch
- From: 3.16.84-1
- CVE-2018-14613, CVSSv2 Score: 5.5
- Description:
btrfs: Refactor check_leaf function for later expansion (CVE-2018-14613 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14613
- Patch: 3.16.0/CVE-2018-14613-btrfs-Refactor-check_leaf-function-for-later-expansion.patch
- From: 3.16.84-1
- CVE-2018-14613, CVSSv2 Score: 5.5
- Description:
btrfs: Check if item pointer overlaps with the item itself (CVE-2018-14613 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14613
- Patch: 3.16.0/CVE-2018-14613-btrfs-Check-if-item-pointer-overlaps-with-the-item-itself.patch
- From: 3.16.84-1
- CVE-2018-14613, CVSSv2 Score: 5.5
- Description:
btrfs: Add sanity check for EXTENT_DATA when reading out leaf (CVE-2018-14613 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14613
- Patch: 3.16.0/CVE-2018-14613-btrfs-Add-sanity-check-for-EXTENT_DATA-when-reading-out-leaf.patch
- From: 3.16.84-1
- CVE-2018-14613, CVSSv2 Score: 5.5
- Description:
btrfs: Add checker for EXTENT_CSUM (CVE-2018-14613 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14613
- Patch: 3.16.0/CVE-2018-14613-btrfs-Add-checker-for-EXTENT_CSU.patch
- From: 3.16.84-1
- CVE-2018-14613, CVSSv2 Score: 5.5
- Description:
btrfs: Move leaf and node validation checker to tree-checker.c (CVE-2018-14613 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14613
- Patch: 3.16.0/CVE-2018-14613-btrfs-Move-leaf-and-node-validation-checker-to-tree-checker.patch
- From: 3.16.84-1
- CVE-2018-14612, CVSSv2 Score: 5.5
- Description:
btrfs: tree-checker: Enhance btrfs_check_node output (CVE-2018-14612 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14612
- Patch: 3.16.0/CVE-2018-14612-btrfs-tree-checker-Enhance-btrfs_check_node-output.patch
- From: 3.16.84-1
- CVE-2018-14613, CVSSv2 Score: 5.5
- Description:
btrfs: tree-checker: Add checker for dir item (CVE-2018-14613 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14613
- Patch: 3.16.0/CVE-2018-14613-btrfs-tree-checker-Add-checker-for-dir-item.patch
- From: 3.16.84-1
- CVE-2018-14613, CVSSv2 Score: 5.5
- Description:
btrfs: tree-checker: Verify block_group_item
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14613
- Patch: 3.16.0/CVE-2018-14613-btrfs-tree-checker-Verify-block_group_item.patch
- From: 3.16.84-1
- CVE-2018-14612, CVSSv2 Score: 5.5
- Description:
btrfs: tree-checker: Detect invalid and empty essential trees
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14612
- Patch: 3.16.0/CVE-2018-14612-btrfs-tree-checker-Detect-invalid-and-empty-essential-trees.patch
- From: 3.16.84-1
- CVE-2018-14611, CVSSv2 Score: 5.5
- Description:
btrfs: validate type when reading a chunk
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14611
- Patch: 3.16.0/CVE-2018-14611-btrfs-validate-type-when-reading-a-chunk.patch
- From: 3.16.84-1
- CVE-2018-14610, CVSSv2 Score: 5.5
- Description:
btrfs: Check that each block group has corresponding chunk at mount time (adaptation)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14610
- Patch: 3.16.0/CVE-2018-14610-btrfs-Check-that-each-block-group-has-corresponding-chunk-at-mount-time.patch
- From: 3.16.84-1
- CVE-2018-14612, CVSSv2 Score: 5.5
- Description:
btrfs: Verify that every chunk has corresponding block group at mount time (adaptation)
- CVE: https://security-tracker.debian.org/tracker/CVE-2018-14612
- Patch: 3.16.0/CVE-2018-14612-btrfs-Verify-that-every-chunk-has-corresponding-block-group-at-mount-time.patch
- From: 3.16.84-1
- CVE-2019-19768, CVSSv2 Score: 7.5
- Description:
blktrace: Protect q->blk_trace with RCU
- CVE: https://security-tracker.debian.org/tracker/CVE-2019-19768
