- kernel-3.10.0-1160.119.1.el7.tuxcare.els15 (centos7)
- 3.10.0-1160.119.1.el7.tuxcare.els21
- 2025-07-11 08:00:16
- 2025-07-14 12:43:04
- K20250711_01
- CVE-2024-56759
- Description:
btrfs: fix use-after-free when COWing tree bock and tracing is enabled
- CVE: https://access.redhat.com/security/cve/CVE-2024-56759
- Patch: rhel7/3.10.0-1160.119.1.el7.tuxcare.els16/CVE-2024-56759-btrfs-fix-use-after-free-when-COWing-tr.patch
- From: 3.10.0-1160.119.1.el7.tuxcare.els16
- CVE-2024-35849
- Description:
btrfs: fix information leak in btrfs_ioctl_logical_to_ino()
- CVE: https://access.redhat.com/security/cve/CVE-2024-35849
- Patch: rhel7/3.10.0-1160.119.1.el7.tuxcare.els16/CVE-2024-35849-btrfs-fix-information-leak-in-btrfs_ioc.patch
- From: 3.10.0-1160.119.1.el7.tuxcare.els16
- CVE-2024-53239
- Description:
ALSA: 6fire: Release resources at card release
- CVE: https://access.redhat.com/security/cve/CVE-2024-53239
- Patch: rhel7/3.10.0-1160.119.1.el7.tuxcare.els16/CVE-2024-53239-ALSA-6fire-Release-resources-at-card-re.patch
- From: 3.10.0-1160.119.1.el7.tuxcare.els16
- CVE-2024-53104
- Description:
media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format
- CVE: https://access.redhat.com/security/cve/CVE-2024-53104
- Patch: rhel7/3.10.0-1160.119.1.el7.tuxcare.els16/CVE-2024-53104-media-uvcvideo-Skip-parsing-frames-of-t.patch
- From: 3.10.0-1160.119.1.el7.tuxcare.els16
- CVE-2024-53239
- Description:
ALSA: 6fire: Release resources at card release
- CVE: https://access.redhat.com/security/cve/CVE-2024-53239
- Patch: rhel7/3.10.0-1160.119.1.el7.tuxcare.els16/CVE-2024-53239-ALSA-6fire-Release-resources-at-card-release-kpatch.patch
- From: 3.10.0-1160.119.1.el7.tuxcare.els16
- CVE-2024-57798
- Description:
drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req()
- CVE: https://access.redhat.com/security/cve/CVE-2024-57798
- Patch: rhel7/3.10.0-1160.119.1.el7.tuxcare.els17/CVE-2024-57798-drm-dp_mst-Ensure-mst_primary-pointer-i.patch
- From: 3.10.0-1160.119.1.el7.tuxcare.els17
- CVE-2024-53150
- Description:
ALSA: usb-audio: Fix out of bounds reads when finding clock sources
- CVE: https://access.redhat.com/security/cve/CVE-2024-53150
- Patch: rhel7/3.10.0-1160.119.1.el7.tuxcare.els17/CVE-2024-53150-ALSA-usb-audio-Fix-out-of-bounds-reads-.patch
- From: 3.10.0-1160.119.1.el7.tuxcare.els17
- CVE-2024-50143
- Description:
udf: fix uninit-value use in udf_get_fileshortad
- CVE: https://access.redhat.com/security/cve/CVE-2024-50143
- Patch: rhel7/3.10.0-1160.119.1.el7.tuxcare.els18/CVE-2024-50143-udf-fix-uninit-value-use-in-udf_get_fil.patch
- From: 3.10.0-1160.119.1.el7.tuxcare.els18
- CVE-2024-50234
- Description:
wifi: iwlegacy: Clear stale interrupts before resuming device
- CVE: https://access.redhat.com/security/cve/CVE-2024-50234
- Patch: rhel7/3.10.0-1160.119.1.el7.tuxcare.els18/CVE-2024-50234-wifi-iwlegacy-Clear-stale-interrupts-be.patch
- From: 3.10.0-1160.119.1.el7.tuxcare.els18
- CVE-2024-50267
- Description:
USB: serial: io_edgeport: fix use after free in debug printk
- CVE: https://access.redhat.com/security/cve/CVE-2024-50267
- Patch: rhel7/3.10.0-1160.119.1.el7.tuxcare.els18/CVE-2024-50267-USB-serial-io_edgeport-fix-use-after-fr.patch
- From: 3.10.0-1160.119.1.el7.tuxcare.els18
- CVE-2024-50282
- Description:
Kernel is not affected
- CVE:
- Patch: skipped/CVE-2024-50282.patch
- From:
- CVE-2024-50302
- Description:
HID: core: zero-initialize the report buffer
- CVE: https://access.redhat.com/security/cve/CVE-2024-50302
- Patch: rhel7/3.10.0-1160.119.1.el7.tuxcare.els18/HID-core-zero-initialize-the-report-buffer.patch
- From: 3.10.0-1160.119.1.el7.tuxcare.els18
- CVE-2024-57980
- Description:
media: uvcvideo: Fix double free in error path
