- kernel-xen-2.6.18-274.3.1.el5 (centos5)
- 2.6.18-419.el5
- 2017-08-02 15:42:40
- 2017-08-02 12:49:14
- 02082017_2
- CVE-2012-1583, CVSSv2 Score: 5.0
- Description:
[IPV6]: Fix slab corruption running ip6sic
- CVE: https://access.redhat.com/security/cve/CVE-2012-1583
- Patch: 2.6.18/linux-2.6-net-ipv6-fix-skb-double-free-in-xfrm6_tunnel.patch
- From: kernel-2.6.18-308.8.2.el5
- CVE-2012-2136, CVSSv2 Score: 7.2
- Description:
net: sock: validate data_len before allocating skb in sock_alloc_send_pskb()
- CVE: https://access.redhat.com/security/cve/CVE-2012-2136
- Patch: 2.6.18/linux-2.6-net-sock-validate-data_len-before-allocating-skb-in-sock_alloc_send_pskb.patch
- From: kernel-2.6.18-308.8.2.el5
- CVE-2012-2313, CVSSv2 Score: 1.2
- Description:
dl2k: Clean up rio_ioctl
- CVE: https://access.redhat.com/security/cve/CVE-2012-2313
- Patch: 2.6.18/linux-2.6-net-dl2k-clean-up-rio_ioctl.patch
- From: kernel-2.6.18-308.13.1.el5
- CVE-2012-2319, CVSSv2 Score: 7.2
- Description:
hfsplus: Fix potential buffer overflows
- CVE: https://access.redhat.com/security/cve/CVE-2012-2319
- Patch: 2.6.18/linux-2.6-fs-hfsplus-buffer-overflow-in-the-hfs-plus-filesystem-5.patch
- From: kernel-2.6.18-308.16.1.el5
- CVE-2012-3412, CVSSv2 Score: 7.8
- Description:
sfc: Fix maximum number of TSO segments and minimum TX queue size
- CVE: https://access.redhat.com/security/cve/CVE-2012-3412
- Patch: 2.6.18/linux-2.6-net-sfc-fix-max-no-of-tso-segments-and-min-tx-queue-size.patch
- From: kernel-2.6.18-308.16.1.el5
- CVE-2012-3430, CVSSv2 Score: 2.1
- Description:
net: rds: set correct msg_namelen
- CVE: https://access.redhat.com/security/cve/CVE-2012-3430
- Patch: 2.6.18/linux-2.6-net-rds-set-correct-msg_namelen.patch
- From: kernel-2.6.18-308.16.1.el5
- CVE-2012-3510, CVSSv2 Score: 5.6
- Description:
kernel: xacct_add_tsk: fix pure theoretical ->mm use-after-free
- CVE: https://access.redhat.com/security/cve/CVE-2012-3510
- Patch: 2.6.18/linux-2.6-kernel-xacct_add_tsk-fix-pure-theoretical-mm-use-after-free-5.patch
- From: kernel-2.6.18-308.16.1.el5
- CVE-2012-2100, CVSSv2 Score: 7.1
- Description:
- CVE: https://access.redhat.com/security/cve/CVE-2012-2100
- Patch: 2.6.18/linux-2.6-ext4-fix-undefined-behavior-in-ext4_fill_flex_info.patch
- From: kernel-2.6.18-308.20.1.el5
- CVE-2012-2100, CVSSv2 Score: 7.1
- Description:
- CVE: https://access.redhat.com/security/cve/CVE-2012-2100
- Patch: 2.6.18/linux-2.6-fs-ext4-fix-undefined-bit-shift-result-in-ext4_fill_flex_info.patch
- From: kernel-2.6.18-308.20.1.el5
- CVE-2012-2372, CVSSv2 Score: 4.4
- Description:
[net] rds: fix rds-ping inducing kernel panic
- CVE: https://access.redhat.com/security/cve/CVE-2012-2372
- Patch: 2.6.18/linux-2.6-net-rds-fix-rds-ping-inducing-kernel-panic.patch
- From: kernel-2.6.18-308.24.1.el5
- CVE-2012-4508, CVSSv2 Score: 1.9
- Description:
ext4: race-condition protection for ext4_convert_unwritten_extents_endio
- CVE: https://access.redhat.com/security/cve/CVE-2012-4508
- Patch: 2.6.18/linux-2.6-ext4-race-condition-protection-for-ext4_convert_unwritten_extents_endio.patch
