- kernel-4.18.0-553.94.1.lve.1.el7h (cl7h)
- 4.18.0-553.109.1.lve.el7h
- 2026-03-18 09:05:34
- 2026-03-19 12:17:56
- K20260318_24
- CVE-2025-40248
- Description:
vsock: Ignore signal/timeout on connect() if already established
- CVE: https://access.redhat.com/security/cve/CVE-2025-40248
- Patch: rhel8/4.18.0-553.97.1.el8_10/CVE-2025-40248-vsock-ignore-signal-timeout-on-connect-if-already-established.patch
- From: 4.18.0-553.97.1.el8_10
- CVE-2025-40277
- Description:
drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE
- CVE: https://access.redhat.com/security/cve/CVE-2025-40277
- Patch: rhel8/4.18.0-553.97.1.el8_10/CVE-2025-40277-drm-vmwgfx-validate-command-header-size-against-svga-cmd-max-datasize.patch
- From: 4.18.0-553.97.1.el8_10
- CVE-2023-53673
- Description:
Bluetooth: hci_event: call disconnect callback before deleting conn
- CVE: https://access.redhat.com/security/cve/CVE-2023-53673
- Patch: rhel8/4.18.0-553.97.1.el8_10/CVE-2023-53673-bluetooth-hci-event-call-disconnect-callback-before-deleting-conn.patch
- From: 4.18.0-553.97.1.el8_10
- CVE-2025-40154
- Description:
ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping
- CVE: https://access.redhat.com/security/cve/CVE-2025-40154
- Patch: rhel8/4.18.0-553.97.1.el8_10/CVE-2025-40154-asoc-intel-bytcr-rt5640-fix-invalid-quirk-input-mapping.patch
- From: 4.18.0-553.97.1.el8_10
- CVE-2022-50865
- Description:
tcp: fix a signed-integer-overflow bug in tcp_add_backlog()
- CVE: https://access.redhat.com/security/cve/CVE-2022-50865
- Patch: rhel8/4.18.0-553.100.1.el8_10/CVE-2022-50865-tcp-fix-a-signed-integer-overflow-bug-in-tcp_add_backlog.patch
- From: 4.18.0-553.100.1.el8_10
- CVE-2025-38415
- Description:
Squashfs: check return result of sb_min_blocksize
- CVE: https://access.redhat.com/security/cve/CVE-2025-38415
- Patch: rhel8/4.18.0-553.100.1.el8_10/CVE-2025-38415-squashfs-check-return-result-of-sb_min_blocksize.patch
- From: 4.18.0-553.100.1.el8_10
- CVE-2025-38415
- Description:
squashfs: fix memory leak in squashfs_fill_super
- CVE: https://access.redhat.com/security/cve/CVE-2025-38415
- Patch: rhel8/4.18.0-553.100.1.el8_10/CVE-2025-38415-squashfs-fix-memory-leak-in-squashfs_fill_super.patch
- From: 4.18.0-553.100.1.el8_10
- CVE-2025-38415
- Description:
Squashfs: check return result of sb_min_blocksize
- CVE: https://access.redhat.com/security/cve/CVE-2025-38415
- Patch: rhel8/4.18.0-553.100.1.el8_10/CVE-2025-38415-squashfs-check-return-result-of-sb_min_blocksize-kpatch.patch
- From: 4.18.0-553.100.1.el8_10
- CVE-2024-26766
- Description:
IB/hfi1: Fix sdma.h tx->num_descs off-by-one error
- CVE: https://access.redhat.com/security/cve/CVE-2024-26766
- Patch: rhel8/4.18.0-553.100.1.el8_10/CVE-2024-26766-ib-hfi1-fix-sdma-h-tx-num-descs-off-by-one-error.patch
- From: 4.18.0-553.100.1.el8_10
- CVE-2025-38022
- Description:
RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem
- CVE: https://access.redhat.com/security/cve/CVE-2025-38022
- Patch: rhel8/4.18.0-553.100.1.el8_10/CVE-2025-38022-rdma-core-fix-kasan-slab-use-after-free-read-in-ib-register-device-problem.patch
- From: 4.18.0-553.100.1.el8_10
- CVE-2025-38024
- Description:
RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug
- CVE: https://access.redhat.com/security/cve/CVE-2025-38024
- Patch: rhel8/4.18.0-553.100.1.el8_10/CVE-2025-38024-rdma-rxe-fix-slab-use-after-free-read-in-rxe-queue-cleanup-bug.patch
- From: 4.18.0-553.100.1.el8_10
- CVE-2025-38459
- Description:
atm: clip: Fix infinite recursive call of clip_push().