- CVE: https://access.redhat.com/security/cve/CVE-2024-57980
- Patch: rhel7/3.10.0-1160.119.1.el7.tuxcare.els19/CVE-2024-57980-media-uvcvideo-Fix-double-free-in-error.patch
- From: 3.10.0-1160.119.1.el7.tuxcare.els19
- CVE-2024-27008
- Description:
CVE addresses issue during bootup, cannot be fixed with KernelCare
- CVE:
- Patch: skipped/CVE-2024-27008.patch
- From:
- CVE-2025-21920
- Description:
vlan: enforce underlying device type
- CVE: https://access.redhat.com/security/cve/CVE-2025-21920
- Patch: rhel7/3.10.0-1160.119.1.el7.tuxcare.els20/CVE-2025-21920-vlan-enforce-underlying-device-type.patch
- From: 3.10.0-1160.119.1.el7.tuxcare.els20
- CVE-2025-21993
- Description:
iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()
- CVE: https://access.redhat.com/security/cve/CVE-2025-21993
- Patch: rhel7/3.10.0-1160.119.1.el7.tuxcare.els20/CVE-2025-21993-iscsi_ibft-Fix-UBSAN-shift-out-of-bound.patch
- From: 3.10.0-1160.119.1.el7.tuxcare.els20
- CVE-2025-37785
- Description:
ext4: fix OOB read when checking dotdot dir
- CVE: https://access.redhat.com/security/cve/CVE-2025-37785
- Patch: rhel7/3.10.0-1160.119.1.el7.tuxcare.els20/CVE-2025-37785-ext4-fix-OOB-read-when-checking-dotdot-.patch
- From: 3.10.0-1160.119.1.el7.tuxcare.els20
- CVE-2025-21969
- Description:
Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd
- CVE: https://access.redhat.com/security/cve/CVE-2025-21969
- Patch: rhel7/3.10.0-1160.119.1.el7.tuxcare.els20/CVE-2025-21969-Bluetooth-L2CAP-Fix-slab-use-after-free.patch
- From: 3.10.0-1160.119.1.el7.tuxcare.els20
- CVE-2024-53197
- Description:
ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices
- CVE: https://access.redhat.com/security/cve/CVE-2024-53197
- Patch: rhel7/3.10.0-1160.119.1.el7.tuxcare.els20/CVE-2024-53197-ALSA-usb-audio-Fix-potential-out-of-bou.patch
- From: 3.10.0-1160.119.1.el7.tuxcare.els20
- CVE-2024-26958
- Description:
nfs: fix UAF in direct writes
- CVE: https://access.redhat.com/security/cve/CVE-2024-26958
- Patch: rhel7/3.10.0-1160.119.1.el7.tuxcare.els21/CVE-2024-26958-nfs-fix-UAF-in-direct-writes.patch
- From: 3.10.0-1160.119.1.el7.tuxcare.els21
- CVE-2024-26872
- Description:
RDMA/srpt: Do not register event handler until srpt device is fully setup
- CVE: https://access.redhat.com/security/cve/CVE-2024-26872
- Patch: rhel7/3.10.0-1160.119.1.el7.tuxcare.els21/CVE-2024-26872-RDMA-srpt-Do-not-register-event-handler.patch
- From: 3.10.0-1160.119.1.el7.tuxcare.els21
- CVE-2024-26982
- Description:
Squashfs: check the inode number is not the invalid value of zero
- CVE: https://access.redhat.com/security/cve/CVE-2024-26982
- Patch: rhel7/3.10.0-1160.119.1.el7.tuxcare.els21/CVE-2024-26982-Squashfs-check-the-inode-number-is-not-.patch
- From: 3.10.0-1160.119.1.el7.tuxcare.els21
- CVE-2024-35896
- Description:
netfilter: validate user input for expected length
- CVE: https://access.redhat.com/security/cve/CVE-2024-35896
- Patch: rhel7/3.10.0-1160.119.1.el7.tuxcare.els21/CVE-2024-35896-netfilter-validate-user-input-for-expec.patch
- From: 3.10.0-1160.119.1.el7.tuxcare.els21
- CVE-2024-41014
- Description:
xfs: add bounds checking to xlog_recover_process_data
- CVE: https://access.redhat.com/security/cve/CVE-2024-41014
- Patch: rhel7/3.10.0-1160.119.1.el7.tuxcare.els21/CVE-2024-41014-xfs-add-bounds-checking-to-xlog_recover.patch
- From: 3.10.0-1160.119.1.el7.tuxcare.els21
- CVE-2025-21702
- Description:
pfifo_tail_enqueue: Drop new packet when sch->limit == 0
- CVE: https://access.redhat.com/security/cve/CVE-2025-21702
- Patch: rhel7/3.10.0-1160.119.1.el7.tuxcare.els21/CVE-2025-21702-pfifo_tail_enqueue-Drop-new-packet-when.patch
- From: 3.10.0-1160.119.1.el7.tuxcare.els21