- From: kernel-2.6.18-308.24.1.el5
- CVE-2012-4444, CVSSv2 Score: 2.6
- Description:
kernel: net: acceptation of overlapping ipv6 fragments
- CVE: https://access.redhat.com/security/cve/CVE-2012-4444
- Patch: 2.6.18/linux-2.6-net-ipv6-discard-overlapping-fragment.patch
- From: kernel-2.6.18-348.1.1.el5
- CVE-2012-3400, CVSSv2 Score: 6.2
- Description:
kernel: udf: buffer overflow when parsing sparing table
- CVE: https://access.redhat.com/security/cve/CVE-2012-3400
- Patch: 2.6.18/linux-2.6-fs-udf-avoid-run-away-loop-when-partition-table-is-corrupted.patch
- From: kernel-2.6.18-348.2.1.el5
- CVE-2012-3400, CVSSv2 Score: 6.2
- Description:
kernel: udf: buffer overflow when parsing sparing table
- CVE: https://access.redhat.com/security/cve/CVE-2012-3400
- Patch: 2.6.18/linux-2.6-fs-udf-improve-table-length-check-to-avoid-possible-overflow.patch
- From: kernel-2.6.18-348.2.1.el5
- CVE-2012-3400, CVSSv2 Score: 6.2
- Description:
kernel: udf: buffer overflow when parsing sparing table
- CVE: https://access.redhat.com/security/cve/CVE-2012-3400
- Patch: 2.6.18/linux-2.6-fs-udf-fortify-loading-of-sparing-table.patch
- From: kernel-2.6.18-348.2.1.el5
- CVE-2013-0268, CVSSv2 Score: 6
- Description:
kernel: x86/msr: /dev/cpu/*/msr local privilege escalation
- CVE: https://access.redhat.com/security/cve/CVE-2013-0268
- Patch: 2.6.18/linux-2.6-x86-msr-add-capabilities-check.patch
- From: kernel-2.6.18-348.3.1.el5
- CVE-2013-0871, CVSSv2 Score: 6.2
- Description:
kernel: race condition with PTRACE_SETREGS
- CVE: https://access.redhat.com/security/cve/CVE-2013-0871
- Patch: 2.6.18/linux-2.6-utrace-ensure-arch_ptrace-can-never-race-with-sigkill.patch
- From: kernel-2.6.18-348.3.1.el5
- CVE-2012-6537, CVSSv2 Score: 1.5
- Description:
Kernel: xfrm_user information leaks copy_to_user_
- CVE: https://access.redhat.com/security/cve/CVE-2012-6537
- Patch: 2.6.18/linux-2.6-net-xfrm_user-fix-info-leak-in-copy_to_user_tmpl.patch
- From: kernel-2.6.18-348.4.1.el5
- CVE-2012-6537, CVSSv2 Score: 1.5
- Description:
Kernel: xfrm_user information leaks copy_to_user_
- CVE: https://access.redhat.com/security/cve/CVE-2012-6537
- Patch: 2.6.18/linux-2.6-net-xfrm_user-fix-info-leak-in-copy_to_user_policy.patch
- From: kernel-2.6.18-348.4.1.el5
- CVE-2012-6537, CVSSv2 Score: 1.5
- Description:
Kernel: xfrm_user information leaks copy_to_user_
- CVE: https://access.redhat.com/security/cve/CVE-2012-6537
- Patch: 2.6.18/linux-2.6-net-xfrm_user-fix-info-leak-in-copy_to_user_state.patch
- From: kernel-2.6.18-348.4.1.el5
- CVE-2013-1826, CVSSv2 Score: 3.8
- Description:
Kernel: xfrm_user: return error pointer instead of NULL
- CVE: https://access.redhat.com/security/cve/CVE-2013-1826
- Patch: 2.6.18/linux-2.6-net-xfrm_user-return-error-pointer-instead-of-null.patch
- From: kernel-2.6.18-348.4.1.el5
- CVE-2012-6547, CVSSv2 Score: 1.7
- Description:
Kernel: net/tun: ioctl() based information leaks
- CVE: https://access.redhat.com/security/cve/CVE-2012-6547
- Patch: 2.6.18/linux-2.6-net-tun-fix-ioctl-based-info-leaks.patch
- From: kernel-2.6.18-348.4.1.el5
- CVE-2012-6546, CVSSv2 Score: 2.1
- Description:
Kernel: atm: information leak in getsockopt & getsockname
- CVE: https://access.redhat.com/security/cve/CVE-2012-6546
- Patch: 2.6.18/linux-2.6-net-atm-fix-info-leak-via-getsockname.patch
- From: kernel-2.6.18-348.4.1.el5
- CVE-2012-6546, CVSSv2 Score: 2.1
- Description:
Kernel: atm: information leak in getsockopt & getsockname
- CVE: https://access.redhat.com/security/cve/CVE-2012-6546
- Patch: 2.6.18/linux-2.6-net-atm-fix-info-leak-in-getsockopt-so_atmpvc.patch
- From: kernel-2.6.18-348.4.1.el5
- CVE-2013-0231, CVSSv2 Score: 5.2
- Description:
kernel: xen: pciback DoS via not rate limited log messages
- CVE: https://access.redhat.com/security/cve/CVE-2013-0231
- Patch: 2.6.18/linux-2.6-virt-pciback-rate-limit-error-mess-from-pciback_enable_msi.patch
- From: kernel-2.6.18-348.4.1.el5
- CVE-2012-6545, CVSSv2 Score: 2.1
- Description:
Kernel: Bluetooth: RFCOMM - information leak
- CVE: https://access.redhat.com/security/cve/CVE-2012-6545
- Patch: 2.6.18/linux-2.6-net-bluetooth-rfcomm-fix-info-leak-via-getsockname.patch
- From: kernel-2.6.18-348.12.1.el5
- CVE-2012-6545, CVSSv2 Score: 2.1
- Description:
Kernel: Bluetooth: RFCOMM - information leak
- CVE: https://access.redhat.com/security/cve/CVE-2012-6545
- Patch: 2.6.18/linux-2.6-net-bluetooth-rfcomm-fix-info-leak-in-ioctl-rfcommgetdevlist.patch
- From: kernel-2.6.18-348.12.1.el5
- CVE-2013-3222, CVSSv2 Score: 2.1
- Description:
Kernel: atm: update msg_namelen in vcc_recvmsg()
- CVE: https://access.redhat.com/security/cve/CVE-2013-3222
- Patch: 2.6.18/linux-2.6-net-atm-update-msg_namelen-in-vcc_recvmsg.patch
- From: kernel-2.6.18-348.12.1.el5
- CVE-2013-3224, CVSSv2 Score: 1.9
- Description:
Kernel: Bluetooth: possible info leak in bt_sock_recvmsg()
- CVE: https://access.redhat.com/security/cve/CVE-2013-3224
- Patch: 2.6.18/linux-2.6-net-bluetooth-fix-possible-info-leak-in-bt_sock_recvmsg.patch
- From: kernel-2.6.18-348.12.1.el5
- CVE-2013-3235, CVSSv2 Score: 2.1
- Description:
Kernel: tipc: info leaks via msg_name in recv_msg/recv_stream
- CVE: https://access.redhat.com/security/cve/CVE-2013-3235
- Patch: 2.6.18/for-274/linux-2.6-net-tipc-fix-info-leaks-via-msg_name-in-recv_msg-recv_stream-3.1.patch
- From: kernel-2.6.18-348.12.1.el5
- CVE-2012-6544, CVSSv2 Score: 2.1
- Description:
Kernel: Bluetooth: HCI & L2CAP information leaks
- CVE: https://access.redhat.com/security/cve/CVE-2012-6544
- Patch: 2.6.18/linux-2.6-net-bluetooth-hci-l2cap-information-leaks.patch
- From: kernel-2.6.18-348.12.1.el5
- CVE-2013-1929, CVSSv2 Score: 6.2
- Description:
Kernel: tg3: buffer overflow in VPD firmware parsing
- CVE: https://access.redhat.com/security/cve/CVE-2013-1929
- Patch: 2.6.18/linux-2.6-net-tg3-buffer-overflow-in-vpd-firmware-parsing-274.patch
- From: kernel-2.6.18-348.12.1.el5
- CVE-2013-0914, CVSSv2 Score: 2.1
- Description:
Kernel: sa_restorer information leak
- CVE: https://access.redhat.com/security/cve/CVE-2013-0914