- Patch: 3.16.0/CVE-2019-19768-blktrace-Protect-q_blk_trace-with-RCU.patch
- From: 3.16.84-1
- CVE-2019-19768, CVSSv2 Score: 7.5
- Description:
blktrace: fix dereference after null check
- CVE: https://security-tracker.debian.org/tracker/CVE-2019-19768
- Patch: 3.16.0/CVE-2019-19768-blktrace-fix-dereference-after-null-check.patch
- From: 3.16.84-1
- CVE-2019-20636, CVSSv2 Score: 6.7
- Description:
Input: add safety guards to input_set_keycode()
- CVE: https://security-tracker.debian.org/tracker/CVE-2019-20636
- Patch: 3.16.0/CVE-2019-20636-Input-add-safety-guards-to-input_set_keycode.patch
- From: 3.16.84-1
- CVE-2020-0009, CVSSv2 Score: 5.5
- Description:
staging: android: ashmem: Disallow ashmem memory from being remapped
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-0009
- Patch: 3.16.0/CVE-2020-0009-staging-android-ashmem-Disallow-ashmem-memory-from-being-remapped.patch
- From: 3.16.84-1
- CVE-2020-0009, CVSSv2 Score: 5.5
- Description:
staging: android: ashmem: Disallow ashmem memory from being remapped (adaptation)
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-0009
- Patch: 3.16.0/CVE-2020-0009-staging-android-ashmem-Disallow-ashmem-memory-from-being-remapped-kpatch.patch
- From: 3.16.84-1
- CVE-2020-1749, CVSSv2 Score: 7.5
- Description:
net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup (adaptation)
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-1749
- Patch: 3.16.0/CVE-2020-1749-net-ipv6_stub-use-ip6_dst_lookup_flow-instead-of-ip6_dst_lookup.patch
- From: 3.16.84-1
- CVE-2020-2732, CVSSv2 Score: 6.8
- Description:
KVM: nVMX: Don't emulate instructions in guest mode
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-2732
- Patch: 3.16.0/CVE-2020-2732-KVM-nVMX-Dont-emulate-instructions-in-guest-mode.patch
- From: 3.16.84-1
- CVE-2020-8647 CVE-2020-8649, CVSSv2 Score: 6.1
- Description:
vgacon: Fix a UAF in vgacon_invert_region
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-8647
- Patch: 3.16.0/CVE-2020-8647_8649-vgacon-Fix-a-UAF-in-vgacon_invert_region.patch
- From: 3.16.84-1
- CVE-2020-8648, CVSSv2 Score: 7.1
- Description:
vt: selection, handle pending signals in paste_selection (CVE-2020-8648 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-8648
- Patch: 3.16.0/CVE-2020-8648-vt-selection-handle-pending-signals-in-paste_selection.patch
- From: 3.16.84-1
- CVE-2020-8648, CVSSv2 Score: 7.1
- Description:
tty: vt: Fix !TASK_RUNNING diagnostic warning from paste_selection() (CVE-2020-8648 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-8648
- Patch: 3.16.0/CVE-2020-8648-tty-vt-Fix-TASK_RUNNING-diagnostic-warning-from-paste_selection.patch
- From: 3.16.84-1
- CVE-2020-8648, CVSSv2 Score: 7.1
- Description:
vt: selection, close sel_buffer race
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-8648
- Patch: 3.16.0/CVE-2020-8648-vt-selection-close-sel_buffer-race.patch
- From: 3.16.84-1
- CVE-2020-8648, CVSSv2 Score: 7.1
- Description:
vt: selection, push console lock down
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-8648
- Patch: 3.16.0/CVE-2020-8648-vt-selection-push-console-lock-down.patch
- From: 3.16.84-1
- CVE-2020-8648, CVSSv2 Score: 7.1
- Description:
vt: selection, push sel_lock up
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-8648
- Patch: 3.16.0/CVE-2020-8648-vt-selection-push-sel_lock-up.patch
- From: 3.16.84-1
- CVE-2020-9383, CVSSv2 Score: 7.1
- Description:
floppy: check FDC index for errors before assigning it
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-9383
- Patch: 3.16.0/CVE-2020-9383-floppy-check-FDC-index-for-errors-before-assigning-it.patch