- CVE: https://access.redhat.com/security/cve/CVE-2025-38459
- Patch: rhel8/4.18.0-553.100.1.el8_10/CVE-2025-38459-atm-clip-fix-infinite-recursive-call-of-clip-push.patch
- From: 4.18.0-553.100.1.el8_10
- CVE-2025-39760
- Description:
usb: core: config: Prevent OOB read in SS endpoint companion parsing
- CVE: https://access.redhat.com/security/cve/CVE-2025-39760
- Patch: rhel8/4.18.0-553.100.1.el8_10/CVE-2025-39760-usb-core-config-prevent-oob-read-in-ss-endpoint-companion-parsing.patch
- From: 4.18.0-553.100.1.el8_10
- CVE-2025-40258
- Description:
mptcp: fix race condition in mptcp_schedule_work()
- CVE: https://access.redhat.com/security/cve/CVE-2025-40258
- Patch: rhel8/4.18.0-553.100.1.el8_10/CVE-2025-40258-mptcp-fix-race-condition-in-mptcp-schedule-work.patch
- From: 4.18.0-553.100.1.el8_10
- CVE-2025-40271
- Description:
fs/proc: fix uaf in proc_readdir_de()
- CVE: https://access.redhat.com/security/cve/CVE-2025-40271
- Patch: rhel8/4.18.0-553.100.1.el8_10/CVE-2025-40271-fs-proc-fix-uaf-in-proc-readdir-de.patch
- From: 4.18.0-553.100.1.el8_10
- CVE-2025-40322
- Description:
fbdev: bitblit: bound-check glyph index in bit_putcs*
- CVE: https://access.redhat.com/security/cve/CVE-2025-40322
- Patch: rhel8/4.18.0-553.100.1.el8_10/CVE-2025-40322-fbdev-bitblit-bound-check-glyph-index-in-bit-putcs.patch
- From: 4.18.0-553.100.1.el8_10
- CVE-2022-50673
- Description:
ext4: fix use-after-free in ext4_orphan_cleanup
- CVE: https://access.redhat.com/security/cve/CVE-2022-50673
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2022-50673-ext4-fix-use-after-free-in-ext4_orphan_cleanup.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-38403
- Description:
vsock/vmci: Clear the vmci transport packet properly when initializing it
- CVE: https://access.redhat.com/security/cve/CVE-2025-38403
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-38403-vsock-vmci-clear-the-vmci-transport-packet-properly-when-initializing-it.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40269
- Description:
ALSA: usb-audio: Fix potential overflow of PCM transfer buffer
- CVE: https://access.redhat.com/security/cve/CVE-2025-40269
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-40269-alsa-usb-audio-fix-potential-overflow-of-pcm-transfer-buffer.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-68349
- Description:
NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid
- CVE: https://access.redhat.com/security/cve/CVE-2025-68349
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-68349-nfsv4-pnfs-clear-nfs-ino-layoutcommit-in-pnfs-mark-layout-stateid-invalid.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2026-22998
- Description:
nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec
- CVE: https://access.redhat.com/security/cve/CVE-2026-22998
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2026-22998-nvme-tcp-fix-null-pointer-dereferences-in-nvmet-tcp-build-pdu-iovec.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40158
- Description:
net: dst: add four helpers to annotate data-races around dst->dev
- CVE: https://access.redhat.com/security/cve/CVE-2025-40158
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-40158-01-net-dst-add-four-helpers-to-annotate-data-races.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40158
- Description:
net: Add locking to protect skb->dev access in ip_output
- CVE: https://access.redhat.com/security/cve/CVE-2025-40158
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-40158-02-net-add-locking-to-protect-skb-dev-access-in-ip_output.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40158
- Description:
net: gain ipv4 mtu when mtu is not locked
- CVE: https://access.redhat.com/security/cve/CVE-2025-40158
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-40158-03-net-gain-ipv4-mtu-when-mtu-is-not-locked.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40158
- Description:
ipv4: use RCU protection in __ip_rt_update_pmtu()
- CVE: https://access.redhat.com/security/cve/CVE-2025-40158
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-40158-03-ipv4-use-RCU-protection-in-__ip_rt_update_pmtu.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40158
