KernelCare Directory

kernel-5.10.149-133.644.amzn2 (amazon2-5.10)
Kernel Update Version: 5.10.224-212.876.amzn2
Build Date: 2024-09-10 11:00:26
Release Date: 2024-09-11 11:05:35
Release: K20240910_03

CVE-2021-3759
Description:
memcg: enable accounting of ipc resources
CVE: https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3759
Patch: 5.4.0/CVE-2021-3759-890617-memcg-enable-accounting-of-ipc-resources.patch
From: kernel-5.4.0-90.101

CVE-2022-3524
Description:
tcp/udp: Fix memory leak in ipv6_renew_options().
CVE: https://ubuntu.com/security/CVE-2022-3524
Patch: ubuntu-jammy/5.15.0-53.59/0011-tcp-udp-Fix-memory-leak-in-ipv6_renew_options.patch
From: 5.15.0-53.59

CVE-2022-3535
Description:
net: mvpp2: fix mvpp2 debugfs leak
CVE: https://alas.aws.amazon.com/cve/html/CVE-2022-3535.html
Patch: 5.10.0/CVE-2022-3535-mvpp2-fix-mvpp2-debugfs-leak.patch
From: 5.10.150

CVE-2022-3535
Description:
net: mvpp2: fix mvpp2 debugfs leak (adaptation)
CVE: https://alas.aws.amazon.com/cve/html/CVE-2022-3535.html
Patch: 5.4.0/CVE-2022-3535-mvpp2-fix-mvpp2-debugfs-leak-kpatch.patch
From: 5.4.220

CVE-2022-3542
Description:
bnx2x: fix potential memory leak in bnx2x_tpa_stop()
CVE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2022-3542
Patch: 4.14.0/CVE-2022-3542-bnx2x-fix-potential-memory-leak-in-bnx2x_tpa_stop.patch
From: 4.14.296

CVE-2022-3565
Description:
mISDN: fix use-after-free bugs in l1oip timer handlers
CVE: https://ubuntu.com/security/CVE-2022-3565
Patch: ubuntu-focal/5.4.0-135.152/0001-mISDN-fix-use-after-free-bugs-in-l1oip-timer-handler.patch
From: 5.4.0-135.152

CVE-2022-3565
Description:
mISDN: fix use-after-free bugs in l1oip timer handlers (adaptation)
CVE: https://ubuntu.com/security/CVE-2022-3565
Patch: ubuntu-focal/5.4.0-135.152/CVE-2022-3565-kpatch.patch
From: 5.4.0-135.152

CVE-2022-3594
Description:
r8152: Rate limit overflow messages
CVE: https://ubuntu.com/security/CVE-2022-3594
Patch: ubuntu-focal/5.4.0-135.152/0001-CVE-2022-3594-r8152-Rate-limit-overflow-messages.patch
From: 5.4.0-135.152

CVE-2022-41849
Description:
fbdev: smscufx: Fix use-after-free in ufx_ops_open()
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41849
Patch: 4.14.0/CVE-2022-41849-fbdev-smscufx-Fix-use-after-free-in-ufx_ops_open.patch
From: 5.19.12

CVE-2022-41850
Description:
HID: roccat: Fix use-after-free in roccat_read()
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41850
Patch: 4.14.0/CVE-2022-41850-HID-roccat-Fix-use-after-free-in-roccat_read.patch
From: 5.19.12

CVE-2022-3169
Description:
memcg: enable accounting of ipc resources
CVE: https://alas.aws.amazon.com/cve/html/CVE-2022-3169.html
Patch: 5.10.0/CVE-2022-3169-nvme-ensure-subsystem-reset-is-single-threaded.patch
From: kernel-5.4.0-90.101

CVE-2022-3643
Description:
xen/netback: Ensure protocol headers don't fall in the non-linear area
CVE: https://ubuntu.com/security/CVE-2022-3643
Patch: 5.10.0/CVE-2022-3643-0001-xen-netback-Ensure-protocol-headers-don-t-fall-in-th.patch
From: 5.10.158-1

CVE-2022-4378
Description:
proc: avoid integer type confusion in get_proc_long
CVE: https://security-tracker.debian.org/tracker/CVE-2022-4378
Patch: 5.10.0/0001-proc-proc_skip_spaces-shouldn-t-think-it-is-working-on-C-strings.patch
From: 5.10.158-1

CVE-2022-3623
Description:
mm/hugetlb: fix races when looking up a CONT-PTE/PMD size
CVE: https://ubuntu.com/security/CVE-2022-3623
Patch: 5.10.0/CVE-2022-3623-hugetlb-fix-races-when-looking-up-CONT-PTE-PMD-size-hugetlb-page.patch
From: 5.10.162-1

CVE-2022-47929
Description:
net: sched: disallow noqueue for qdisc classes
CVE: https://alas.aws.amazon.com/cve/html/CVE-2022-47929.html
Patch: 5.10.0/CVE-2022-47929-net-sched-disallow-noqueue-for-qdisc-classes-aws.patch
From: 5.10.165-143.735.amzn2

CVE-2023-0179
Description:
netfilter: nft_payload: incorrect arithmetics when fetching
CVE: https://alas.aws.amazon.com/cve/html/CVE-2023-0179.html
Patch: 5.10.0/CVE-2023-0179-netfilter-nft_payload-incorrect-arithmetics-when-fetching-VLAN-header-bits-aws.patch
From: 5.10.165-143.735.amzn2

CVE-2023-0394
Description:
ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
CVE: https://alas.aws.amazon.com/cve/html/CVE-2023-0394.html
Patch: 5.10.0/CVE-2023-0394-ipv6-raw-deduct-extension-header-length-in-rawv6_push_pending_frames-aws.patch
From: 5.10.165-143.735.amzn2

CVE-2023-23454
Description:
net: sched: cbq: dont intepret cls results when asked to drop
CVE: https://alas.aws.amazon.com/cve/html/CVE-2023-23454.html
Patch: 5.10.0/CVE-2023-23454-net-sched-cbq-dont-intepret-cls-results-when-asked-to-drop-aws.patch
From: 5.10.165-143.735.amzn2

CVE-2023-23455
Description:
net: sched: atm: dont intepret cls results when asked to drop
CVE: https://alas.aws.amazon.com/cve/html/CVE-2023-23455.html
Patch: 5.10.0/CVE-2023-23455-net-sched-atm-dont-intepret-cls-results-when-asked-to-drop-aws.patch
From: 5.10.165-143.735.amzn2

CVE-2022-4129
Description:
net: fix a concurrency bug in l2tp_tunnel_register()
CVE: https://alas.aws.amazon.com/cve/html/CVE-2022-4129.html
Patch: 5.10.0/CVE-2022-4129-0001-net-fix-a-concurrency-bug-in-l2tp_tunnel_register.patch
From: 5.10.167-147.601.amzn2

CVE-2022-4129
Description:
l2tp: Serialize access to sk_user_data with sk_callback_lock
CVE: https://alas.aws.amazon.com/cve/html/CVE-2022-4129.html
Patch: 5.10.0/CVE-2022-4129-0002-l2tp-Serialize-access-to-sk_user_data-with-sk_callback_lock.patch
From: 5.10.167-147.601.amzn2

CVE-2022-4129
Description:
l2tp: Don't sleep and disable BH under writer-side sk_callback_lock
CVE: https://alas.aws.amazon.com/cve/html/CVE-2022-4129.html
Patch: 5.10.0/CVE-2022-4129-0003-l2tp-Don-t-sleep-and-disable-BH-under-writer-side-sk_callback_lock.patch
From: 5.10.167-147.601.amzn2

CVE-2022-2196
Description:
KVM: VMX: Execute IBPB on emulated VM-exit when guest has IBRS
CVE: https://alas.aws.amazon.com/cve/html/CVE-2022-2196.html
Patch: 5.10.0/CVE-2022-2196-KVM-VMX-Execute-IBPB-on-emulated-VM-exit-when-guest-has-IBRS.patch
From: 5.10.173-154.642.amzn2

CVE-2023-1077
Description:
sched/rt: pick_next_rt_entity(): check list_entry
CVE: https://alas.aws.amazon.com/cve/html/CVE-2023-1077.html
Patch: 5.10.0/CVE-2023-1077-sched-rt-pick_next_rt_entity-check-list_entry.patch
From: 5.10.173-154.642.amzn2

CVE-2023-1078
Description:
rds: rds_rm_zerocopy_callback() use list_first_entry()
CVE: https://alas.aws.amazon.com/cve/html/CVE-2023-1078.html
Patch: 5.10.0/CVE-2023-1078-rds-rds_rm_zerocopy_callback-use-list_first_entry.patch
From: 5.10.173-154.642.amzn2

CVE-2023-22998
Description:
drm/virtio: Fix NULL vs IS_ERR checking in virtio_gpu_object_shmem_init()
CVE: https://alas.aws.amazon.com/cve/html/CVE-2023-22998.html
Patch: 5.10.0/CVE-2023-22998-0001-drm-virtio-Fix-NULL-vs-IS_ERR-checking-in-virtio_gpu_object_shmem_init.patch
From: 5.10.173-154.642.amzn2

CVE-2023-22998
Description:
drm/virtio: Correct drm_gem_shmem_get_sg_table() error handling
CVE: https://alas.aws.amazon.com/cve/html/CVE-2023-22998.html
Patch: 5.10.0/CVE-2023-22998-0002-drm-virtio-Correct-drm_gem_shmem_get_sg_table-error-handling.patch
From: 5.10.173-154.642.amzn2

CVE-2023-22998
Description:
drm/virtio: Fix error code in virtio_gpu_object_shmem_init()
CVE: https://alas.aws.amazon.com/cve/html/CVE-2023-22998.html
Patch: 5.10.0/CVE-2023-22998-0003-drm-virtio-Fix-error-code-in-virtio_gpu_object_shmem_init.patch
From: 5.10.173-154.642.amzn2

CVE-2023-26545
Description:
net: mpls: fix stale pointer if allocation fails during device rename
CVE: https://alas.aws.amazon.com/cve/html/CVE-2023-26545.html
Patch: 5.10.0/CVE-2023-26545-net-mpls-fix-stale-pointer-if-allocation-fails-during-device-rename.patch
From: 5.10.173-154.642.amzn2

CVE-2022-27672
Description:
x86/speculation: Identify processors vulnerable to SMT RSB predictions
CVE: https://alas.aws.amazon.com/cve/html/CVE-2022-27672.html
Patch: smt_rsb-enable.patch
From: N/A

CVE-2022-27672
Description:
KVM: x86: Mitigate the cross-thread return address predictions bug
CVE: https://alas.aws.amazon.com/cve/html/CVE-2022-27672.html
Patch: 5.10.0/CVE-2022-27672-KVM-x86-Mitigate-the-cross-thread-return-address-predictions-bug.patch
From: 5.10.173-154.642.amzn2

CVE-2022-27672
Description:
KVM: x86: Mitigate the cross-thread return address predictions bug (adaptation)
CVE: https://alas.aws.amazon.com/cve/html/CVE-2022-27672.html
Patch: 5.10.0/CVE-2022-27672-KVM-x86-Mitigate-the-cross-thread-return-address-predictions-bug-kpatch.patch
From: 5.10.173-154.642.amzn2

CVE-2024-1086
Description:
netfilter: nf_tables: reject QUEUE/DROP verdict parameters
CVE: https://alas.aws.amazon.com/cve/html/CVE-2024-1086.html
Patch: amazon2-5.10/5.10.186-179.751.amzn2/CVE-2024-1086-smart-patch-for-net-netfilter-nf-tables-api-c.patch
From: 5.10.209-198.858.amzn2

CVE-2024-0340
Description:
vhost: use kzalloc() instead of kmalloc() followed by memset()
CVE: https://alas.aws.amazon.com/cve/html/CVE-2024-0340.html
Patch: amazon2-5.10/5.10.210-201.852.amzn2/CVE-2024-0340-patch-vhost-use-kzalloc-instead-of-kmalloc-followed-by.patch
From: 5.10.210-201.852.amzn2

CVE-2024-23850
Description:
btrfs: do not ASSERT() if the newly created subvolume already got read
CVE: https://alas.aws.amazon.com/cve/html/CVE-2024-23850.html
Patch: amazon2-5.10/5.10.210-201.852.amzn2/CVE-2024-23850-patch-btrfs-do-not-assert-if-the-newly-created-subvolume-already.patch
From: 5.10.210-201.852.amzn2

CVE-2023-52435
Description:
net: prevent mss overflow in skb_segment()
CVE: https://alas.aws.amazon.com/cve/html/CVE-2023-52435.html
Patch: amazon2-5.10/5.10.210-201.852.amzn2/CVE-2023-52435-patch-net-prevent-mss-overflow-in-skb-segment.patch
From: 5.10.210-201.852.amzn2

CVE-2024-23851 CVE-2023-52429
Description:
dm: limit the number of targets and parameter size area
CVE: https://alas.aws.amazon.com/cve/html/CVE-2023-52429.html
Patch: amazon2-5.10/5.10.210-201.852.amzn2/CVE-2023-52429-CVE-2024-23851-patch-dm-limit-the-number-of-targets-and-parameter-size-area.patch
From: 5.10.210-201.852.amzn2

CVE-2024-1151
Description:
net: openvswitch: limit the number of recursions from action sets
CVE: https://alas.aws.amazon.com/cve/html/CVE-2024-1151.html
Patch: amazon2-5.10/5.10.210-201.852.amzn2/CVE-2024-1151-net-openvswitch-limit-the-number-of-recursions-from-action-sets.patch
From: 5.10.210-201.852.amzn2

CVE-2024-42259
Description:
drm/i915/gem: Fix Virtual Memory mapping boundaries
CVE: https://alas.aws.amazon.com/cve/html/CVE-2024-42259.html
Patch: amazon2-5.10/5.10.224-212.876.amzn2/CVE-2024-42259-drm-i915-gem-fix-virtual-memory-mapping-boundaries.patch
From: 5.10.224-212.876.amzn2

CVE-2024-43871
Description:
devres: Fix memory leakage caused by driver API
CVE: https://alas.aws.amazon.com/cve/html/CVE-2024-43871.html
Patch: amazon2-5.10/5.10.224-212.876.amzn2/CVE-2024-43871-devres-fix-memory-leakage-caused-by-driver-api.patch
From: 5.10.224-212.876.amzn2

CVE-2022-4379
Description:
NFSD: fix use-after-free in __nfs42_ssc_open()
CVE: https://alas.aws.amazon.com/cve/html/CVE-2022-4379.html
Patch: amazon2/5.10.177-158.645.amzn2/CVE-2022-4379-NFSD-fix-use-after-free-in-__nfs42_ssc_open.patch
From: 5.10.177-158.645.amzn2

CVE-2023-2194
Description:
i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
CVE: https://alas.aws.amazon.com/cve/html/CVE-2023-2194.html
Patch: amazon2/5.10.177-158.645.amzn2/CVE-2023-2194-i2c-xgene-slimpro-Fix-out-of-bounds-bug-in-xgene_sli.patch
From: 5.10.177-158.645.amzn2

CVE-2023-28466
Description:
net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
CVE: https://alas.aws.amazon.com/cve/html/CVE-2023-28466.html
Patch: amazon2/5.10.177-158.645.amzn2/CVE-2023-28466-net-tls-fix-possible-race-condition-between-do_tls_g.patch
From: 5.10.177-158.645.amzn2

CVE-2023-33203
Description:
net: qcom/emac: Fix use after free bug in emac_remove due to race condition
CVE: https://alas.aws.amazon.com/cve/html/CVE-2023-33203.html
Patch: amazon2/5.10.177-158.645.amzn2/CVE-2023-33203-net-qcom-emac-Fix-use-after-free-bug-in-emac_remove-.patch
From: 5.10.177-158.645.amzn2