- From: 3.16.84-1
- CVE-2020-10942, CVSSv2 Score: 5.3
- Description:
vhost: Check docket sk_family instead of call getname
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-10942
- Patch: 3.16.0/CVE-2020-10942-vhost-Check-docket-sk_family-instead-of-call-getname.patch
- From: 3.16.84-1
- CVE-2020-11565, CVSSv2 Score: 6.0
- Description:
mm: mempolicy: require at least one nodeid for MPOL_PREFERRED
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-11565
- Patch: 3.16.0/CVE-2020-11565-mm-mempolicy-require-at-least-one-nodeid-for-MPOL_PREFERRED.patch
- From: 3.16.84-1
- CVE-2020-11608, CVSSv2 Score: 4.3
- Description:
media: ov519: add missing endpoint sanity checks
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-11608
- Patch: 3.16.0/CVE-2020-11608-media-ov519-add-missing-endpoint-sanity-checks.patch
- From: 3.16.84-1
- CVE-2020-11609, CVSSv2 Score: 4.3
- Description:
media: stv06xx: add missing descriptor sanity checks
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-11609
- Patch: 3.16.0/CVE-2020-11609-media-stv06xx-add-missing-descriptor-sanity-checks.patch
- From: 3.16.84-1
- CVE-2020-11668, CVSSv2 Score: 7.1
- Description:
media: xirlink_cit: add missing descriptor sanity checks
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-11668
- Patch: 3.16.0/CVE-2020-11668-media-xirlink_cit-add-missing-descriptor-sanity-checks.patch
- From: 3.16.84-1
- N/A, CVSSv2 Score: N/A
- Description:
chardev: add helper function to register char devs with a struct device (CVE-2020-10690 dependency)
- CVE: N/A
- Patch: 3.16.0/CVE-2020-10690-chardev-add-helper-function-to-register-char-devs-with-a-struct-device.patch
- From: 3.16.84-1
- CVE-2020-10690, CVSSv2 Score: 6.4
- Description:
ptp: fix the race between the release of ptp_clock and cdev
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-10690
- Patch: 3.16.0/CVE-2020-10690-ptp-fix-the-race-between-the-release-of-ptp_clock-and-cdev.patch
- From: 3.16.84-1
- CVE-2020-10690, CVSSv2 Score: 6.4
- Description:
ptp: fix the race between the release of ptp_clock and cdev (adaptation)
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-10690
- Patch: 3.16.0/CVE-2020-10690-ptp-fix-the-race-between-the-release-of-ptp_clock-and-cdev-kpatch.patch
- From: 3.16.84-1
- CVE-2020-11494, CVSSv2 Score: 4.4
- Description:
slcan: Don't transmit uninitialized stack data in padding
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-11494
- Patch: 3.16.0/CVE-2020-11494-slcan-Don_t-transmit-uninitialized-stack-data-in-padding.patch
- From: 3.16.84-1
- CVE-2020-12114, CVSSv2 Score: 4.7
- Description:
fs/namespace.c: fix mountpoint reference counter race
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-12114
- Patch: 3.16.0/CVE-2020-12114-fs_namespace-fix-mountpoint-reference-counter-race.patch
- From: 3.16.84-1
- CVE-2020-12114, CVSSv2 Score: 4.7
- Description:
propagate_one(): mnt_set_mountpoint() needs mount_lock
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-12114
- Patch: 3.16.0/CVE-2020-12114-propagate_one-mnt_set_mountpoint-needs-mount_lock.patch
- From: 3.16.84-1
- CVE-2020-12769, CVSSv2 Score: 5.5
- Description:
spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls (adaptation)
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-12769
- Patch: 3.16.0/CVE-2020-12769-spi-dw-Add-lock-protect-dw_spi-rx_tx-to-prevent-concurrent-calls.patch
- From: 3.16.84-1
- CVE-2020-12770, CVSSv2 Score: 6.7
- Description:
scsi: sg: add sg_remove_request in sg_write
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-12770
- Patch: 3.16.0/CVE-2020-12770-scsi-sg-add-sg_remove_request-in-sg_write.patch