- Description:
net: dst: introduce dst->dev_rcu
- CVE: https://access.redhat.com/security/cve/CVE-2025-40158
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-40158-04-net-dst-introduce-dst-dev_rcu.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40158
- Description:
ipv6: use RCU in ip6_output()
- CVE: https://access.redhat.com/security/cve/CVE-2025-40158
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-40158-ipv6-use-RCU-in-ip6_output.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40135
- Description:
ipv6: use RCU in ip6_xmit()
- CVE: https://access.redhat.com/security/cve/CVE-2025-40135
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-40135-ipv6-use-RCU-in-ip6_xmit.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40170
- Description:
net: use dst_dev_rcu() in sk_setup_caps()
- CVE: https://access.redhat.com/security/cve/CVE-2025-40170
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-40170-00-optimize-kpatch.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40170
- Description:
ipv4: add RCU protection to ip4_dst_hoplimit()
- CVE: https://access.redhat.com/security/cve/CVE-2025-40170
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-40170-01-ipv4-add-RCU-protection-to-ip4_dst_hoplimit.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40170
- Description:
ipv4: use RCU protection in ip_dst_mtu_maybe_forward()
- CVE: https://access.redhat.com/security/cve/CVE-2025-40170
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-40170-02-ipv4-use-RCU-protection-in-ip_dst_mtu_maybe_forward.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40170
- Description:
net: use dst_dev_rcu() in sk_setup_caps()
- CVE: https://access.redhat.com/security/cve/CVE-2025-40170
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-40170-net-use-dst_dev_rcu-in-sk_setup_caps.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40168
- Description:
smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match().
- CVE: https://access.redhat.com/security/cve/CVE-2025-40168
- Patch: rhel8/4.18.0-553.105.1.el8_10/CVE-2025-40168-smc-use-sk-dst-get-and-dst-dev-rcu-in-smc-clc-prfx-match.patch
- From: 4.18.0-553.105.1.el8_10
- CVE-2025-40304
- Description:
fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds
- CVE: https://access.redhat.com/security/cve/CVE-2025-40304
- Patch: rhel8/4.18.0-553.105.1.el8_10/CVE-2025-40304-fbdev-add-bounds-checking-in-bit-putcs-to-fix-vmalloc-out-of-bounds.patch
- From: 4.18.0-553.105.1.el8_10
- CVE-2023-53762
- Description:
Bluetooth: hci_event: Ignore multiple conn complete events
- CVE: https://access.redhat.com/security/cve/CVE-2023-53762
- Patch: rhel8/4.18.0-553.105.1.el8_10/CVE-2023-53762-0001-Bluetooth-hci_event-Ignore-multiple-conn-complete-ev.patch
- From: 4.18.0-553.105.1.el8_10
- CVE-2023-53762
- Description:
Bluetooth: hci_event: Fix checking for invalid handle on error status
- CVE: https://access.redhat.com/security/cve/CVE-2023-53762
- Patch: rhel8/4.18.0-553.105.1.el8_10/CVE-2023-53762-0002-Bluetooth-hci_event-Fix-checking-for-invalid-handle-.patch
- From: 4.18.0-553.105.1.el8_10
- CVE-2023-53762
- Description:
Bluetooth: hci_sync: Cleanup hci_conn if it cannot be aborted
- CVE: https://access.redhat.com/security/cve/CVE-2023-53762
- Patch: rhel8/4.18.0-553.105.1.el8_10/CVE-2023-53762-0003-Bluetooth-hci_sync-Cleanup-hci_conn-if-it-cannot-be-.patch
- From: 4.18.0-553.105.1.el8_10
- CVE-2023-53762
- Description:
Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync
- CVE: https://access.redhat.com/security/cve/CVE-2023-53762
- Patch: rhel8/4.18.0-553.105.1.el8_10/CVE-2023-53762-0004-Bluetooth-hci_sync-Fix-UAF-on-hci_abort_conn_sync.patch
- From: 4.18.0-553.105.1.el8_10
- CVE-2023-53762
- Description:
Bluetooth: hci_sync: Fix UAF in hci_disconnect_all_sync
- CVE: https://access.redhat.com/security/cve/CVE-2023-53762
- Patch: rhel8/4.18.0-553.105.1.el8_10/CVE-2023-53762-0005-Bluetooth-hci_sync-Fix-UAF-in-hci_disconnect_all_syn.patch
- From: 4.18.0-553.105.1.el8_10
- CVE-2025-40064
- Description:
smc: Fix use-after-free in __pnet_find_base_ndev().