- Patch: 2.6.18/linux-2.6-misc-signal-always-clear-sa_restorer-on-execve.patch
- From: kernel-2.6.18-348.12.1.el5
- CVE-2013-0914, CVSSv2 Score: 2.1
- Description:
Kernel: sa_restorer information leak
- CVE: https://access.redhat.com/security/cve/CVE-2013-0914
- Patch: 2.6.18/linux-2.6-misc-signal-def-__arch_has_sa_restorer-for-sa_restorer-clear.patch
- From: kernel-2.6.18-348.12.1.el5
- CVE-2013-0914, CVSSv2 Score: 2.1
- Description:
Kernel: sa_restorer information leak
- CVE: https://access.redhat.com/security/cve/CVE-2013-0914
- Patch: 2.6.18/linux-2.6-misc-signal-use-__arch_has_sa_restorer-instead-of-sa_restorer.patch
- From: kernel-2.6.18-348.12.1.el5
- CVE-2013-3231, CVSSv2 Score: 2.1
- Description:
Kernel: llc: Fix missing msg_namelen update in llc_ui_recvmsg
- CVE: https://access.redhat.com/security/cve/CVE-2013-3231
- Patch: 2.6.18/linux-2.6-net-llc-fix-missing-msg_namelen-update-in-llc_ui_recvmsg.patch
- From: kernel-2.6.18-348.12.1.el5
- CVE-2013-2147, CVSSv2 Score: 1.7
- Description:
Kernel: cpqarray/cciss: information leak via ioctl
- CVE: https://access.redhat.com/security/cve/CVE-2013-2147
- Patch: 2.6.18/linux-2.6-block-cpqarray-info-leak-in-ida_locked_ioctl.patch
- From: kernel-2.6.18-348.16.1.el5
- CVE-2013-2164, CVSSv2 Score: 1
- Description:
Kernel: information leak in cdrom driver
- CVE: https://access.redhat.com/security/cve/CVE-2013-2164
- Patch: 2.6.18/linux-2.6-block-cdrom-use-kzalloc-for-failing-hardware.patch
- From: kernel-2.6.18-348.16.1.el5
- CVE-2013-2237, CVSSv2 Score: 1.7
- Description:
Kernel: net: af_key: initialize satype in key_notify_policy_flush
- CVE: https://access.redhat.com/security/cve/CVE-2013-2237
- Patch: 2.6.18/linux-2.6-net-af_key-initialize-satype-in-key_notify_policy_flush.patch
- From: kernel-2.6.18-348.16.1.el5
- CVE-2013-2234, CVSSv2 Score: 1.7
- Description:
Kernel: net: information leak in AF_KEY notify
- CVE: https://access.redhat.com/security/cve/CVE-2013-2234
- Patch: 2.6.18/linux-2.6-net-af_key-fix-info-leaks-in-notify-messages.patch
- From: kernel-2.6.18-348.16.1.el5
- CVE-2013-2232, CVSSv2 Score: 6.2
- Description:
Kernel: ipv6: using ipv4 vs ipv6 structure during routing lookup in sendmsg
- CVE: https://access.redhat.com/security/cve/CVE-2013-2232
- Patch: 2.6.18/linux-2.6-net-ipv6-ip6_sk_dst_check-must-not-assume-ipv6-dst.patch
- From: kernel-2.6.18-348.16.1.el5
- CVE-2013-2206, CVSSv2 Score: 5.4
- Description:
kernel: sctp: duplicate cookie handling NULL pointer dereference
- CVE: https://access.redhat.com/security/cve/CVE-2013-2206
- Patch: 2.6.18/linux-2.6-net-sctp-deal-with-multiple-cookie_echo-chunks.patch
- From: kernel-2.6.18-348.16.1.el5
- CVE-2013-2206, CVSSv2 Score: 5.4
- Description:
kernel: sctp: duplicate cookie handling NULL pointer dereference
- CVE: https://access.redhat.com/security/cve/CVE-2013-2206
- Patch: 2.6.18/linux-2.6-net-sctp-use-correct-sideffect-command-in-dup-cookie-handling.patch
- From: kernel-2.6.18-348.16.1.el5
- CVE-2013-2206, CVSSv2 Score: 5.4
- Description:
kernel: sctp: duplicate cookie handling NULL pointer dereference
- CVE: https://access.redhat.com/security/cve/CVE-2013-2206
- Patch: 2.6.18/linux-2.6-net-sctp-disallow-new-connection-on-a-closing-socket.patch
- From: kernel-2.6.18-348.16.1.el5
- CVE-2012-3511, CVSSv2 Score: 6.2
- Description:
kernel: mm: use-after-free in madvise_remove()
- CVE: https://access.redhat.com/security/cve/CVE-2012-3511
- Patch: 2.6.18/linux-2.6-mm-use-after-free-in-madvise_remove.patch
- From: kernel-2.6.18-348.18.1.el5
- CVE-2013-2141, CVSSv2 Score: 2.1
- Description:
Kernel: signal: information leak in tkill/tgkill
- CVE: https://access.redhat.com/security/cve/CVE-2013-2141
- Patch: 2.6.18/linux-2.6-kernel-signals-stop-info-leak-via-tkill-and-tgkill-syscalls.patch
- From: kernel-2.6.18-348.18.1.el5
- CVE-2013-4162, CVSSv2 Score: 4.9
- Description:
Kernel: net: panic while pushing pending data out of a IPv6 socket with UDP_CORK
- CVE: https://access.redhat.com/security/cve/CVE-2013-4162
- Patch: 2.6.18/linux-2.6-net-ipv6-do-udp_push_pending_frames-af_inet-sock-pending-data.patch
- From: kernel-2.6.18-348.18.1.el5
- CVE-2012-4398, CVSSv2 Score: 4.7
- Description:
kernel: request_module() OOM local DoS
- CVE: https://access.redhat.com/security/cve/CVE-2012-4398
- Patch: 2.6.18/linux-2.6-kernel-kmod-make-request_module-killable.patch
- From: kernel-2.6.18-371.el5
- CVE-2012-4398, CVSSv2 Score: 4.7
- Description:
kernel: request_module() OOM local DoS
- CVE: https://access.redhat.com/security/cve/CVE-2012-4398
- Patch: 2.6.18/linux-2.6-kernel-kmod-avoid-deadlock-from-recursive-kmod-call.patch
- From: kernel-2.6.18-371.el5
- CVE-2012-4398, CVSSv2 Score: 4.7
- Description:
kernel: request_module() OOM local DoS
- CVE: https://access.redhat.com/security/cve/CVE-2012-4398
- Patch: 2.6.18/linux-2.6-kernel-wait_for_helper-remove-unneeded-do_sigaction.patch
- From: kernel-2.6.18-371.el5
- CVE-2012-4398, CVSSv2 Score: 4.7
- Description:
kernel: request_module() OOM local DoS
- CVE: https://access.redhat.com/security/cve/CVE-2012-4398
- Patch: 2.6.18/linux-2.6-kernel-fix-____call_usermodehelper-errs-being-silently-ignored.patch
- From: kernel-2.6.18-371.el5
- CVE-2012-4398, CVSSv2 Score: 4.7
- Description:
kernel: request_module() OOM local DoS
- CVE: https://access.redhat.com/security/cve/CVE-2012-4398
- Patch: 2.6.18/linux-2.6-kernel-wait_for_helper-sigchld-from-u-s-cause-use-after-free.patch
- From: kernel-2.6.18-371.el5
- CVE-2013-4299, CVSSv2 Score: 4.3
- Description:
kernel: dm: dm-snapshot data leak
- CVE: https://access.redhat.com/security/cve/CVE-2013-4299
- Patch: 2.6.18/linux-2.6-md-dm-snapshot-fix-data-corruption.patch
- From: kernel-2.6.18-371.1.2.el5
- CVE-2013-4345, CVSSv2 Score: 2.6
- Description:
kernel: ansi_cprng: off by one error in non-block size request
- CVE: https://access.redhat.com/security/cve/CVE-2013-4345
- Patch: 2.6.18/linux-2.6-crypto-ansi_cprng-fix-off-by-one-err-in-non-block-size-request.patch
- From: kernel-2.6.18-371.1.2.el5
- CVE-2013-2929, CVSSv2 Score: 1.9
- Description:
exec/ptrace: fix get_dumpable() incorrect tests
