- linux-4.9.240-1 (debian9)
- 4.9.272-2
- 2021-08-19 06:39:31
- 2021-08-19 10:51:10
- K20210819_01
- CVE-2021-27363 CVE-2021-27364 CVE-2021-27365, CVSSv2 Score: 7.8
- Description:
sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output
- CVE: https://security-tracker.debian.org/tracker/CVE-2021-27363
- Patch: debian9/4.9.258-1/CVE-2021-27365-CVE-2021-27364-CVE-2021-27363-sysfs-add-sysfs_emit-and-sysfs_emit_at-to-format-sys.patch
- From: 4.9.258-1
- CVE-2021-27363, CVSSv2 Score: 3.6
- Description:
scsi: iscsi: Restrict sessions and handles to admin capabilities
- CVE: https://security-tracker.debian.org/tracker/CVE-2021-27363
- Patch: debian9/4.9.258-1/CVE-2021-27363-27364-scsi-iscsi-restrict-sessions-and-handles-to-admin-capabilities.patch
- From: 4.9.258-1
- CVE-2021-27363 CVE-2021-27364 CVE-2021-27365, CVSSv2 Score: 7.8
- Description:
scsi: Ensure sysfs attributes are limited to PAGE_SIZE
- CVE: https://security-tracker.debian.org/tracker/CVE-2021-27363
- Patch: debian9/4.9.258-1/CVE-2021-27365-CVE-2021-27364-CVE-2021-27363-scsi-iscsi-ensure-sysfs-attributes-are-limited-to-pa.patch
- From: 4.9.258-1
- CVE-2021-27363 CVE-2021-27364 CVE-2021-27365, CVSSv2 Score: 7.8
- Description:
scsi: Verify lengths on passthrough PDUs
- CVE: https://security-tracker.debian.org/tracker/CVE-2021-27363
- Patch: debian9/4.9.258-1/CVE-2021-27365-CVE-2021-27364-CVE-2021-27363-scsi-iscsi-verify-lengths-on-passthrough-PDUs.patch
- From: 4.9.258-1
- CVE-2021-26930 CVE-2021-26931, CVSSv2 Score: 7.8
- Description:
xen-blkback: fix error handling in xen_blkbk_map()
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-26931
- Patch: debian9/4.9.258-1/CVE-2021-26930-CVE-2021-26931-xsa365-linux.patch
- From: linux-4.9.258-1
- CVE-2021-28038, CVSSv2 Score: 6.5
- Description:
Xen/gnttab: handle p2m update errors on a per-slot basis
- CVE: https://security-tracker.debian.org/tracker/CVE-2021-28038
- Patch: debian9/4.9.258-1/CVE-2021-28038-xsa367-linux.patch
- From: linux-4.9.258-1
- CVE-2021-26931, CVSSv2 Score: 5.5
- Description:
xen-netback: don't "handle" error by BUG()
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-26931
- Patch: debian9/4.9.258-1/CVE-2021-26931-xsa362-linux-2.patch
- From: linux-4.9.258-1
- CVE-2021-26931, CVSSv2 Score: 5.5
- Description:
xen-scsiback: don't "handle" error by BUG()
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-26931
- Patch: debian9/4.9.258-1/CVE-2021-26931-xsa362-linux-3.patch
- From: linux-4.9.258-1
- CVE-2021-26932, CVSSv2 Score: 5.5
- Description:
Xen/x86: don't bail early from clear_foreign_p2m_mapping()
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-26932
- Patch: debian9/4.9.258-1/CVE-2021-26932-xsa361-linux-1.patch
- From: linux-4.9.258-1
- CVE-2021-26932, CVSSv2 Score: 5.5
- Description:
Xen/x86: also check kernel mapping in set_foreign_p2m_mapping()
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-26932
- Patch: debian9/4.9.258-1/CVE-2021-26932-xsa361-linux-2.patch
- From: linux-4.9.258-1
- CVE-2021-26932, CVSSv2 Score: 5.5
- Description:
gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages()
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-26932
- Patch: debian9/4.9.258-1/CVE-2021-26932-xsa361-linux-3-4.patch
- From: linux-4.9.258-1
- CVE-2021-3178, CVSSv2 Score: 6.5
- Description:
nfsd4: readdirplus shouldn't return parent of export
- CVE: https://security-tracker.debian.org/tracker/CVE-2021-3178
- Patch: debian9/4.9.258-1/0010-CVE-2021-3178-nfsd4-readdirplus-shouldn-t-return-parent-of-export.patch
- From: linux-4.9.258-1
- CVE-2020-36158, CVSSv2 Score: 6.5
- Description:
mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start
- CVE: https://access.redhat.com/security/cve/CVE-2020-36158
- Patch: debian9/4.9.258-1/0004-CVE-2020-36158-mwifiex-Fix-possible-buffer-overflows-in-mwifiex_cmd.patch
- From: linux-4.9.258-1
- CVE-2020-28374, CVSSv2 Score: 8.1
- Description:
target: simplify XCOPY wwn->se_dev lookup helper
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-28374
- Patch: debian9/4.9.258-1/0006-CVE-2020-28374-target-simplify-XCOPY-wwn-se_dev-lookup-helper.patch
- From: linux-4.9.258-1
- CVE-2020-28374, CVSSv2 Score: 8.1
- Description:
target: use XCOPY segment descriptor CSCD IDs
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-28374
- Patch: debian9/4.9.258-1/0007-CVE-2020-28374-target-use-XCOPY-segment-descriptor-CSCD-IDs.patch
- From: linux-4.9.258-1
- CVE-2020-28374, CVSSv2 Score: 8.1
- Description:
xcopy: loop over devices using idr helper
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-28374
- Patch: debian9/4.9.258-1/0008-CVE-2020-28374-xcopy-loop-over-devices-using-idr-helper.patch
- From: linux-4.9.258-1
- CVE-2020-28374, CVSSv2 Score: 8.1
- Description:
scsi: target: Fix XCOPY NAA identifier lookup
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-28374
- Patch: debian9/4.9.258-1/0009-CVE-2020-28374-scsi-target-Fix-XCOPY-NAA-identifier-lookup.patch
- From: linux-4.9.258-1
- CVE-2020-28374, CVSSv2 Score: 6.5
- Description:
UBUNTU: SAUCE: target: fix XCOPY NAA identifier lookup (adaptation )
- CVE: https://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-28374
- Patch: debian9/4.9.258-1/CVE-2020-28374-kpatch.patch
- From: 4.4.0-200.232
- CVE-2020-29569, CVSSv2 Score: 8.8
- Description:
xen-blkback: set ring->xenblkd to NULL after kthread_stop()
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-29569
- Patch: debian9/4.9.258-1/CVE-2020-29568-xsa350.patch
- From: linux-4.9.258-1
- CVE-2020-27825, CVSSv2 Score: 5.7
- Description:
[PATCH] tracing: Fix race in trace_open and buffer resize call
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-27825
- Patch: debian9/4.9.258-1/CVE-2020-27825-patch-tracing-fix-race-in-trace-open-and-buffer-resize-call.patch
- From: 4.9.258-1
- CVE-2020-29660, CVSSv2 Score: 4.4
- Description:
tty: Fix ->pgrp locking in tiocspgrp()
- CVE: https://access.redhat.com/security/cve/CVE-2020-29660
- Patch: debian9/4.9.258-1/0002-CVE-2020-29660-tty-Fix-pgrp-locking-in-tiocspgrp.patch
- From: linux-4.9.258-1
- CVE-2020-29660, CVSSv2 Score: 4.4
- Description:
tty: Fix ->session locking
- CVE: https://access.redhat.com/security/cve/CVE-2020-29660
- Patch: debian9/4.9.258-1/0003-CVE-2020-29660-tty-Fix-session-locking.patch
- From: linux-4.9.258-1
- CVE-2020-27815, CVSSv2 Score: 7.4
- Description:
jfs: Fix array index bounds check in dbAdjTree
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-27815
- Patch: debian10/4.19.171-2/CVE-2020-27815-jfs-Fix-array-index-bounds-check-in-dbAdjTree.patch
- From: 4.19.171-2
- CVE-2019-19318, CVSSv2 Score: 4.4
- Description:
Btrfs: fix selftests failure due to uninitialized i_mode in test inodes
- CVE: https://security-tracker.debian.org/tracker/CVE-2019-19318
- Patch: debian9/4.9.258-1/CVE-2019-19318-Btrfs-fix-selftests-failure-due-to-uninitialized-i_mode-in-test-inodes.patch
- From: linux-4.9.258-1
- CVE-2019-19813, CVSSv2 Score: 7.8
- Description:
btrfs: inode: Verify inode mode to avoid NULL pointer dereference
- CVE: https://security-tracker.debian.org/tracker/CVE-2019-19816
- Patch: ubuntu-xenial/4.4.0-201.233/CVE-2019-19816-CVE-2019-19813-btrfs-inode-Verify-inode-mode-to-avoid-NULL-pointer-dereference.patch
- From: kernel-4.4.0-20kernel-4.4.0-201.233
- CVE-2021-3347, CVSSv2 Score: 7.4
- Description:
futex: Handle faults correctly for PI futexes
- CVE: https://access.redhat.com/security/cve/cve-2021-3347
- Patch: 4.4.0/CVE-2021-3347-futex-Handle-faults-correctly-for-PI-futexes-kpatch.patch
- From: >kernel-4.4.0-201.233
- CVE-2021-29154, CVSSv2 Score: 7.8
- Description:
bpf, x86: Validate computation of branch displacements for x86-64
- CVE: https://security-tracker.debian.org/tracker/CVE-2021-29154
- Patch: 4.9.0/CVE-2021-29154-bpf-x86-Validate-computation-of-branch-displacements.patch
- From: >4.9.258-1
- CVE-2020-25670, CVSSv2 Score: 5.7
- Description:
nfc: fix refcount leak in llcp_sock_bind()
- CVE: https://access.redhat.com/security/cve/CVE-2020-25670
- Patch: 4.14.0/CVE-2020-25670-nfc-fix-refcount-leak-in-llcp_sock_bind.patch
- From: 4.14.231-173.360.amzn2
- CVE-2020-25671, CVSSv2 Score: 5.7
- Description:
nfc: fix refcount leak in llcp_sock_connect()
- CVE: https://access.redhat.com/security/cve/CVE-2020-25671
- Patch: 4.14.0/CVE-2020-25671-nfc-fix-refcount-leak-in-llcp_sock_connect.patch
- From: 4.14.231-173.360.amzn2
- CVE-2020-25672, CVSSv2 Score: 5.7
- Description:
nfc: fix memory leak in llcp_sock_connect()
- CVE: https://access.redhat.com/security/cve/CVE-2020-25672
- Patch: 4.14.0/CVE-2020-25672-nfc-fix-memory-leak-in-llcp_sock_connect.patch
- From: 4.14.231-173.360.amzn2
- CVE-2020-29374, CVSSv2 Score: 7.0
- Description:
gup: document and work around "COW can break either way" issue
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-29374
- Patch: 4.9.0/CVE-2020-29374-gup-document-and-work-around-COW-can-break-either-way-issue.patch
- From: 4.9.272-1
- CVE-2021-3428, CVSSv2 Score:
- Description:
- CVE:
- Patch: skipped/CVE-2021-3428.patch
- From:
- CVE-2021-28660, CVSSv2 Score: 7.8
- Description:
staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan()
- CVE: https://security-tracker.debian.org/tracker/CVE-2021-28660
- Patch: 4.19.0/801719-staging-rtl8188eu-prevent-ssid-overflow-in-rtw_wx_.patch
- From: v4.19.181
- CVE-2020-36322, CVSSv2 Score:
- Description:
- CVE:
- Patch: skipped/CVE-2020-36322.patch
- From:
- CVE-2021-28950, CVSSv2 Score:
- Description:
- CVE:
- Patch: skipped/CVE-2021-28950.patch
- From:
- CVE-2021-20292, CVSSv2 Score: 6.7
- Description:
drm/ttm/nouveau: don't call tt destroy callback on alloc failure.
- CVE: https://security-tracker.debian.org/tracker/CVE-2021-20292
- Patch: debian9/4.9.272-1/CVE-2021-20292-drm-ttm-nouveau-don-t-call-tt-destroy-callback-on-al.patch
- From: 4.9.272-1
- CVE-2021-28971, CVSSv2 Score: 4.7
- Description:
perf/x86/intel: Fix a crash caused by zero PEBS status
- CVE: https://access.redhat.com/security/cve/CVE-2021-28971
- Patch: 5.4.17/CVE-2021-28971-perf-x86-intel-Fix-a-crash-caused-by-zero-PEBS-status.patch
- From: 5.4.17-2102.201.3.el8uek
- CVE-2021-28964, CVSSv2 Score: 4.1
- Description:
btrfs: fix race when cloning extent buffer during rewind of an old root
- CVE: https://access.redhat.com/security/cve/CVE-2021-28964
- Patch: 4.1.12/CVE-2021-28964-btrfs-fix-race-when-cloning-extent-buffer-during-rewind-of.patch
- From: 4.1.12-124.50.2.el6uek
- CVE-2021-29265, CVSSv2 Score: 4.7
- Description:
usbip: fix stub_dev to check for stream socket
- CVE: https://access.redhat.com/security/cve/CVE-2021-29265
- Patch: 4.14.0/CVE-2021-29265-usbip-fix-stub_dev-to-check-for-stream-socket.patch
- From: 4.14.231-173.360.amzn2
- CVE-2021-29265, CVSSv2 Score: 4.7
- Description:
usbip: fix stub_dev usbip_sockfd_store() races leading to gpf
- CVE: https://access.redhat.com/security/cve/CVE-2021-29265
- Patch: 4.14.0/CVE-2021-29265-usbip-fix-stub_dev-usbip_sockfd_store-races-leading-to-gpf.patch
- From: 4.14.231-173.360.amzn2
- CVE-2021-29650, CVSSv2 Score: 5.5
- Description:
netfilter: x_tables: make xt_replace_table wait until old
- CVE: https://access.redhat.com/security/cve/CVE-2021-29650
- Patch: 4.1.12/CVE-2021-29650-netfilter-x_tables-make-xt_replace_table-wait-until-old.patch
- From: 4.1.12-124.50.2.el6uek
- CVE-2021-29650, CVSSv2 Score: 5.5
- Description:
netfilter: x_tables: Use correct memory barriers.
- CVE: https://access.redhat.com/security/cve/CVE-2021-29650
- Patch: 4.1.12/CVE-2021-29650-netfilter-x_tables-Use-correct-memory-barriers.patch
- From: 4.1.12-124.50.2.el6uek
- CVE-2021-29647, CVSSv2 Score: 5.5
- Description:
net: qrtr: fix a kernel-infoleak in qrtr_recvmsg()
- CVE: https://access.redhat.com/security/cve/CVE-2021-29647
- Patch: 4.14.0/CVE-2021-29647-net-qrtr-fix-a-kernel-infoleak-in-qrtr_recvmsg.patch
- From: 4.14.231-173.360.amzn2
- CVE-2021-28688, CVSSv2 Score: 5.5
- Description:
xen-blkback: don't leak persistent grants from xen_blkbk_map()
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2021-28688
- Patch: 4.14.0/CVE-2021-28688-xen-blkback-don-t-leak-persistent-grants-from-xen_blkbk_map.patch
- From: 4.14.231-173.360.amzn2
- CVE-2021-30002, CVSSv2 Score: 6.2
- Description:
media: v4l: ioctl: Fix memory leak in video_usercopy
- CVE: https://security-tracker.debian.org/tracker/CVE-2021-30002
- Patch: debian9/4.9.272-1/0006-CVE-2021-30002-media-v4l-ioctl-Fix-memory-leak-in-video_usercopy.patch
- From: 4.9.272-1
- CVE-2021-3483, CVSSv2 Score: 7.3
- Description:
firewire: nosy: Fix a use-after-free bug in nosy_ioctl()
- CVE: https://access.redhat.com/security/cve/CVE-2021-3483
- Patch: 4.14.0/CVE-2021-3483-firewire-nosy-Fix-a-use-after-free-bug-in-nosy_ioctl.patch
- From: 4.14.231-173.360.amzn2
- CVE-2021-23133, CVSSv2 Score: 7.0
- Description:
sctp: delay auto_asconf init until binding the first addr
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2021-23133
- Patch: 4.14.0/CVE-2021-23133-sctp-delay-auto_asconf-init-until-binding-the-first-addr.patch
- From: >kernel-4.14.231-173.360.amzn2
- CVE-2021-31916, CVSSv2 Score: 6.7
- Description:
dm ioctl: fix out of bounds array access when no devices
- CVE: https://security-tracker.debian.org/tracker/CVE-2021-31916
- Patch: debian9/4.9.272-1/0030-CVE-2021-31916-dm-ioctl-fix-out-of-bounds-array-access-when-no-devi.patch
- From: 4.9.272-1
- CVE-2021-32399, CVSSv2 Score: 7.0
- Description:
bluetooth: eliminate the potential race condition when removing the
- CVE: https://security-tracker.debian.org/tracker/CVE-2021-32399
- Patch: debian9/4.9.272-1/0026-CVE-2021-32399-bluetooth-eliminate-the-potential-race-condition-whe.patch
- From: 4.9.272-1
- CVE-2021-3587, CVSSv2 Score: 5.1
- Description:
nfc: fix NULL ptr dereference in llcp_sock_getname() after failed
- CVE: https://security-tracker.debian.org/tracker/CVE-2021-3587
- Patch: debian9/4.9.272-1/0027-CVE-2021-3587-CVE-2021-23134-net-nfc-fix-use-after-free-llcp_sock_bind-connect.patch
- From: 4.9.272-1
- CVE-2020-26147, CVSSv2 Score: 5.4
- Description:
mac80211: assure all fragments are encrypted
- CVE: https://ubuntu.com/security/CVE-2020-26147
- Patch: 5.4.0/CVE-2020-26147-mac80211-assure-all-fragments-are-encrypted.patch
- From:
- CVE-2020-24586, CVSSv2 Score: 5.3
- Description:
mac80211: prevent mixed key and fragment cache attacks
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2020-24587
- Patch: 4.9.0/CVE-2020-24586-CVE-2020-24587-mac80211-prevent-mixed-key-and-fragment-cache-attacks.patch
- From: 4.9.272-1
- CVE-2020-26139, CVSSv2 Score: 5.3
- Description:
mac80211: properly handle A-MSDUs that start with an RFC 1042 header
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2020-26139
- Patch: 4.9.0/CVE-2020-26139-mac80211-properly-handle-A-MSDUs-that-start-with-an-RFC-1042-header.patch
- From: 4.9.272-1
- CVE-2020-24588, CVSSv2 Score: 3.5
- Description:
cfg80211: mitigate A-MSDU aggregation attacks
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2020-24588
- Patch: 4.9.0/CVE-2020-24588-cfg80211-mitigate-A-MSDU-aggregation-attacks.patch
- From: 4.9.272-1
- CVE-2020-24588, CVSSv2 Score: 3.5
- Description:
mac80211: drop A-MSDUs on old ciphers
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2020-24588
- Patch: 4.9.0/CVE-2020-24588-mac80211-drop-A-MSDUs-on-old-ciphers.patch
- From: 4.9.272-1
- CVE-2020-26139, CVSSv2 Score: 5.3
- Description:
mac80211: add fragment cache to sta_info
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2020-26139
- Patch: 4.9.0/CVE-2020-26139-mac80211-add-fragment-cache-to-sta_info.patch
- From: 4.9.272-1
- CVE-2020-26139, CVSSv2 Score: 5.3
- Description:
mac80211: prevent attacks on TKIP/WEP as well
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2020-26139
- Patch: 4.9.0/CVE-2020-26139-mac80211-prevent-attacks-on-TKIP-WEP-as-well.patch
- From: 4.9.272-1
- CVE-2020-26139, CVSSv2 Score: 5.3
- Description:
mac80211: do not accept/forward invalid EAPOL frames
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2020-26139
- Patch: 4.9.0/CVE-2020-26139-mac80211-do-not-accept-forward-invalid-EAPOL-frames.patch
- From: 4.9.272-1
- CVE-2020-24587, CVSSv2 Score: 2.6
- Description:
mac80211: extend protection against mixed key and fragment cache
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2020-24587
- Patch: 4.9.0/CVE-2020-24586-CVE-2020-24587-mac80211-extend-protection-against-mixed-key-and-fragment-cache.patch
- From: 4.9.272-1
- CVE-2021-33034, CVSSv2 Score: 7.8
- Description:
Bluetooth: verify AMP hci_chan before amp_destroy
- CVE: https://access.redhat.com/security/cve/CVE-2021-33034
- Patch: 4.18.0/CVE-2021-33034.patch
- From: 4.18.0-305.7.1.el8_4
- CVE-2021-33034, CVSSv2 Score: 7.8
- Description:
Bluetooth: verify AMP hci_chan before amp_destroy (kcare adaptation)
- CVE: https://access.redhat.com/security/cve/CVE-2021-33034
- Patch: 4.18.0/CVE-2021-33034-kpatch.patch
- From: 4.18.0-305.7.1.el8_4
- CVE-2021-3564, CVSSv2 Score: 5.5
- Description:
Bluetooth: fix the erroneous flush_work() order
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2021-3564
- Patch: 4.9.0/CVE-2021-3564-Bluetooth-fix-the-erroneous-flush_work-order.patch
- From: 4.9.272-1
- CVE-2020-26558, CVSSv2 Score:
- Description:
- CVE:
- Patch: skipped/CVE-2020-26558.patch
- From:
- CVE-2021-0512, CVSSv2 Score: 7.8
- Description:
HID: make arrays usage and value to be the same
- CVE: https://security-tracker.debian.org/tracker/CVE-2021-0512
- Patch: debian9/4.9.272-1/CVE-2021-0512-hid-make-arrays-usage-and-value-to-be-the-same.patch
- From: 4.9.272-1
- CVE-2021-3573, CVSSv2 Score: 7.8
- Description:
Bluetooth: use correct lock to prevent UAF of hdev object
- CVE: https://access.redhat.com/security/cve/CVE-2021-3573
- Patch: 4.9.0/CVE-2021-3573-Bluetooth-use-correct-lock-to-prevent-UAF-of-hdev-object.patch
- From: 4.9.272-1
- CVE-2021-0129, CVSSv2 Score: 5.7
- Description:
Bluetooth: SMP: Fail if remote and local public keys are identical
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2021-0129
- Patch: 4.9.0/CVE-2021-0129-Bluetooth-SMP-Fail-if-remote-and-local-public-keys-are-identical.patch
- From: 4.9.272-1
- CVE-2021-22555, CVSSv2 Score: 7.8
- Description:
netfilter: x_tables: fix compat match/target pad out-of-bound write
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2021-22555
- Patch: 4.4.0/CVE-2021-22555-netfilter-x_tables-fix-compat-match-target-pad-out-of-bound-write.patch
- From: kernel-4.4.0-210.242
- CVE-2021-33909, CVSSv2 Score: 7.8
- Description:
seq_file: Disallow extremely large seq buffer allocations
- CVE: N/A
- Patch: 4.4.0/CVE-2021-33909-seq_file-Disallow-extremely-large-seq-buffer-allocations.patch
- From: kernel-4.4.0-210.242
- CVE-2021-34693, CVSSv2 Score: 5.5
- Description:
can: bcm: fix infoleak in struct bcm_msg_head
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2021-34693
- Patch: 4.19.0/CVE-2021-34693-can-bcm-fix-infoleak-in-struct-bcm_msg_head.patch
- From: 4.19.194-3
- CVE-2021-3609, CVSSv2 Score: 7.0
- Description:
UBUNTU: SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu
- CVE: https://ubuntu.com/security/CVE-2021-3609
- Patch: 5.8.0/CVE-2021-3609-UBUNTU-SAUCE-can-bcm-delay-release-of-struct-bcm_op-after-synchronize_rcu.patch
- From:
- CVE-2021-21781, CVSSv2 Score:
- Description:
- CVE:
- Patch: skipped/CVE-2021-21781.patch
- From:
- Description:
vmx_vcpu_run wrapper
- CVE:
- Patch: 4.9.0/x86-kvm-vmx_vcpu_run-wrapper.patch
- From:
- Description:
Restrict access to pagemap/kpageflags/kpagecount
- CVE: http://googleprojectzero.blogspot.ru/2015/03/exploiting-dram-rowhammer-bug-to-gain.html
- Patch: 4.4.0/proc-restrict-pagemap-access.patch
- From:
- CVE-2020-0427, CVSSv2 Score: 5.5
- Description:
pinctrl: devicetree: Avoid taking direct reference to device name string
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2020-0427
- Patch: 4.9.0/cve-2020-0427-pinctr-avoid-taking-direct-reference-to-device-name.patch
- From: 4.9.246-2
- CVE-2020-27675, CVSSv2 Score: 4.7
- Description:
xen/events: avoid removing an event channel while handling it
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2020-27675
- Patch: 4.9.0/cve-2020-27675-avoid-removing-event-channel-while-handling-it-240.patch
- From: 4.9.246-2
- CVE-2020-14351, CVSSv2 Score: 7.0
- Description:
perf/core: Fix race in the perf_mmap_close() function
- CVE: https://access.redhat.com/security/cve/CVE-2020-14351
- Patch: 4.4.0/CVE-2020-14351-perf-core-Fix-race-in-the-perf_mmap_close-function.patch
- From: kernel-4.4.0-197.229
- CVE-2020-25645, CVSSv2 Score: 7.5
- Description:
geneve: add transport ports in route lookup for geneve
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2020-25645
- Patch: 4.9.0/cve-2020-25645-geneve-add-transport-ports-in-route-lookup-for-genev.patch
- From: 4.9.246-2
- CVE-2020-25656, CVSSv2 Score: 4.1
- Description:
vt: keyboard, simplify vt_kdgkbsent
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-25656
- Patch: 4.19.0/CVE-2020-25656-vt-keyboard-simplify-vt_kdgkbsent.patch
- From: 4.19.160-2~deb9u1
- CVE-2020-25656, CVSSv2 Score: 4.1
- Description:
vt: keyboard, extend func_buf_lock to readers
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-25656
- Patch: 4.19.0/CVE-2020-25656-vt-keyboard-extend-func_buf_lock-to-readers.patch
- From: 4.19.160-2~deb9u1
- CVE-2020-25668, CVSSv2 Score: 7.0
- Description:
tty: make FONTX ioctl use the tty pointer they were actually passed
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-25668
- Patch: 4.19.0/CVE-2020-25668-tty-make-FONTX-ioctl-use-the-tty-pointer-they-were-actually-passed.patch
- From: 4.19.160-2~deb9u1
- CVE-2020-25669, CVSSv2 Score: 4.1
- Description:
Input: sunkbd - avoid use-after-free in teardown paths
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-25669
- Patch: 4.19.0/CVE-2020-25669-Input-sunkbd-avoid-use-after-free-in-teardown-paths.patch
- From: 4.19.160-2~deb9u1
- CVE-2020-25704, CVSSv2 Score: 6.2
- Description:
perf/core: Fix a memory leak in perf_event_parse_addr_filter()
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2020-25704
- Patch: 4.9.0/cve-2020-25704-perf-core-Fix-a-memory-leak-in-perf_event_parse_addr_filter.patch
- From: 4.9.246-2
- CVE-2020-28974, CVSSv2 Score: 4.6
- Description:
vt: Disable KD_FONT_OP_COPY
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-28974
- Patch: 4.19.0/CVE-2020-28974-vt-Disable-KD_FONT_OP_COPY.patch
- From: 4.19.160-2~deb9u1
- CVE-2020-8694, CVSSv2 Score: 5.1
- Description:
powercap: make attributes only readable by root
- CVE: https://access.redhat.com/security/cve/CVE-2020-8694
- Patch: 4.14.0/CVE-2020-8694-powercap-make-attributes-only-readable-by-root.patch
- From: kernel-uek-4.14.35-2025.402.2.1.el7uek
- CVE-2020-25705, CVSSv2 Score: 7.4
- Description:
icmp: randomize the global rate limiter
- CVE: https://www.saddns.net/
- Patch: 4.9.0/icmp-randomize-the-global-rate-limiter.patch
- From: 4.19.153