- kernel-5.14.0-570.49.1.el9_6 (rhel9)
- 5.14.0-570.55.1.el9_6
- 2025-11-03 10:35:49
- 2025-11-04 09:12:04
- K20251103_01
- CVE-2024-50301
- Description:
security/keys: fix slab-out-of-bounds in key_task_permission
- CVE: https://access.redhat.com/security/cve/CVE-2024-50301
- Patch: rhel9/5.14.0-570.51.1.el9_6/CVE-2024-50301-security-keys-fix-slab-out-of-bounds-in-key-task-permission.patch
- From: 5.14.0-570.51.1.el9_6
- CVE-2025-38351
- Description:
KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush
- CVE: https://access.redhat.com/security/cve/CVE-2025-38351
- Patch: rhel9/5.14.0-570.51.1.el9_6/CVE-2025-38351-kvm-x86-hyper-v-skip-non-canonical-addresses-during-pv-tlb-flush.patch
- From: 5.14.0-570.51.1.el9_6
- CVE-2025-39761
- Description:
wifi: ath12k: Decrement TID on RX peer frag setup error handling
- CVE: https://access.redhat.com/security/cve/CVE-2025-39761
- Patch: rhel9/5.14.0-570.51.1.el9_6/CVE-2025-39761-wifi-ath12k-decrement-tid-on-rx-peer-frag-setup-error-handling.patch
- From: 5.14.0-570.51.1.el9_6
- CVE-2025-38556
- Description:
HID: simplify snto32()
- CVE: https://access.redhat.com/security/cve/CVE-2025-38556
- Patch: rhel9/5.14.0-570.52.1.el9_6/CVE-2025-38556-hid-simplify-snto32.patch
- From: 5.14.0-570.52.1.el9_6
- CVE-2025-38556
- Description:
HID: stop exporting hid_snto32()
- CVE: https://access.redhat.com/security/cve/CVE-2025-38556
- Patch: rhel9/5.14.0-570.52.1.el9_6/CVE-2025-38556-hid-stop-exporting-hid_snto32.patch
- From: 5.14.0-570.52.1.el9_6
- CVE-2025-38556
- Description:
HID: core: Harden s32ton() against conversion to 0 bits
- CVE: https://access.redhat.com/security/cve/CVE-2025-38556
- Patch: rhel9/5.14.0-570.52.1.el9_6/CVE-2025-38556-hid-core-harden-s32ton-against-conversion-to-0-bits.patch
- From: 5.14.0-570.52.1.el9_6
- CVE-2025-38556
- Description:
HID: stop exporting hid_snto32()
- CVE: https://access.redhat.com/security/cve/CVE-2025-38556
- Patch: rhel9/5.14.0-570.52.1.el9_6/CVE-2025-38556-hid-stop-exporting-hid_snto32-kpatch.patch
- From: 5.14.0-570.52.1.el9_6
- CVE-2025-39757
- Description:
ALSA: usb-audio: Validate UAC3 cluster segment descriptors
- CVE: https://access.redhat.com/security/cve/CVE-2025-39757
- Patch: rhel9/5.14.0-570.52.1.el9_6/CVE-2025-39757-alsa-usb-audio-validate-uac3-cluster-segment-descriptors.patch
- From: 5.14.0-570.52.1.el9_6
- CVE-2025-39757
- Description:
ALSA: usb-audio: Fix size validation in convert_chmap_v3()
- CVE: https://access.redhat.com/security/cve/CVE-2025-39757
- Patch: rhel9/5.14.0-570.52.1.el9_6/CVE-2025-39757-alsa-usb-audio-fix-size-validation-in-convert_chmap_v3.patch
- From: 5.14.0-570.52.1.el9_6
- CVE-2023-53373
- Description:
crypto: seqiv - Handle EBUSY correctly
- CVE: https://access.redhat.com/security/cve/CVE-2023-53373
- Patch: rhel9/5.14.0-570.52.1.el9_6/CVE-2023-53373-crypto-seqiv-handle-ebusy-correctly.patch
- From: 5.14.0-570.52.1.el9_6
- CVE-2025-22026
- Description:
nfsd: don't ignore the return code of svc_proc_register()
- CVE: https://access.redhat.com/security/cve/CVE-2025-22026
- Patch: rhel9/5.14.0-570.55.1.el9_6/CVE-2025-22026-nfsd-don-t-ignore-the-return-code-of-svc-proc-register.patch
- From: 5.14.0-570.55.1.el9_6
- CVE-2025-39849
- Description:
wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result()
- CVE: https://access.redhat.com/security/cve/CVE-2025-39849
- Patch: rhel9/5.14.0-570.55.1.el9_6/CVE-2025-39849-wifi-cfg80211-sme-cap-ssid-length-in-cfg80211-connect-result.patch
- From: 5.14.0-570.55.1.el9_6
- CVE-2025-38566
- Description:
sunrpc: fix handling of server side tls alerts
- CVE: https://access.redhat.com/security/cve/CVE-2025-38566
- Patch: rhel9/5.14.0-570.55.1.el9_6/CVE-2025-38566-sunrpc-fix-handling-of-server-side-tls-alerts.patch
- From: 5.14.0-570.55.1.el9_6
- CVE-2025-39817
- Description:
efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare
- CVE: https://access.redhat.com/security/cve/CVE-2025-39817
- Patch: rhel9/5.14.0-570.55.1.el9_6/CVE-2025-39817-efivarfs-fix-slab-out-of-bounds-in-efivarfs-d-compare.patch
- From: 5.14.0-570.55.1.el9_6
- CVE-2025-38571
- Description:
sunrpc: fix client side handling of tls alerts
- CVE: https://access.redhat.com/security/cve/CVE-2025-38571
- Patch: rhel9/5.14.0-570.55.1.el9_6/CVE-2025-38571-sunrpc-fix-client-side-handling-of-tls-alerts.patch
- From: 5.14.0-570.55.1.el9_6
- CVE-2025-38571
- Description:
SUNRPC: call xs_sock_process_cmsg for all cmsg
- CVE: https://access.redhat.com/security/cve/CVE-2025-38571
- Patch: rhel9/5.14.0-570.55.1.el9_6/CVE-2025-38571-sunrpc-call-xs_sock_process_cmsg-for-all-cmsg.patch
- From: 5.14.0-570.55.1.el9_6
- CVE-2025-39841
- Description:
scsi: lpfc: Fix buffer free/clear order in deferred receive path
- CVE: https://access.redhat.com/security/cve/CVE-2025-39841
- Patch: rhel9/5.14.0-570.55.1.el9_6/CVE-2025-39841-scsi-lpfc-fix-buffer-free-clear-order-in-deferred-receive-path.patch
- From: 5.14.0-570.55.1.el9_6
- CVE-2022-50087
- Description:
Out of scope: not affected
- CVE:
- Patch: skipped/CVE-2022-50087.patch
- From: