- kernel-5.14.0-570.17.1.el9_6 (rhel9)
- 5.14.0-570.24.1.el9_6
- 2025-07-08 07:37:33
- 2025-07-09 08:07:46
- K20250708_03
- CVE-2025-21647
- Description:
sched: sch_cake: add bounds checks to host bulk flow fairness counts
- CVE: https://access.redhat.com/security/cve/CVE-2025-21647
- Patch: rhel9/CVE-2025-21647-sched-sch_cake-add-bounds-checks-to-host-bulk-flow-fairness-counts.patch
- From: 5.14.0-570.12.1.el9_6
- CVE-2025-21964
- Description:
cifs: Fix integer overflow while processing acregmax mount option
- CVE: https://access.redhat.com/security/cve/CVE-2025-21964
- Patch: rhel9/5.14.0-570.18.1.el9_6/CVE-2025-21964-cifs-fix-integer-overflow-while-processing-acregmax-mount-option.patch
- From: 5.14.0-570.18.1.el9_6
- CVE-2022-3424
- Description:
misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os
- CVE: https://access.redhat.com/security/cve/CVE-2022-3424
- Patch: rhel9/5.14.0-570.19.1.el9_6/CVE-2022-3424-misc-sgi-gru-fix-use-after-free-error-in-gru_set_con.patch
- From: 5.14.0-570.19.1.el9_6
- CVE-2025-21764
- Description:
ndisc: use rcu protection in ndisc_alloc_skb()
- CVE: https://access.redhat.com/security/cve/cve-2025-21764
- Patch: rhel9/5.14.0-570.19.1.el9_6/CVE-2025-21764-ndisc-use-rcu-protection-in-ndisc-alloc-skb.patch
- From: 5.14.0-570.19.1.el9_6
- CVE-2025-21920
- Description:
vlan: enforce underlying device type
- CVE: https://access.redhat.com/security/cve/CVE-2025-21920
- Patch: rhel9/5.14.0-570.21.1.el9_6/CVE-2025-21920-vlan-enforce-underlying-device-type.patch
- From: 5.14.0-570.21.1.el9_6
- CVE-2025-21926
- Description:
net: gso: fix ownership in __udp_gso_segment
- CVE: https://access.redhat.com/security/cve/CVE-2025-21926
- Patch: rhel9/5.14.0-570.21.1.el9_6/CVE-2025-21926-net-gso-fix-ownership-in-udp-gso-segment.patch
- From: 5.14.0-570.21.1.el9_6
- CVE-2025-21997
- Description:
xsk: fix an integer overflow in xp_create_and_assign_umem()
- CVE: https://access.redhat.com/security/cve/CVE-2025-21997
- Patch: rhel9/5.14.0-570.21.1.el9_6/CVE-2025-21997-xsk-fix-an-integer-overflow-in-xp_create_and_assign_umem.patch
- From: 5.14.0-570.21.1.el9_6
- CVE-2025-22055
- Description:
net: fix geneve_opt length integer overflow
- CVE: https://access.redhat.com/security/cve/CVE-2025-22055
- Patch: rhel9/5.14.0-570.21.1.el9_6/CVE-2025-22055-net-fix-geneve-opt-length-integer-overflow.patch
- From: 5.14.0-570.21.1.el9_6
- CVE-2025-22055
- Description:
net: fix geneve_opt length integer overflow
- CVE: https://access.redhat.com/security/cve/CVE-2025-22055
- Patch: rhel9/5.14.0-570.21.1.el9_6/CVE-2025-22055-net-fix-geneve-opt-length-integer-overflow-kpatch.patch
- From: 5.14.0-570.21.1.el9_6
- CVE-2025-37943
- Description:
wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi
- CVE: https://access.redhat.com/security/cve/CVE-2025-37943
- Patch: rhel9/5.14.0-570.21.1.el9_6/CVE-2025-37943-wifi-ath12k-fix-invalid-data-access-in-ath12k-dp-rx-h-undecap-nwifi.patch
- From: 5.14.0-570.21.1.el9_6
- CVE-2025-37785
- Description:
ext4: fix OOB read when checking dotdot dir
- CVE: https://access.redhat.com/security/cve/CVE-2025-37785
- Patch: rhel9/5.14.0-570.21.1.el9_6/CVE-2025-37785-ext4-fix-OOB-read-when-checking-dotdot-dir.patch
- From: 5.14.0-570.21.1.el9_6
- CVE-2025-21961
- Description:
eth: bnxt: fix truesize for mb-xdp-pass case
- CVE: https://access.redhat.com/security/cve/CVE-2025-21961
- Patch: rhel9/5.14.0-570.22.1.el9_6/CVE-2025-21961-eth-bnxt-fix-truesize-for-mb-xdp-pass-case.patch
- From: 5.14.0-570.22.1.el9_6
- CVE-2025-21963
- Description:
cifs: Fix integer overflow while processing acdirmax mount option
- CVE: https://access.redhat.com/security/cve/CVE-2025-21963
- Patch: rhel9/5.14.0-570.22.1.el9_6/CVE-2025-21963-cifs-fix-integer-overflow-while-processing-acdirmax-mount-option.patch
- From: 5.14.0-570.22.1.el9_6
- CVE-2025-21979
- Description:
wifi: cfg80211: cancel wiphy_work before freeing wiphy
- CVE: https://access.redhat.com/security/cve/CVE-2025-21979
- Patch: rhel9/5.14.0-570.22.1.el9_6/CVE-2025-21979-wifi-cfg80211-cancel-wiphy-work-before-freeing-wiphy.patch
- From: 5.14.0-570.22.1.el9_6
- CVE-2025-21999
- Description:
proc: fix UAF in proc_get_inode()
- CVE: https://access.redhat.com/security/cve/CVE-2025-21999
- Patch: rhel9/5.14.0-570.22.1.el9_6/CVE-2025-21999-proc-fix-uaf-in-proc-get-inode.patch
- From: 5.14.0-570.22.1.el9_6
- CVE-2025-21999
- Description:
proc: fix UAF in proc_get_inode()
- CVE: https://access.redhat.com/security/cve/CVE-2025-21999
- Patch: rhel9/5.14.0-570.22.1.el9_6/CVE-2025-21999-proc-fix-uaf-in-proc-get-inode-kpatch.patch
- From: 5.14.0-570.22.1.el9_6
- CVE-2025-22126
- Description:
md: fix mddev uaf while iterating all_mddevs list
- CVE: https://access.redhat.com/security/cve/CVE-2025-22126
- Patch: rhel9/5.14.0-570.22.1.el9_6/CVE-2025-22126-md-fix-mddev-uaf-while-iterating-all-mddevs-list.patch
- From: 5.14.0-570.22.1.el9_6
- CVE-2023-52933
- Description:
Squashfs: fix handling and sanity checking of xattr_ids count
- CVE: https://access.redhat.com/security/cve/CVE-2023-52933
- Patch: rhel9/5.14.0-570.24.1.el9_6/CVE-2023-52933-squashfs-fix-handling-and-sanity-checking-of-xattr-ids-count.patch
- From: 5.14.0-570.24.1.el9_6