- kernel-uek-4.14.35-2047.511.5.6.el7uek (oel7-uek5)
- 4.14.35-2047.539.5.el7uek
- 2024-08-22 13:01:12
- 2024-08-30 07:21:19
- K20240822_01
- CVE-2021-20317, CVSSv2 Score: 4.4
- Description:
lib/timerqueue: Rely on rbtree semantics for next timer
- CVE: https://access.redhat.com/security/cve/CVE-2021-20317
- Patch: 4.18.0/CVE-2021-20317-lib-timerqueue-Rely-on-rbtree-semantics-for-next-timer.patch
- From: 4.18.0-348.2.1.el8_5
- CVE-2021-20317, CVSSv2 Score: 4.4
- Description:
lib/timerqueue: Rely on rbtree semantics for next timer (adaptation)
- CVE: https://access.redhat.com/security/cve/CVE-2021-20317
- Patch: 4.18.0/CVE-2021-20317-lib-timerqueue-Rely-on-rbtree-semantics-for-next-timer-kpatch.patch
- From: 4.18.0-348.2.1.el8_5
- CVE-2021-4002, CVSSv2 Score: 5.1
- Description:
hugetlbfs: flush TLBs correctly after huge_pmd_unshare
- CVE: https://access.redhat.com/security/cve/CVE-2021-4002
- Patch: 4.14.35/CVE-2021-4002-hugetlbfs-flush-TLBs-correctly-after-huge_pmd_unshare.patch
- From: 4.14.35-2047.512.6.el7uek
- CVE-2021-4149, CVSSv2 Score: 4.7
- Description:
btrfs: unlock newly allocated extent buffer after error
- CVE: https://access.redhat.com/security/cve/CVE-2021-4149
- Patch: 4.19.0/CVE-2021-4149.patch
- From: 4.19.235-1
- CVE-2022-0330, CVSSv2 Score: 7.0
- Description:
drm/i915: Flush TLBs before releasing backing store
- CVE: https://access.redhat.com/security/cve/CVE-2022-0330
- Patch: 4.14.0/CVE-2022-0330-drm-i915-Flush-TLBs-before-releasing-backing-store.patch
- From: 4.14.268-205.500.amzn2
- CVE-2022-0330, CVSSv2 Score: 7.0
- Description:
drm/i915: Flush TLBs before releasing backing store (kpatch adaptation)
- CVE: https://access.redhat.com/security/cve/CVE-2022-0330
- Patch: 4.14.0/CVE-2022-0330-drm-i915-Flush-TLBs-before-releasing-backing-store-kpatch-1.patch
- From: 4.14.268-205.500.amzn2
- CVE-2022-22942, CVSSv2 Score: 7.0
- Description:
stale file descriptors on failed usercopy
- CVE: https://security-tracker.debian.org/tracker/CVE-2022-22942
- Patch: 4.19.0/CVE-2022-22942.patch
- From: <kernel-4.19.208-1
- CVE-2022-24448, CVSSv2 Score: 3.3
- Description:
NFSv4: Handle case where the lookup of a directory fails
- CVE: https://access.redhat.com/security/cve/CVE-2022-24448
- Patch: 4.14.0/CVE-2022-24448-NFSv4-Handle-case-where-the-lookup-of-a-directory-fails.patch
- From: 4.14.268-205.500.amzn2
- CVE-2022-0435, CVSSv2 Score: 7.2
- Description:
tipc: improve size validations for received domain records
- CVE: https://access.redhat.com/security/cve/CVE-2022-0435
- Patch: 4.14.0/CVE-2022-0435-tipc-improve-size-validations-for-received-domain-records.patch
- From: 4.14.268-205.500.amzn2
- CVE-2022-0617, CVSSv2 Score: 4.7
- Description:
udf: Restore i_lenAlloc when inode expansion fails
- CVE: https://access.redhat.com/security/cve/CVE-2022-0617
- Patch: 4.14.0/CVE-2022-0617-udf-Restore-i_lenAlloc-when-inode-expansion-fails.patch
- From: 4.14.268-205.500.amzn2
- CVE-2022-0617, CVSSv2 Score: 4.7
- Description:
udf: Fix NULL ptr deref when converting from inline format
- CVE: https://access.redhat.com/security/cve/CVE-2022-0617
- Patch: 4.14.0/CVE-2022-0617-udf-Fix-NULL-ptr-deref-when-converting-from-inline-format.patch
- From: 4.14.268-205.500.amzn2
- CVE-2020-36516, CVSSv2 Score: 5.9
- Description:
ipv4: avoid using shared IP generator for connected sockets
- CVE: https://access.redhat.com/security/cve/CVE-2020-36516
- Patch: 4.1.12/CVE-2020-36516-ipv4-avoid-using-shared-IP-generator-for-connected-sockets.patch
- From: 4.1.12-124.61.2
- CVE-2022-26966, CVSSv2 Score: 4.6
- Description:
sr9700: sanity check for packet length
- CVE: https://access.redhat.com/security/cve/CVE-2022-26966
- Patch: 4.1.12/CVE-2022-26966-sr9700-sanity-check-for-packet-length.patch
- From: 4.1.12-124.61.2
- CVE-2021-26401, CVSSv2 Score:
- Description:
An introduction of required changes through KernelCare could cause unavoidable problems to applications which use unprivileged eBPF.
- CVE:
- Patch: skipped/CVE-2021-26401.patch
- From:
- CVE-2022-27666, CVSSv2 Score: 7.8
- Description:
esp: Fix possible buffer overflow in ESP transformation
- CVE: https://access.redhat.com/security/cve/CVE-2022-27666
- Patch: 4.14.35/CVE-2022-27666-esp-Fix-possible-buffer-overflow-in-ESP-transformation.patch
- From: 4.14.35-2047.513.1
- CVE-2022-21499, CVSSv2 Score:
- Description:
Not affected without certain conditions - Secure Boot, configured kgdb/kdb. Complex adaptation
- CVE:
- Patch: skipped/CVE-2022-21499.patch
- From:
- CVE-2022-0487, CVSSv2 Score: 5.5
- Description:
memstick: rtsx_usb_ms: fix UAF
- CVE: https://access.redhat.com/security/cve/CVE-2022-0487
- Patch: 4.14.35/CVE-2022-0487-memstick-rtsx_usb_ms-fix-UAF.patch
- From: 4.14.35-2047.514.3.el7uek
- CVE-2022-23036 CVE-2022-23038, CVSSv2 Score: 7.0
- Description:
xen/grant-table: add gnttab_try_end_foreign_access()
- CVE: https://people.canonical.com/~ubuntu-security/cve/2022/CVE-2022-23036
- Patch: ubuntu-bionic/4.15.0-177.186/CVE-2022-23036-CVE-2022-23038-xen-grant-table-add-gnttab_try_end_foreign_access.patch
- From: 4.15.0-177.186
- CVE-2022-23040, CVSSv2 Score: 7.0
- Description:
xen/xenbus: don't let xenbus_grant_ring() remove grants in error case
- CVE: https://people.canonical.com/~ubuntu-security/cve/2022/CVE-2022-23040
- Patch: ubuntu-bionic/4.15.0-177.186/CVE-2022-23040-xen-xenbus-dont-let-xenbus_grant_ring-remove-grants-in-error-case.patch
- From: 4.15.0-177.186
- CVE-2022-23038, CVSSv2 Score: 7.0
- Description:
xen/scsifront: don't use gnttab_query_foreign_access() for mapped status
- CVE: https://people.canonical.com/~ubuntu-security/cve/2022/CVE-2022-23038
- Patch: ubuntu-bionic/4.15.0-177.186/CVE-2022-23038-xen-scsifront-dont-use-gnttab_query_foreign_access-for-mapped-status.patch
- From: 4.15.0-177.186
- CVE-2022-23039, CVSSv2 Score: 7.0
- Description:
xen/gntalloc: don't use gnttab_query_foreign_access()
- CVE: https://people.canonical.com/~ubuntu-security/cve/2022/CVE-2022-23039
- Patch: ubuntu-bionic/4.15.0-177.186/CVE-2022-23039-xen-gntalloc-dont-use-gnttab_query_foreign_access.patch
- From: 4.15.0-177.186
- CVE-2022-23041, CVSSv2 Score: 7.0
- Description:
xen/9p: use alloc/free_pages_exact()
- CVE: https://people.canonical.com/~ubuntu-security/cve/2022/CVE-2022-23041
- Patch: ubuntu-bionic/4.15.0-177.186/CVE-2022-23041-xen-9p-use-alloc-free_pages_exact.patch
- From: 4.15.0-177.186
- CVE-2022-1048, CVSSv2 Score: 7.0
- Description:
ALSA: pcm: Fix races among concurrent read/write and buffer changes
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2022-1048
- Patch: 5.10.0/CVE-2022-1048-ALSA-pcm-Fix-races-among-concurrent-read-write-and-buffer-changes.patch
- From: 5.10.113-1
- CVE-2022-1048, CVSSv2 Score: 7.0
- Description:
ALSA: pcm: Fix races among concurrent prealloc proc writes
- CVE: https://access.redhat.com/security/cve/CVE-2022-1048
- Patch: 4.14.35/CVE-2022-1048-ALSA-pcm-Fix-races-among-concurrent-prealloc-proc-writes.patch
- From: 4.14.35-2047.514.3.el7uek
- CVE-2022-1048, CVSSv2 Score: 7.0
- Description:
ALSA: pcm: Fix races among concurrent prepare and
- CVE: https://access.redhat.com/security/cve/CVE-2022-1048
- Patch: 4.14.35/CVE-2022-1048-ALSA-pcm-Fix-races-among-concurrent-prepare-and.patch
- From: 4.14.35-2047.514.3.el7uek
- CVE-2022-1048, CVSSv2 Score: 7.0
- Description:
ALSA: pcm: Fix races among concurrent hw_params and hw_free
- CVE: https://access.redhat.com/security/cve/CVE-2022-1048
- Patch: 4.14.35/CVE-2022-1048-ALSA-pcm-Fix-races-among-concurrent-hw_params-and-hw_free.patch
- From: 4.14.35-2047.514.3.el7uek
- CVE-2022-1048, CVSSv2 Score: 7.0
- Description:
N/A
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2022-1048
- Patch: 4.14.35/CVE-2022-1048-kpatch.patch
- From: N/A
- CVE-2022-21123 CVE-2022-21125 CVE-2022-21166 CVE-2022-21127, CVSSv2 Score: 6.1
- Description:
x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data
- CVE: https://access.redhat.com/security/cve/cve-2022-21127
- Patch: mmio-enable.patch
- From: 5.18
- CVE-2022-1652, CVSSv2 Score: 7.8
- Description:
floppy: use a statically allocated error counter
- CVE: https://security-tracker.debian.org/tracker/CVE-2022-1652
- Patch: 4.14.0/CVE-2022-1652-floppy-use-a-statically-allocated-error-counter.patch
- From: 4.14.35-2047.515.0
- CVE-2022-1652, CVSSv2 Score: 7.8
- Description:
floppy: use a statically allocated error counter (kpatch adaptation)
- CVE: https://security-tracker.debian.org/tracker/CVE-2022-1652
- Patch: 4.14.0/CVE-2022-1652-floppy-use-a-statically-allocated-error-counter-kpatch.patch
- From: 4.14.35-2047.515.0
- CVE-2022-2588, CVSSv2 Score: 6.7
- Description:
net_sched: cls_route: remove from list when handle is 0
- CVE: https://access.redhat.com/security/cve/CVE-2022-2588
- Patch: 5.4.17/CVE-2022-2588.patch
- From: kernel-uek-5.4.17-2136.309.5.1.el8uek
- CVE-2022-21385, CVSSv2 Score: 6.2
- Description:
rds: copy_from_user only once per rds_sendmsg system call
- CVE: https://security-tracker.debian.org/tracker/CVE-2022-21385
- Patch: 4.14.35/CVE-2022-21385-rds-copy_from_user-only-once-per-rds_sendmsg-system-call-511.patch
- From: 4.14.35-2047.516.2.1
- CVE-2022-21546, CVSSv2 Score: n/a
- Description:
scsi: target: Fix WRITE_SAME No Data Buffer crash
- CVE: n/a
- Patch: 4.14.35/CVE-2022-21546-scsi-target-Fix-WRITE_SAME-No-Data-Buffer-crash.patch
- From: kernel-uek-4.14.35-2047.517.3.el7uek
- CVE-2022-3028, CVSSv2 Score: 7.0
- Description:
af_key: Do not call xfrm_probe_algs in parallel
- CVE: https://security-tracker.debian.org/tracker/CVE-2022-3028
- Patch: 4.14.35/CVE-2022-3028-af_key-Do-not-call-xfrm_probe_algs-in-parallel-1.patch
- From: 5.10.140-1
- CVE-2022-3239, CVSSv2 Score: 7.8
- Description:
media: em28xx: initialize refcount before kref_get
- CVE: https://linux.oracle.com/cve/CVE-2022-3239.html
- Patch: oel7-uek5/4.14.35-2047.519.2.1.el7uek/CVE-2022-3239-media-em28xx-initialize-refcount-before-kref-get.patch
- From: 4.14.35-2047.519.2.1.el7uek
- CVE-2022-4378, CVSSv2 Score: 7.8
- Description:
proc: avoid integer type confusion in get_proc_long
- CVE: https://linux.oracle.com/cve/CVE-2022-4378.html
- Patch: 4.14.35/CVE-2022-4378-0200-proc-avoid-integer-type-confusion-in-get_proc_long.patch
- From: 4.14.35-2047.520.3.1
- CVE-2022-4378, CVSSv2 Score: 7.8
- Description:
proc: proc_skip_spaces() shouldn't think it is working on C strings
- CVE: https://linux.oracle.com/cve/CVE-2022-4378.html
- Patch: 4.14.35/CVE-2022-4378-0300-proc-proc_skip_spaces-shouldn-t-think-it-is-working-on-C-strings.patch
- From: 4.14.35-2047.520.3.1
- CVE-2022-40768, CVSSv2 Score: 5.5
- Description:
scsi: stex: Properly zero out the passthrough command structure
- CVE: https://linux.oracle.com/cve/CVE-2022-40768.html
- Patch: 4.14.35/CVE-2022-40768-scsi-stex-Properly-zero-out-the-passthrough-command-structure.patch
- From: 4.14.35-2047.520.1.el7uek
- CVE-2022-3565, CVSSv2 Score: 8.0
- Description:
mISDN: fix use-after-free bugs in l1oip timer handlers
- CVE: https://ubuntu.com/security/CVE-2022-3565
- Patch: ubuntu-bionic/4.15.0-200.211/0009-CVE-2022-3565-mISDN-fix-use-after-free-bugs-in-l1oip-timer-handler.patch
- From: 4.15.0-200.211
- CVE-2022-3565, CVSSv2 Score: 8.0
- Description:
mISDN: fix use-after-free bugs in l1oip timer handlers (adaptation)
- CVE: https://linux.oracle.com/cve/CVE-2022-3565.html
- Patch: 4.14.35/CVE-2022-3565-kpatch.patch
- From: 4.14.35-2047.520.0
- CVE-2022-3303, CVSSv2 Score: 4.7
- Description:
ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
- CVE: https://access.redhat.com/security/cve/CVE-2022-3303
- Patch: 4.14.35/CVE-2022-3303-ALSA-pcm-oss-Fix-race-at-SNDCTL_DSP_SYNC.patch
- From: 4.14.35-2047.522.3.el7uek
- CVE-2022-3524, CVSSv2 Score: 5.5
- Description:
tcp/udp: Fix memory leak in ipv6_renew_options()
- CVE: https://access.redhat.com/security/cve/CVE-2022-3524
- Patch: 4.14.35/CVE-2022-3524-tcp-udp-Fix-memory-leak-in-ipv6_renew_options.patch
- From: 4.14.35-2047.522.3.el7uek
- CVE-2022-3640, CVSSv2 Score: 8.8
- Description:
Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del()
- CVE: https://access.redhat.com/security/cve/CVE-2022-3640
- Patch: 4.14.35/CVE-2022-3640-Bluetooth-L2CAP-fix-use-after-free-in-l2cap_conn_del.patch
- From: 4.14.35-2047.522.3.el7uek
- CVE-2022-42895, CVSSv2 Score: 6.5
- Description:
Bluetooth: L2CAP: Fix attempting to access uninitialized memory
- CVE: https://access.redhat.com/security/cve/CVE-2022-42895
- Patch: 4.14.35/CVE-2022-42895-Bluetooth-L2CAP-Fix-attempting-to-access-uninitialized-memory.patch
- From: 4.14.35-2047.522.3.el7uek
- CVE-2022-42896, CVSSv2 Score: 8.8
- Description:
Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm
- CVE: https://access.redhat.com/security/cve/CVE-2022-42896
- Patch: 4.14.35/CVE-2022-42896-0001-Bluetooth-L2CAP-Fix-l2cap_global_chan_by_psm.patch
- From: 4.14.35-2047.522.3.el7uek
- CVE-2022-42896, CVSSv2 Score: 8.8
- Description:
Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
- CVE: https://access.redhat.com/security/cve/CVE-2022-42896
- Patch: 4.14.35/CVE-2022-42896-0002-Bluetooth-L2CAP-Fix-accepting-connection-request-for-invalid-SPSM.patch
- From: 4.14.35-2047.522.3.el7uek
- CVE-2022-0394, CVSSv2 Score: 5.5
- Description:
ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
- CVE: https://access.redhat.com/security/cve/CVE-2023-0394
- Patch: 4.14.35/CVE-2023-0394-ipv6-raw-Deduct-extension-header-length-in-rawv6_push_pending_frames.patch
- From: 4.14.35-2047.523.4.1.el7uek
- CVE-2022-2873, CVSSv2 Score: 5.5
- Description:
i2c: ismt: Fix an out-of-bounds bug in ismt_access()
- CVE: https://access.redhat.com/security/cve/CVE-2022-2873
- Patch: 4.14.35/CVE-2022-2873-i2c-ismt-Fix-an-out-of-bounds-bug-in-ismt_access.patch
- From: 4.14.35-2047.523.4.1.el7uek
- CVE-2022-3545, CVSSv2 Score: 7.8
- Description:
nfp: fix use-after-free in area_cache_get()
- CVE: https://access.redhat.com/security/cve/CVE-2022-3545
- Patch: 4.14.35/CVE-2022-3545-nfp-fix-use-after-free-in-area_cache_get.patch
- From: 4.14.35-2047.523.4.1.el7uek
- CVE-2023-23455, CVSSv2 Score: 5.5
- Description:
net: sched: atm: dont intepret cls results when asked to drop
- CVE: https://access.redhat.com/security/cve/CVE-2023-23455
- Patch: 4.14.35/CVE-2023-23455-net-sched-atm-dont-intepret-cls-results-when-asked-to-drop.patch
- From: 4.14.35-2047.523.4.1.el7uek
- CVE-2022-41218, CVSSv2 Score: 5.5
- Description:
media: dvb-core: Fix UAF due to refcount races at releasing
- CVE: https://access.redhat.com/security/cve/CVE-2022-41218
- Patch: 4.14.35/CVE-2022-41218-media-dvb-core-Fix-UAF-due-to-refcount-races-at-releasing.patch
- From: 4.14.35-2047.523.4.1.el7uek
- CVE-2022-45934, CVSSv2 Score: 7.8
- Description:
Bluetooth: L2CAP: Fix u8 overflow
- CVE: https://access.redhat.com/security/cve/CVE-2022-45934
- Patch: 4.14.35/CVE-2022-45934-Bluetooth-L2CAP-Fix-u8-overflow.patch
- From: 4.14.35-2047.523.4.1.el7uek
- CVE-2022-47929, CVSSv2 Score: 5.5
- Description:
net: sched: disallow noqueue for qdisc classes
- CVE: https://access.redhat.com/security/cve/CVE-2022-47929
- Patch: 4.14.35/CVE-2022-47929-net-sched-disallow-noqueue-for-qdisc-classes.patch
- From: 4.14.35-2047.523.4.1.el7uek
- CVE-2023-23559, CVSSv2 Score: 7.0
- Description:
wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid
- CVE: https://access.redhat.com/security/cve/CVE-2023-23559
- Patch: oel7-uek5/4.14.35-2047.524.5.el7uek/CVE-2023-23559-patch-wifi-rndis_wlan-Prevent-buffer-overflow-in-rndis_que.patch
- From: 4.14.35-2047.524.5
- CVE-2022-3107, CVSSv2 Score: 3.6
- Description:
hv_netvsc: Add check for kvmalloc_array
- CVE: https://access.redhat.com/security/cve/CVE-2022-3107
- Patch: oel7-uek5/4.14.35-2047.524.5.el7uek/CVE-2022-3107-patch-add-check-for-kvmalloc_array.patch
- From: 4.14.35-2047.524.5
- CVE-2023-3567, CVSSv2 Score: 7.1
- Description:
vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
- CVE: https://linux.oracle.com/cve/CVE-2023-3567.html
- Patch: oel7-uek5/4.14.35-2047.529.3.el7uek/CVE-2023-3567-vc_screen-move-load-of-struct-vc_data-pointer-in-vcs_read-to-avoid-UAF.patch
- From: 4.14.35-2047.529.3
- CVE-2023-22024, CVSSv2 Score: 5.5
- Description:
rds: Fix lack of reentrancy for connection reset with dst addr zero
- CVE: https://linux.oracle.com/cve/CVE-2023-22024.html
- Patch: oel7-uek5/4.14.35-2047.529.3.el7uek/CVE-2023-22024-rds-Fix-lack-of-reentrancy-for-connection-reset-with-dst-addr-zero.patch
- From: 4.14.35-2047.529.3.2
- CVE-2023-42753, CVSSv2 Score: 7.8
- Description:
netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
- CVE: https://linux.oracle.com/cve/CVE-2023-42753.html
- Patch: oel7-uek5/4.14.35-2047.529.3.el7uek/CVE-2023-42753-netfilter-ipset-add-the-missing-IP_SET_HASH_WITH_NET0-macro-for-ip_set_hash_netportnet-c.patch
- From: 4.14.35-2047.529.3.2
- CVE-2023-4623, CVSSv2 Score: 7.8
- Description:
net/sched: sch_hfsc: Ensure inner classes have fsc curve
- CVE: https://linux.oracle.com/cve/CVE-2023-4623.html
- Patch: oel7-uek5/4.14.35-2047.532.3.el7uek/CVE-2023-4623-patch-net-sched-sch-hfsc-ensure-inner-classes-have-fsc-curve.patch
- From: 4.14.35-2047.532.3.el7uek
- CVE-2022-29900, CVSSv2 Score:
- Description:
Livepatching Retbleed may decrease kernel stability and performance. This vulnerability has medium security impact and applies to certain hardware environments only.
- CVE:
- Patch: skipped/CVE-2022-29900.patch
- From:
- CVE-2022-29901, CVSSv2 Score:
- Description:
Livepatching Retbleed may decrease the stability and performance of the kernel, while vulnerability has a medium security impact and only for a certain hardware environment.