- From: 3.16.84-1
- CVE-2019-19319, CVSSv2 Score: 6.5
- Description:
ext4: protect journal inode's blocks using block_validity
- CVE: https://security-tracker.debian.org/tracker/CVE-2019-19319
- Patch: 3.16.0/CVE-2019-19319-ext4-protect-journal-inode-s-blocks-using-block_vali.patch
- From: 3.16.84-1
- CVE-2019-19319, CVSSv2 Score: 6.5
- Description:
ext4: unsigned int compared against zero
- CVE: https://security-tracker.debian.org/tracker/CVE-2019-19319
- Patch: 3.16.0/CVE-2019-19319-ext4-unsigned-int-compared-against-zero.patch
- From: 3.16.84-1
- CVE-2019-19319, CVSSv2 Score: 6.5
- Description:
ext4: fix block validity checks for journal inodes using indirect blocks
- CVE: https://security-tracker.debian.org/tracker/CVE-2019-19319
- Patch: 3.16.0/CVE-2019-19319-ext4-fix-block-validity-checks-for-journal-inodes-us.patch
- From: 3.16.84-1
- CVE-2019-19319, CVSSv2 Score: 6.5
- Description:
ext4: don't perform block validity checks on the journal inode
- CVE: https://security-tracker.debian.org/tracker/CVE-2019-19319
- Patch: 3.16.0/CVE-2019-19319-ext4-don-t-perform-block-validity-checks-on-the-jour.patch
- From: 3.16.84-1
- CVE-2019-19319, CVSSv2 Score: 7.8
- Description:
ext4: don't perform block validity checks on the journal inode
- CVE: https://security-tracker.debian.org/tracker/CVE-2019-19319
- Patch: 3.16.0/CVE-2019-19319-kpatch.patch
- From: 4.9.210-1+deb9u1
- Description:
- CVE:
- Patch: 4.9.0/cve-2019-19319-kpatch-fix-rbtree.patch
- From:
- Description:
- CVE:
- Patch: 3.16.0/CVE-2019-19319-kpatch-fix-races-post-59.1.patch
- From:
- CVE-2020-10751, CVSSv2 Score: 6.1
- Description:
selinux: cleanup error reporting in selinux_nlmsg_perm() (CVE-2020-10751 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-10751
- Patch: 3.16.0/CVE-2020-10751-selinux-cleanup-error-reporting-in-selinux_nlmsg_per.patch
- From: 3.16.84-1
- CVE-2020-10751, CVSSv2 Score: 6.1
- Description:
selinux: convert WARN_ONCE() to printk() in selinux_nlmsg_perm() (CVE-2020-10751 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-10751
- Patch: 3.16.0/CVE-2020-10751-selinux-convert-warn_once-to-printk-in-selinux_nlmsg.patch
- From: 3.16.84-1
- CVE-2020-10751, CVSSv2 Score: 6.1
- Description:
selinux: Print 'sclass' as string when unrecognized netlink message occurs (CVE-2020-10751 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-10751
- Patch: 3.16.0/CVE-2020-10751-selinux-print-sclass-as-string-when-unrecognized-net.patch
- From: 3.16.84-1
- CVE-2020-10751, CVSSv2 Score: 6.1
- Description:
selinux: rate-limit netlink message warnings in selinux_nlmsg_perm() (CVE-2020-10751 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-10751
- Patch: 3.16.0/CVE-2020-10751-selinux-rate-limit-netlink-message-warnings-in-selin.patch
- From: 3.16.84-1
- CVE-2020-10751, CVSSv2 Score: 6.1
- Description:
selinux: properly handle multiple messages in selinux_netlink_send()
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-10751
- Patch: 3.16.0/CVE-2020-10751-selinux-properly-handle-multiple-messages-in-selinux.patch
- From: 3.16.84-1
- CVE-2020-12464, CVSSv2 Score: 6.7
- Description:
drivers: usb: core: Don't disable irqs in usb_sg_wait() during URB submit. (CVE-2020-12464 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-12464
- Patch: 3.16.0/CVE-2020-12464-drivers-usb-core-don-t-disable-irqs-in-usb_sg_wait-d.patch
- From: 3.16.84-1
- CVE-2020-12464, CVSSv2 Score: 6.7
- Description:
drivers: usb: core: Minimize irq disabling in usb_sg_cancel() (CVE-2020-12464 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-12464
- Patch: 3.16.0/CVE-2020-12464-drivers-usb-core-minimize-irq-disabling-in-usb_sg_ca.patch