- CVE: https://access.redhat.com/security/cve/CVE-2025-40064
- Patch: rhel8/4.18.0-553.107.1.el8_10/CVE-2025-40064-smc-fix-use-after-free-in-pnet-find-base-ndev.patch
- From: 4.18.0-553.107.1.el8_10
- CVE-2025-68800
- Description:
mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats
- CVE: https://access.redhat.com/security/cve/CVE-2025-68800
- Patch: rhel8/4.18.0-553.107.1.el8_10/CVE-2025-68800-mlxsw-spectrum-mr-fix-use-after-free-when-updating-multicast-route-stats.patch
- From: 4.18.0-553.107.1.el8_10
- CVE-2025-38129
- Description:
page_pool: Fix use-after-free in page_pool_recycle_in_ring
- CVE: https://access.redhat.com/security/cve/CVE-2025-38129
- Patch: rhel8/4.18.0-553.107.1.el8_10/CVE-2025-38129-page-pool-fix-use-after-free-in-page-pool-recycle-in-ring.patch
- From: 4.18.0-553.107.1.el8_10
- CVE-2026-23074
- Description:
net/sched: Enforce that teql can only be used as root qdisc
- CVE: https://access.redhat.com/security/cve/CVE-2026-23074
- Patch: rhel8/4.18.0-553.107.1.el8_10/CVE-2026-23074-net-sched-enforce-that-teql-can-only-be-used-as-root-qdisc.patch
- From: 4.18.0-553.107.1.el8_10
- CVE-2025-38248
- Description:
bridge: mcast: Fix use-after-free during router port configuration
- CVE: https://access.redhat.com/security/cve/CVE-2025-38248
- Patch: rhel8/4.18.0-553.107.1.el8_10/CVE-2025-38248-bridge-mcast-fix-use-after-free-during-router-port-configuration.patch
- From: 4.18.0-553.107.1.el8_10
- CVE-2026-23097
- Description:
migrate: correct lock ordering for hugetlb file folios
- CVE: https://access.redhat.com/security/cve/CVE-2026-23097
- Patch: rhel8/4.18.0-553.109.1.el8_10/CVE-2026-23097-migrate-correct-lock-ordering-for-hugetlb-file-folios.patch
- From: 4.18.0-553.109.1.el8_10
- CVE-2025-71085
- Description:
ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr()
- CVE: https://access.redhat.com/security/cve/CVE-2025-71085
- Patch: rhel8/4.18.0-553.111.1.el8_10/CVE-2025-71085-ipv6-bug-in-pskb-expand-head-as-part-of-calipso-skbuff-setattr.patch
- From: 4.18.0-553.111.1.el8_10
- CVE-2026-23001
- Description:
macvlan: fix possible UAF in macvlan_forward_source()
- CVE: https://access.redhat.com/security/cve/CVE-2026-23001
- Patch: rhel8/4.18.0-553.111.1.el8_10/CVE-2026-23001-macvlan-fix-possible-uaf-in-macvlan-forward-source.patch
- From: 4.18.0-553.111.1.el8_10
- N/A
- Description:
x86 xen add xenpv restore regs and return to usermode
- CVE: N/A
- Patch: 4.18.0/x86-xen-Add-xenpv_restore_regs_and_return_to_usermode-el8-372.patch
- From: N/A
- N/A
- Description:
kpatch add alt asm definitions
- CVE: https://www.kernel.org
- Patch: 4.18.0/kpatch-add-alt-asm-definitions-el8-372.patch
- From: N/A