- CVE:
- Patch: skipped/CVE-2022-29901.patch
- From:
- CVE-2023-0590, CVSSv2 Score: 7.0
- Description:
net: sched: fix race condition in qdisc_graft()
- CVE: https://linux.oracle.com/cve/CVE-2023-0590.html
- Patch: oel7-uek5/4.14.35-2047.533.3.el7uek/CVE-2023-0590-net-sched-fix-race-condition-in-qdisc_graft.patch
- From: 4.14.35-2047.533.3
- CVE-2023-1077, CVSSv2 Score: 7.0
- Description:
sched/rt: pick_next_rt_entity(): check list_entry
- CVE: https://linux.oracle.com/cve/CVE-2023-1077.html
- Patch: oel7-uek5/4.14.35-2047.533.3.el7uek/CVE-2023-1077-sched-rt-pick_next_rt_entity-check-list_entry.patch
- From: 4.14.35-2047.533.3
- CVE-2023-45863, CVSSv2 Score: 6.4
- Description:
kobject: Fix slab-out-of-bounds in fill_kobj_path()
- CVE: https://linux.oracle.com/cve/CVE-2023-45863.html
- Patch: oel7-uek5/4.14.35-2047.533.3.el7uek/CVE-2023-45863-kobject-Fix-slab-out-of-bounds-in-fill_kobj_path.patch
- From: 4.14.35-2047.533.3
- CVE-2023-25775, CVSSv2 Score: 5.6
- Description:
RDMA/irdma: Prevent zero-length STAG registration
- CVE: https://linux.oracle.com/cve/CVE-2023-25775.html
- Patch: oel7-uek5/4.14.35-2047.533.3.el7uek/CVE-2023-25775-RDMA-irdma-Prevent-zero-length-STAG-registration.patch
- From: 4.14.35-2047.533.3
- CVE-2023-6040, CVSSv2 Score: 7.8
- Description:
netfilter: nf_tables: Reject tables of unsupported family
- CVE: https://linux.oracle.com/cve/CVE-2023-6040.html
- Patch: oel7-uek5/4.14.35-2047.535.2.1.el7uek/CVE-2023-6040-netfilter-nf_tables-Reject-tables-of-unsupported-family.patch
- From: 4.14.35-2047.535.2.1.el7uek
- CVE-2024-1086, CVSSv2 Score: 7.8
- Description:
netfilter: nf_tables: reject QUEUE/DROP verdict parameters
- CVE: https://linux.oracle.com/cve/CVE-2024-1086.html
- Patch: oel7-uek5/4.14.35-2047.535.2.1.el7uek/CVE-2024-1086-netfilter-nf_tables-reject-QUEUE-DROP-verdict-parameters-pre-529.3.2.patch
- From: 4.14.35-2047.535.2.1.el7uek
- CVE-2024-41090 CVE-2024-41091, CVSSv2 Score: 7.1
- Description:
net/mlx5e: drop shorter ethernet frames
- CVE: https://access.redhat.com/security/cve/CVE-2024-41091
- Patch: 4.14.35/CVE-2024-41090_CVE-2024-41091.patch
- From: 4.14.35-2047.538.5.1
- n/a, CVSSv2 Score: n/a
- Description:
x86/xen: Add xenpv_restore_regs_and_return_to_usermode()
- CVE: n/a
- Patch: 4.14.35/x86-xen-Add-xenpv_restore_regs_and_return_to_usermode.patch
- From: v5.16
- N/A, CVSSv2 Score: N/A
- Description:
Restrict access to pagemap/kpageflags/kpagecount
- CVE: http://googleprojectzero.blogspot.ru/2015/03/exploiting-dram-rowhammer-bug-to-gain.html
- Patch: 4.15.0/proc-restrict-pagemap-access.patch
- From: N/A
- N/A, CVSSv2 Score: N/A
- Description:
N/A
- CVE: N/A
- Patch: 4.14.0/kpatch-add-asm-definitions-uek-1.patch
- From: N/A
- CVE-2022-1729, CVSSv2 Score: 7.0
- Description:
perf: Fix sys_perf_event_open() race against self
- CVE: https://access.redhat.com/security/cve/CVE-2022-1729
- Patch: 4.14.0/CVE-2022-1729-perf-Fix-sys-perf-event-open-race-against-itself.patch
- From: 4.14.35-2047.513.2.1.el7uek