- CVE: https://access.redhat.com/security/cve/CVE-2013-2929
- Patch: 2.6.18/linux-2.6-fs-exec-ptrace-fix-get_dumpable-incorrect-tests.patch
- From: kernel-2.6.18-371.6.1.el5
- CVE-2013-7263, CVSSv2 Score: 2.1
- Description:
inet: prevent leakage of uninitialized memory to user in recv syscalls
- CVE: https://access.redhat.com/security/cve/CVE-2013-7263
- Patch: 2.6.18/linux-2.6-net-prevent-leakage-of-uninitialized-memory-to-user-in-recv.patch
- From: kernel-2.6.18-371.6.1.el5
- CVE-2013-7263, CVSSv2 Score: 2.1
- Description:
inet: fix addr_len/msg->msg_namelen assignment in recv_error functions
- CVE: https://access.redhat.com/security/cve/CVE-2013-7263
- Patch: 2.6.18/linux-2.6-net-fix-addr_len-msg-msg_namelen-assign-in-recv_error-funcs.patch
- From: kernel-2.6.18-371.6.1.el5
- CVE-2013-7263, CVSSv2 Score: 2.1
- Description:
ipv6: fix leaking uninitialized port number of offender sockaddr
- CVE: https://access.redhat.com/security/cve/CVE-2013-7263
- Patch: 2.6.18/linux-2.6-net-ipv6-fix-leaking-uninit-port-number-of-offender-sockaddr.patch
- From: kernel-2.6.18-371.6.1.el5
- CVE-2013-6381, CVSSv2 Score: 6.2
- Description:
qeth: buffer overflow in snmp ioctl
- CVE: https://access.redhat.com/security/cve/CVE-2013-6381
- Patch: 2.6.18/linux-2.6-s390-qeth-buffer-overflow-in-snmp-ioctl.patch
- From: kernel-2.6.18-371.6.1.el5
- CVE-2013-4483, CVSSv2 Score: 4.9
- Description:
ipc,sem: change refcount to atomic_t
- CVE: https://access.redhat.com/security/cve/CVE-2013-4483
- Patch: 2.6.18/linux-2.6-ipc-change-refcount-to-atomic_t.patch
- From: kernel-2.6.18-371.6.1.el5
- CVE-2012-6638, CVSSv2 Score: 6.4
- Description:
net ipv4: don't call conn_request() if the TCP flags includes SYN flag
- CVE: https://access.redhat.com/security/cve/CVE-2012-6638
- Patch: 2.6.18/linux-2.6-net-tcp-drop-SYNFIN-messages.patch
- From: kernel-2.6.18-371.8.1.el5
- CVE-2013-2888, CVSSv2 Score: 6.2
- Description:
Kernel: HID: memory corruption flaw
- CVE: https://access.redhat.com/security/cve/CVE-2013-2888
- Patch: 2.6.18/linux-2.6-hid-memory-corruption-flaw.patch
- From: kernel-2.6.18-371.8.1.el5
- CVE-2014-1738, CVSSv2 Score: 4.9
- Description:
floppy: don't write kernel-only members to FDRAWCMD ioctl output
- CVE: https://access.redhat.com/security/cve/CVE-2014-1738
- Patch: 2.6.18/linux-2.6-floppy-dont-write-kernel-only-members-to-FDRAWCMD-ioctl-input.patch
- From: kernel-2.6.18-371.9.1.el5
- CVE-2014-1737, CVSSv2 Score: 7.2
- Description:
floppy: ignore kernel-only members in FDRAWCMD ioctl input
- CVE: https://access.redhat.com/security/cve/CVE-2014-1737
- Patch: 2.6.18/linux-2.6-floppy-ignore-kernel-only-members-in-FDRAWCMD-ioctl-input.patch
- From: kernel-2.6.18-371.9.1.el5
- CVE-2013-7339, CVSSv2 Score: 4.7
- Description:
rds: prevent dereference of a NULL device
- CVE: https://access.redhat.com/security/cve/CVE-2013-7339
- Patch: 2.6.18/linux-2.6-rds-prevent-dereference-of-a-NULL-device.patch
- From: kernel-2.6.18-371.9.1.el5
- CVE-2014-4699, CVSSv2 Score: 6.9
- Description:
kernel: ptrace,x86: force IRET path after a ptrace_stop().
- CVE: https://security-tracker.debian.org/tracker/CVE-2014-4699
- Patch: 2.6.18/linux-2.6-ptrace-bugfix-CVE-2014-4699.patch
- From: >kernel-2.6.32-431.20.3el6
- CVE-2014-2678, CVSSv2 Score: 4.7
- Description:
kernel: rds: prevent dereference of a NULL device in rds_iw_laddr_check
- CVE: https://access.redhat.com/security/cve/CVE-2014-2678
- Patch: 2.6.18/linux-2.6-rds-prevent-dereference-of-a-NULL-device-in-rds_iw_laddr_check.patch
- From: kernel-2.6.18-371.11.1.el5
- CVE-2014-3917, CVSSv2 Score: 4.7
- Description:
auditsc: audit_krule mask accesses need bounds checking
- CVE: https://access.redhat.com/security/cve/CVE-2014-3917
- Patch: 2.6.18/auditsc_audit_krule_mask_accesses_need_bounds_checking.patch
- From: kernel-2.6.18-371.12.1.el5
- CVE-2014-8159, CVSSv2 Score: 6.9
- Description:
[infiniband] core: Prevent integer overflow in ib_umem_get
- CVE: https://access.redhat.com/security/cve/CVE-2014-8159
- Patch: 2.6.18/for-308/linux-2.6-infiniband-core-Prevent-integer-overflow-in-ib_umem_get.patch
- From: kernel-2.6.18-404.el5
- CVE-2015-1805, CVSSv2 Score: 6.9
- Description:
kernel: pipe: iovec overrun leading to memory corruption
- CVE: https://access.redhat.com/security/cve/CVE-2015-1805
- Patch: 2.6.18/CVE-2015-1805.patch
- From: kernel-2.6.18-406.el5
- CVE-2015-5364 CVE-2015-5366, CVSSv2 Score: 7.1
- Description:
kernel: net: incorrect processing of checksums in UDP implementation
- CVE: https://access.redhat.com/security/cve/CVE-2015-5366
- Patch: 2.6.18/udp-fix-behavior-of-wrong-checksums.patch
- From: >kernel-2.6.18-406.el5
- CVE-2013-2596, CVSSv2 Score: 6
- Description:
vm: add vm_iomap_memory() helper function
- CVE: https://access.redhat.com/security/cve/cve-2013-2596
- Patch: 2.6.18/mm-vm-add-vm_iomap_memory-helper-function.patch
- From: kernel-2.6.18-409.el5
- CVE-2013-2596, CVSSv2 Score: 6
- Description:
vm: convert fb_mmap to vm_iomap_memory() helper
- CVE: https://access.redhat.com/security/cve/cve-2013-2596
- Patch: 2.6.18/fb-vm-convert-fb_mmap-to-vm_iomap_memory-helper.patch
- From: kernel-2.6.18-409.el5
- CVE-2013-2596, CVSSv2 Score: 6
- Description:
CVE-2013-2596 adaptation to reduce amaunt of generated changes
- CVE: https://access.redhat.com/security/cve/cve-2013-2596
- Patch: 2.6.18/CVE-2013-2596-kpatch1.patch
- From: N/A
- CVE-2016-5195, CVSSv2 Score: 6.9
- Description:
CVE-2016-5195 fix
- CVE: https://access.redhat.com/security/cve/CVE-2016-5195
- Patch: 2.6.18/CVE-2016-5195.patch
- From: kernel-2.6.18-412.el5
- CVE-2016-7117, CVSSv2 Score: 6.8
- Description:
net: Fix use after free in the recvmmsg exit path
- CVE: https://access.redhat.com/security/cve/cve-2016-7117
- Patch: 2.6.18/net-fix-use-after-free-in-the-recvmmsg-exit-path.patch
- From: kernel-2.6.18-417.el5
- CVE-2017-6074, CVSSv2 Score: 7.8
- Description:
dccp: fix freeing skb too early for IPV6_RECVPKTINFO
- CVE: https://access.redhat.com/security/cve/CVE-2017-6074
- Patch: 2.6.18/dccp-fix-freeing-skb-too-early-for-ipv6_recvpktinfo.patch
- From: kernel-2.6.18-419.el5
- CVE-2017-2634, CVSSv2 Score: 7.5
- Description:
DCCP: Use AF-independent rebuild_header routine
- CVE: https://access.redhat.com/security/cve/CVE-2017-2634
- Patch: 2.6.18/dccp-use-af-independent-rebuild_header-routine.patch
- From: kernel-2.6.18-419.el5
- CVE-2017-1000364, CVSSv2 Score: 7.4
- Description:
mm: enlarge stack guard gap
- CVE: https://access.redhat.com/security/cve/cve-2017-1000364
- Patch: 2.6.18/CVE-2017-1000364_274.patch
- From: >kernel-2.6.18-419.el5