- kernel-4.18.0-553.37.1.el8_10 (rockylinux8)
- 4.18.0-553.62.1.el8_10
- 2025-08-04 16:00:29
- 2025-08-08 05:53:43
- K20250804_14
- CVE-2024-53104
- Description:
media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format
- CVE: https://access.redhat.com/security/cve/CVE-2024-53104
- Patch: rhel8/4.18.0-553.40.1.el8_10/CVE-2024-53104-media-uvcvideo-Skip-parsing-frames-of-type-UVC_VS_UNDEFINED.patch
- From: 4.18.0-553.40.1.el8_10
- CVE-2024-50302
- Description:
HID: core: zero-initialize the report buffer
- CVE: https://access.redhat.com/security/cve/cve-2024-50302
- Patch: 2024/CVE-2024-50302/CVE-2024-50302-hid-core-zero-initialize-the-report-buffer.patch
- From: 4.18.0-553.44.1.el8_10
- CVE-2024-53197
- Description:
ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices
- CVE: https://access.redhat.com/security/cve/cve-2024-53197
- Patch: 2024/CVE-2024-53197/CVE-2024-53197-alsa-usb-audio-fix-potential-out-of-bound-accesses-for-extigy-and-mbox-devices.patch
- From: 4.18.0-553.44.1.el8_10
- CVE-2024-57807
- Description:
scsi: megaraid_sas: Fix for a potential deadlock
- CVE: https://access.redhat.com/security/cve/cve-2024-57807
- Patch: 2024/CVE-2024-57807/CVE-2024-57807-scsi-megaraid-sas-fix-for-a-potential-deadlock.patch
- From: 4.18.0-553.44.1.el8_10
- CVE-2024-57979
- Description:
PPS for embedded GPS devices. Irrelevant for servers.
- CVE:
- Patch: skipped/CVE-2024-57979.patch
- From:
- CVE-2023-52922
- Description:
can: bcm: Fix UAF in bcm_proc_show()
- CVE: https://access.redhat.com/security/cve/CVE-2023-52922
- Patch: rhel8/4.18.0-553.45.1.el8_10/CVE-2023-52922-can-bcm-Fix-UAF-in-bcm_proc_show.patch
- From: 4.18.0-553.45.1.el8_10
- CVE-2025-21785
- Description:
Out of scope: ARM64 architecture isn't supported for current kernel
- CVE:
- Patch: skipped/CVE-2025-21785.patch
- From:
- CVE-2024-53150
- Description:
ALSA: usb-audio: Fix out of bounds reads when finding clock sources
- CVE: https://access.redhat.com/security/cve/CVE-2024-53150
- Patch: rhel8/4.18.0-553.50.1.el8_10/CVE-2024-53150-alsa-usb-audio-fix-out-of-bounds-reads-when-finding-clock-sources.patch
- From: 4.18.0-553.50.1.el8_10
- CVE-2024-53141
- Description:
netfilter: ipset: add missing range check in bitmap_ip_uadt
- CVE: https://access.redhat.com/security/cve/CVE-2024-53141
- Patch: rhel8/4.18.0-553.52.1.el8_10/CVE-2024-53141-netfilter-ipset-add-missing-range-check-in-bitmap-ip-uadt.patch
- From: 4.18.0-553.52.1.el8_10
- CVE-2022-49011
- Description:
hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new()
- CVE: https://access.redhat.com/security/cve/CVE-2022-49011
- Patch: rhel8/4.18.0-553.52.1.el8_10/CVE-2022-49011-hwmon-coretemp-fix-pci-device-refcount-leak-in-nv1a_.patch
- From: 4.18.0-553.52.1.el8_10
- CVE-2024-40906
- Description:
net/mlx5: Always stop health timer during driver removal
- CVE: https://access.redhat.com/security/cve/CVE-2024-40906
- Patch: rhel8/4.18.0-553.53.1.el8_10/CVE-2024-40906-net-mlx5-always-stop-health-timer-during-driver-removal.patch
- From: 4.18.0-553.53.1.el8_10
- CVE-2024-44970
- Description:
net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink
- CVE: https://access.redhat.com/security/cve/CVE-2024-44970
- Patch: rhel8/4.18.0-553.53.1.el8_10/CVE-2024-44970-net-mlx5e-SHAMPO-Fix-invalid-WQ-linked-list-unlink.patch
- From: 4.18.0-553.53.1.el8_10
- CVE-2025-21756
- Description:
vsock: Keep the binding until socket destruction
- CVE: https://access.redhat.com/security/cve/CVE-2025-21756
- Patch: rhel8/4.18.0-553.53.1.el8_10/CVE-2025-21756-vsock-keep-the-binding-until-socket-destruction.patch
- From: 4.18.0-553.53.1.el8_10
- CVE-2025-21756
- Description:
vsock: Orphan socket after transport release
- CVE: https://access.redhat.com/security/cve/CVE-2025-21756
- Patch: rhel8/4.18.0-553.53.1.el8_10/CVE-2025-21756-vsock-orphan-socket-after-transport-release.patch
- From: 4.18.0-553.53.1.el8_10
- CVE-2024-43842
- Description:
wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter()
- CVE: https://access.redhat.com/security/cve/CVE-2024-43842
- Patch: rhel8/4.18.0-553.54.1.el8_10/CVE-2024-43842-wifi-rtw89-Fix-array-index-mistake-in-rtw89_sta_info_get_iter.patch
- From: 4.18.0-553.54.1.el8_10
- CVE-2022-49395
- Description:
Out of scope: User-mode Linux isn't supported for current kernel
- CVE:
- Patch: skipped/CVE-2022-49395.patch
- From:
- CVE-2022-48919
- Description:
cifs: fix double free race when mount fails in cifs_get_root()
- CVE: https://access.redhat.com/security/cve/CVE-2022-48919
- Patch: rhel8/4.18.0-553.58.1.el8_10/CVE-2022-48919-cifs-fix-double-free-race-when-mount-fails-in-cifs_get_root.patch
- From: 4.18.0-553.58.1.el8_10
- CVE-2024-50301
- Description:
security/keys: fix slab-out-of-bounds in key_task_permission
- CVE: https://access.redhat.com/security/cve/CVE-2024-50301
- Patch: rhel8/4.18.0-553.58.1.el8_10/CVE-2024-50301-security-keys-fix-slab-out-of-bounds-in-key_task_permission.patch
- From: 4.18.0-553.58.1.el8_10
- CVE-2024-53064
- Description:
idpf: fix idpf_vc_core_init error path
- CVE: https://access.redhat.com/security/cve/CVE-2024-53064
- Patch: rhel8/4.18.0-553.58.1.el8_10/CVE-2024-53064-idpf-fix-idpf_vc_core_init-error-path.patch
- From: 4.18.0-553.58.1.el8_10
- CVE-2025-21764
- Description:
ndisc: use RCU protection in ndisc_alloc_skb()
- CVE: https://access.redhat.com/security/cve/CVE-2025-21764
- Patch: rhel8/4.18.0-553.58.1.el8_10/CVE-2025-21764-ndisc-use-rcu-protection-in-ndisc_alloc_skb.patch
- From: 4.18.0-553.58.1.el8_10
- CVE-2022-49111
- Description:
Bluetooth: Fix use after free in hci_send_acl
- CVE: https://access.redhat.com/security/cve/CVE-2022-49111
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2022-49111-bluetooth-fix-use-after-free-in-hci_send_acl.patch
- From: 4.18.0-553.60.1.el8_10
- CVE-2022-49136
- Description:
Bluetooth: hci_sync: Fix queuing commands when HCI_UNREGISTER is set
- CVE: https://access.redhat.com/security/cve/CVE-2022-49136
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2022-49136-bluetooth-hci_sync-fix-queuing-commands-when-hci_unregister-is-set.patch
- From: 4.18.0-553.60.1.el8_10
- CVE-2022-49058
- Description:
cifs: potential buffer overflow in handling symlinks
- CVE: http://access.redhat.com/security/cve/cve-2022-49058
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2022-49058-cifs-potential-buffer-overflow-in-handling-symlinks.patch
- From: 4.18.0-553.62.1.el8_10
- CVE-2024-57980
- Description:
media: uvcvideo: Fix double free in error path
- CVE: https://access.redhat.com/security/cve/cve-2024-57980
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2024-57980-media-uvcvideo-fix-double-free-in-error-path.patch
- From: 4.18.0-553.62.1.el8_10
- CVE-2025-21991
- Description:
x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes
- CVE: https://access.redhat.com/security/cve/cve-2025-21991
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2025-21991-x86-microcode-amd-fix-out-of-bounds-on-systems-with-cpu-less-numa-nodes.patch
- From: 4.18.0-553.62.1.el8_10
- CVE-2025-22004
- Description:
net: atm: fix use after free in lec_send()
- CVE: https://access.redhat.com/security/cve/cve-2025-22004
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2025-22004-net-atm-fix-use-after-free-in-lec-send.patch
- From: 4.18.0-553.62.1.el8_10
- CVE-2022-49788
- Description:
misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
- CVE: https://access.redhat.com/security/cve/cve-2022-49788
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2022-49788-misc-vmw_vmci-fix-an-infoleak-in-vmci_host_do_receive_datagram.patch
- From: 4.18.0-553.62.1.el8_10
- CVE-2025-23150
- Description:
ext4: fix off-by-one error in do_split
- CVE: https://access.redhat.com/security/cve/CVE-2025-23150
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2025-23150-ext4-fix-off-by-one-error-in-do-split.patch
- From: 4.18.0-553.62.1.el8_10
- CVE-2025-37738
- Description:
ext4: ignore xattrs past end
- CVE: https://access.redhat.com/security/cve/CVE-2025-37738
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2025-37738-ext4-ignore-xattrs-past-end.patch
- From: 4.18.0-553.62.1.el8_10
- CVE-2024-58002
- Description:
media: uvcvideo: Remove dangling pointers
- CVE: https://access.redhat.com/security/cve/CVE-2024-58002
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2024-58002-media-uvcvideo-Only-save-async-fh-if-success.patch
- From: 4.18.0-553.62.1.el8_10
- CVE-2024-58002
- Description:
media: uvcvideo: Remove dangling pointers
- CVE: https://access.redhat.com/security/cve/CVE-2024-58002
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2024-58002-media-uvcvideo-remove-dangling-pointers.patch
- From: 4.18.0-553.62.1.el8_10
- CVE-2024-58002
- Description:
media: uvcvideo: Remove dangling pointers
- CVE: https://access.redhat.com/security/cve/CVE-2024-58002
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2024-58002-media-uvcvideo-remove-dangling-pointers-kpatch.patch
- From: 4.18.0-553.62.1.el8_10
- CVE-2024-58002
- Description:
media: uvcvideo: Remove dangling pointers
- CVE: https://access.redhat.com/security/cve/CVE-2024-58002
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2024-58002-convert-guard-mutex.patch
- From: 4.18.0-553.62.1.el8_10
- N/A
- Description:
x86 xen add xenpv restore regs and return to usermode
- CVE: N/A
- Patch: 4.18.0/x86-xen-Add-xenpv_restore_regs_and_return_to_usermode-el8-372.patch
- From: N/A
- N/A
- Description:
kpatch add alt asm definitions
- CVE: https://www.kernel.org
- Patch: 4.18.0/kpatch-add-alt-asm-definitions-el8-372.patch
- From: N/A