- From: 3.16.84-1
- CVE-2020-12464, CVSSv2 Score: 6.7
- Description:
USB: core: Fix free-while-in-use bug in the USB S-Glibrary
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-12464
- Patch: 3.16.0/CVE-2020-12464-usb-core-fix-free-while-in-use-bug-in-the-usb-s-glib.patch
- From: 3.16.84-1
- CVE-2020-12652, CVSSv2 Score: 4.1
- Description:
scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo() (CVE-2020-12652 dependency)
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-12652
- Patch: 3.16.0/CVE-2020-12652-scsi-mptfusion-add-bounds-check-in-mptctl_hp_targeti.patch
- From: 3.16.84-1
- CVE-2020-12652, CVSSv2 Score: 4.1
- Description:
scsi: mptfusion: Fix double fetch bug in ioctl
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-12652
- Patch: 3.16.0/CVE-2020-12652-scsi-mptfusion-fix-double-fetch-bug-in-ioctl.patch
- From: 3.16.84-1
- CVE-2020-12653, CVSSv2 Score: 7.8
- Description:
mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-12653
- Patch: 3.16.0/CVE-2020-12653-mwifiex-fix-possible-buffer-overflows-in-mwifiex_cmd.patch
- From: 3.16.84-1
- CVE-2020-12654, CVSSv2 Score: 7.1
- Description:
mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-12654
- Patch: 3.16.0/CVE-2020-12654-mwifiex-fix-possible-buffer-overflows-in-mwifiex_ret.patch
- From: 3.16.84-1
- CVE-2020-12826, CVSSv2 Score: 5.3
- Description:
signal: Extend exec_id to 64bits
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-12826
- Patch: 3.16.0/CVE-2020-12826-signal-extend-exec_id-to-64bits.patch
- From: 3.16.84-1
- CVE-2020-12826, CVSSv2 Score: 5.3
- Description:
signal: Extend exec_id to 64bits (adaptation)
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-12826
- Patch: 3.16.0/CVE-2020-12826-signal-extend-exec_id-to-64bits-kpatch.patch
- From: 3.16.84-1
- CVE-2020-13143, CVSSv2 Score: 6.5
- Description:
USB: gadget: fix illegal array access in binding with UDC
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-13143
- Patch: 3.16.0/CVE-2020-13143-usb-gadget-fix-illegal-array-access-in-binding-with-.patch
- From: 3.16.84-1
- CVE-2020-0543, CVSSv2 Score: 6.5
- Description:
x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation
- CVE: https://www.vusec.net/projects/crosstalk/
- Patch: srbds-enable.patch
- From: N/A
- CVE-2020-14305, CVSSv2 Score: 8.1
- Description:
kernel: memory corruption in Voice over IP nf_conntrack_h323 module
- CVE: https://access.redhat.com/security/cve/cve-2020-14305
- Patch: 3.10.0/CVE-2020-14305.patch
- From: >kernel-3.10.0-1127.13.1.el7
- CVE-2021-3347, CVSSv2 Score: 7.4
- Description:
futex: Handle faults correctly for PI futexes
- CVE: https://access.redhat.com/security/cve/cve-2021-3347
- Patch: 3.16.0/CVE-2021-3347-futex-Handle-faults-correctly-for-PI-futexes-kpatch.patch
- From: v5.11
- CVE-2021-33909, CVSSv2 Score: 7.8
- Description:
seq_file: Disallow extremely large seq buffer allocations
- CVE: https://security-tracker.debian.org/tracker/CVE-2021-33909
- Patch: 3.16.0/CVE-2021-33909-seq_file-Disallow-extremely-large-seq-buffer-allocations.patch
- From: >linux-3.16.84-1
- CVE-2021-22555, CVSSv2 Score: 7.8
- Description:
netfilter: x_tables: fix compat match/target pad out-of-bound write
- CVE: https://access.redhat.com/security/cve/CVE-2021-22555
- Patch: 3.16.7/CVE-2021-22555-netfilter-x_tables-fix-compat-match-target-pad-out-of-bound-write.patch
- From: v5.12
- Description:
Restrict access to pagemap/kpageflags/kpagecount
- CVE: http://googleprojectzero.blogspot.ru/2015/03/exploiting-dram-rowhammer-bug-to-gain.html
- Patch: 3.16.7/proc-restrict-pagemap-access.patch
- From: