- kernel-5.14.0-503.19.1.el9_5 (almalinux9)
- 5.14.0-503.35.1.el9_5
- 2025-04-16 23:09:24
- 2025-04-18 09:09:16
- K20250417_03
- CVE-2024-50208, CVSSv2 Score: 5.5
- Description:
RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages
- CVE: https://access.redhat.com/security/cve/CVE-2024-50208
- Patch: rhel9/5.14.0-503.21.1.el9_5/CVE-2024-50208-rdma-bnxt-re-fix-a-bug-while-setting-up-level-2-pbl-pages.patch
- From: 5.14.0-503.21.1.el9_5
- CVE-2024-53122, CVSSv2 Score: 5.5
- Description:
mptcp: cope racing subflow creation in mptcp_rcv_space_adjust
- CVE: https://access.redhat.com/security/cve/CVE-2024-53122
- Patch: rhel9/5.14.0-503.21.1.el9_5/CVE-2024-53122-mptcp-cope-racing-subflow-creation-in-mptcp-rcv-space-adjust.patch
- From: 5.14.0-503.21.1.el9_5
- CVE-2024-50252, CVSSv2 Score: 5.5
- Description:
mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address
- CVE: https://access.redhat.com/security/cve/CVE-2024-50252
- Patch: rhel9/5.14.0-503.21.1.el9_5/CVE-2024-50252-mlxsw-spectrum_ipip-Fix-memory-leak-when-changing-remote-IPv6-address.patch
- From: 5.14.0-503.21.1.el9_5
- CVE-2024-46713, CVSSv2 Score: 5.5
- Description:
perf/aux: Fix AUX buffer serialization
- CVE: https://access.redhat.com/security/cve/CVE-2024-46713
- Patch: rhel9/5.14.0-503.21.1.el9_5/CVE-2024-46713-perf-aux-Fix-AUX-buffer-serialization.patch
- From: 5.14.0-503.21.1.el9_5
- CVE-2024-46713, CVSSv2 Score: 5.5
- Description:
perf/aux: Fix AUX buffer serialization (Adaptation)
- CVE: https://access.redhat.com/security/cve/CVE-2024-46713
- Patch: rhel9/5.14.0-503.21.1.el9_5/CVE-2024-46713-perf-aux-Fix-AUX-buffer-serialization-kpatch.patch
- From: 5.14.0-503.21.1.el9_5
- CVE-2024-50154, CVSSv2 Score: 7.8
- Description:
tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink()
- CVE: https://access.redhat.com/security/cve/CVE-2024-50154
- Patch: rhel9/5.14.0-503.22.1.el9_5/CVE-2024-50154-tcp-dccp-Don-t-use-timer_pending-in-reqsk_queue_unlink.patch
- From: 5.14.0-503.22.1.el9_5
- CVE-2024-50275, CVSSv2 Score: 7.0
- Description:
Discard stale CPU state when handling SVE traps
- CVE: https://access.redhat.com/security/cve/CVE-2024-50275
- Patch: rhel9/5.14.0-503.22.1.el9_5/CVE-2024-50275-arm64-sve-Discard-stale-CPU-state-when-handling-SVE.patch
- From: 5.14.0-503.22.1.el9_5
- CVE-2024-53088, CVSSv2 Score: 5.5
- Description:
fix race condition by adding filter's intermediate sync state
- CVE: https://access.redhat.com/security/cve/CVE-2024-53088
- Patch: rhel9/5.14.0-503.22.1.el9_5/CVE-2024-53088-0002-i40e-fix-race-condition-by-adding-filter-s-intermediate-sync-state.patch
- From: 5.14.0-503.22.1.el9_5
- CVE-2024-53104, CVSSv2 Score: 7.3
- Description:
media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format
- CVE: https://access.redhat.com/security/cve/CVE-2024-53104
- Patch: rhel9/5.14.0-503.23.2.el9_5/CVE-2024-53104-media-uvcvideo-Skip-parsing-frames-of-type-UVC_VS_UNDEFINED.patch
- From: 5.14.0-503.23.2.el9_5
- CVE-2023-52490, CVSSv2 Score: 5.5
- Description:
mm: migrate: fix getting incorrect page mapping during page migration
- CVE: https://access.redhat.com/security/cve/CVE-2023-52490
- Patch: rhel9/5.14.0-503.26.1.el9_5/CVE-2023-52490-mm-migrate-fix-getting-incorrect-page-mapping-during-page-migration.patch
- From: 5.14.0-503.23.2.el9_5
- CVE-2024-53113, CVSSv2 Score: 5.5
- Description:
mm: fix NULL pointer dereference in alloc_pages_bulk_noprof
- CVE: https://access.redhat.com/security/cve/CVE-2024-53113
- Patch: rhel9/5.14.0-503.31.1.el9_5/CVE-2024-53113-mm-fix-null-pointer-dereference-in-alloc-pages-bulk-noprof.patch
- From: 5.14.0-503.31.1.el9_5
- CVE-2024-53197, CVSSv2 Score: 5.5
- Description:
ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices
- CVE: https://access.redhat.com/security/cve/CVE-2024-53197
- Patch: rhel9/5.14.0-503.31.1.el9_5/CVE-2024-53197-ALSA-usb-audio-Fix-potential-out-of-bound-accesses-for-Extigy-and-Mbox-devices.patch
- From: 5.14.0-503.31.1.el9_5
- CVE-2023-52922, CVSSv2 Score: 7.8
- Description:
can: bcm: Fix UAF in bcm_proc_show()
- CVE: https://access.redhat.com/security/cve/CVE-2023-52922
- Patch: rhel9/5.14.0-503.31.1.el9_5/CVE-2023-52922-can-bcm-fix-uaf-in-bcm-proc-show.patch
- From: 5.14.0-503.31.1.el9_5
- CVE-2023-52605, CVSSv2 Score:
- Description:
CVE Rejected
- CVE:
- Patch: skipped/CVE-2023-52605.patch
- From:
- CVE-2024-50264, CVSSv2 Score: 7.8
- Description:
vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans
- CVE: https://access.redhat.com/security/cve/CVE-2024-50264
- Patch: rhel9/5.14.0-503.31.1.el9_5/CVE-2024-50264-vsock-virtio-initialization-of-the-dangling-pointer-occurring-in-vsk-trans.patch
- From: 5.14.0-503.31.1.el9_5
- CVE-2024-50302, CVSSv2 Score: 7.8
- Description:
HID: core: zero-initialize the report buffer
- CVE: https://access.redhat.com/security/cve/CVE-2024-50302
- Patch: rhel9/5.14.0-503.31.1.el9_5/CVE-2024-50302-hid-core-zero-initialize-the-report-buffer.patch
- From: 5.14.0-503.31.1.el9_5
- CVE-2025-21785, CVSSv2 Score:
- Description:
Out of scope: ARM64 architecture isn't supported for current kernel
- CVE:
- Patch: skipped/CVE-2025-21785.patch
- From:
- CVE-2024-43855, CVSSv2 Score: 5.5
- Description:
md: fix deadlock between mddev_suspend and flush bio
- CVE: https://access.redhat.com/security/cve/CVE-2024-43855
- Patch: rhel9/5.14.0-503.35.1.el9_5/CVE-2024-43855-md-fix-deadlock-between-mddev-suspend-and-flush-bio.patch
- From: 5.14.0-503.35.1.el9_5