KernelCare Directory

kernel-uek-5.15.0-300.163.18.el8uek (oel8-uek7)
Kernel Update Version: 5.15.0-303.171.5.2.1.el8uek
Build Date: 2025-01-14 09:04:52
Release Date: 2025-01-16 07:54:36
Release: K20250114_02

N/A, CVSSv2 Score: N/A
Description:
vhost/scsi: null-ptr-dereference in vhost_scsi_get_req()
CVE: https://linux.oracle.com/errata/ELSA-2024-12713.html
Patch: oel9-uek7/5.15.0-300.163.18.1.el9uek/vhost-scsi-null-ptr-dereference-in-vhost_scsi_get_req-uek7.patch
From: 5.15.0-300.163.18.1

CVE-2024-35801, CVSSv2 Score: 7.8
Description:
x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD
CVE: https://linux.oracle.com/cve/CVE-2024-35801.html
Patch: oel9-uek7/5.15.0-301.163.5.2.el9uek/CVE-2024-35801-x86-fpu-keep-xfd-state-in-sync-with-msr-ia32-xfd.patch
From: 5.15.0-301.163.5.2.el8uek

CVE-2024-35959, CVSSv2 Score: 5.5
Description:
net/mlx5e: Fix mlx5e_priv_init() cleanup flow
CVE: https://linux.oracle.com/cve/CVE-2024-35959.html
Patch: oel9-uek7/5.15.0-301.163.5.2.el9uek/CVE-2024-35959-net-mlx5e-fix-mlx5e-priv-init-cleanup-flow.patch
From: 5.15.0-301.163.5.2.el8uek

CVE-2024-42269, CVSSv2 Score: 5.5
Description:
netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init().
CVE: https://linux.oracle.com/cve/CVE-2024-42269.html
Patch: oel9-uek7/5.15.0-301.163.5.2.el9uek/CVE-2024-42269-netfilter-iptables-fix-potential-null-ptr-deref-in-ip6table-nat-table-init.patch
From: 5.15.0-301.163.5.2.el8uek

CVE-2024-42270, CVSSv2 Score: 5.5
Description:
netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init().
CVE: https://linux.oracle.com/cve/CVE-2024-42270.html
Patch: oel9-uek7/5.15.0-301.163.5.2.el9uek/CVE-2024-42270-netfilter-iptables-fix-null-ptr-deref-in-iptable-nat-table-init.patch
From: 5.15.0-301.163.5.2.el8uek

CVE-2024-47674, CVSSv2 Score: 5.5
Description:
mm: avoid leaving partial pfn mappings around in error case
CVE: https://linux.oracle.com/cve/CVE-2024-47674.html
Patch: oel9-uek7/5.15.0-301.163.5.2.el9uek/CVE-2024-47674-mm-avoid-leaving-partial-pfn-mappings-around-in-error-case.patch
From: 5.15.0-301.163.5.2.el8uek

CVE-2024-26681, CVSSv2 Score: 5.5
Description:
netdevsim: avoid potential loop in nsim_dev_trap_report_work()
CVE: https://linux.oracle.com/cve/CVE-2024-26681.html
Patch: oel9-uek7/5.15.0-301.163.5.2.el9uek/CVE-2024-26681-netdevsim-avoid-potential-loop-in-nsim-dev-trap-report-work.patch
From: 5.15.0-301.163.5.2.el8uek

CVE-2024-40940, CVSSv2 Score: 5.5
Description:
net/mlx5: Fix tainted pointer delete is case of flow rules creation fail
CVE: https://linux.oracle.com/cve/CVE-2024-40940.html
Patch: oel9-uek7/5.15.0-301.163.5.2.el9uek/CVE-2024-40940-net-mlx5-fix-tainted-pointer-delete-is-case-of-flow-rules-creation-fail.patch
From: 5.15.0-301.163.5.2.el8uek

CVE-2024-26734, CVSSv2 Score:
Description:
Affects only boot __init stage, already booted kernels are not affected
CVE:
Patch: skipped/CVE-2024-26734.patch
From:

CVE-2024-27397, CVSSv2 Score: 7.0
Description:
netfilter: nf_tables: use timestamp to check for set element timeout
CVE: https://linux.oracle.com/cve/CVE-2024-27397.html
Patch: oel9-uek7/5.15.0-301.163.5.2.el9uek/CVE-2024-27397-netfilter-nf_tables-use-timestamp-to-check-for-set-element-timeout.patch
From: 5.15.0-301.163.5.2.el8uek

CVE-2024-27397, CVSSv2 Score: 7.0
Description:
netfilter: nf_tables: use timestamp to check for set element timeout
CVE: https://linux.oracle.com/cve/CVE-2024-27397.html
Patch: oel9-uek7/5.15.0-301.163.5.2.el9uek/CVE-2024-27397-netfilter-nf_tables-use-timestamp-to-check-for-set-element-timeout-kpatch.patch
From: 5.15.0-301.163.5.2.el9uek

CVE-2024-45026, CVSSv2 Score:
Description:
Architecture is not supported
CVE:
Patch: skipped/CVE-2024-45026.patch
From:

CVE-2024-46814, CVSSv2 Score: 5.5
Description:
drm/amd/display: Check msg_id before processing transcation
CVE: https://linux.oracle.com/cve/CVE-2024-46814.html
Patch: oel9-uek7/5.15.0-302.167.6.el9uek/CVE-2024-46814-drm-amd-display-Check-msg_id-before-processing-transcation.patch
From: 5.15.0-302.167.6.el9uek

CVE-2024-41011, CVSSv2 Score: 4.1
Description:
drm/amdkfd: don't allow mapping the MMIO HDP page with large pages
CVE: https://linux.oracle.com/cve/CVE-2024-41011.html
Patch: oel9-uek7/5.15.0-302.167.6.el9uek/CVE-2024-41011-drm-amdkfd-don-t-allow-mapping-the-mmio-hdp-page-with-large-pages.patch
From: 5.15.0-302.167.6.el9uek

CVE-2024-42284, CVSSv2 Score: 7.3
Description:
tipc: Return non-zero value from tipc_udp_addr2str() on error
CVE: https://linux.oracle.com/cve/CVE-2024-42284.html
Patch: oel9-uek7/5.15.0-302.167.6.el9uek/CVE-2024-42284-tipc-return-non-zero-value-from-tipc-udp-addr2str-on-error.patch
From: 5.15.0-302.167.6.el9uek

CVE-2024-42302, CVSSv2 Score:
Description:
Patched function waits for external events, which may prevent patching/unpatching.
CVE:
Patch: skipped/CVE-2024-42302.patch
From:

CVE-2024-46844, CVSSv2 Score: 5.5
Description:
um: line: always fill *error_out in setup_one_line()
CVE: https://linux.oracle.com/cve/CVE-2024-46844.html
Patch: oel9-uek7/5.15.0-302.167.6.el9uek/CVE-2024-46844-um-line-always-fill-error-out-in-setup-one-line.patch
From: 5.15.0-302.167.6.el9uek

CVE-2024-46674, CVSSv2 Score: 7.8
Description:
usb: dwc3: st: fix probed platform device ref count on probe error path
CVE: https://linux.oracle.com/cve/CVE-2024-46674.html
Patch: oel9-uek7/5.15.0-302.167.6.el9uek/CVE-2024-46674-usb-dwc3-st-fix-probed-platform-device-ref-count-on-probe-error-path.patch
From: 5.15.0-302.167.6.el9uek

CVE-2024-46725, CVSSv2 Score: 5.5
Description:
drm/amdgpu: Fix out-of-bounds write warning
CVE: https://linux.oracle.com/cve/CVE-2024-46725.html
Patch: oel9-uek7/5.15.0-302.167.6.el9uek/CVE-2024-46725-drm-amdgpu-Fix-out-of-bounds-write-warning.patch
From: 5.15.0-302.167.6.el9uek

CVE-2024-41070, CVSSv2 Score:
Description:
CVE patch is for powerpc arch only
CVE:
Patch: skipped/CVE-2024-41070.patch
From:

CVE-2024-42301, CVSSv2 Score: 5.5
Description:
dev/parport: fix the array out-of-bounds risk
CVE: https://linux.oracle.com/cve/CVE-2024-42301.html
Patch: oel9-uek7/5.15.0-302.167.6.el9uek/CVE-2024-42301-dev-parport-fix-the-array-out-of-bounds-risk.patch
From: 5.15.0-302.167.6.el9uek

CVE-2024-49966, CVSSv2 Score: 7.8
Description:
ocfs2: cancel dqi_sync_work before freeing oinfo
CVE: https://linux.oracle.com/cve/CVE-2024-49966.html
Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-49966-ocfs2-cancel-dqi-sync-work-before-freeing-oinfo.patch
From: 5.15.0-303.171.5.2.el9uek

CVE-2024-49930, CVSSv2 Score: 7.8
Description:
wifi: ath11k: fix array out-of-bound access in SoC stats
CVE: https://linux.oracle.com/cve/CVE-2024-49930.html
Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-49930-wifi-ath11k-fix-array-out-of-bound-access-in-soc-stats.patch
From: 5.15.0-303.171.5.2.el9uek

CVE-2024-49995, CVSSv2 Score: 7.8
Description:
tipc: guard against string buffer overrun
CVE: https://linux.oracle.com/cve/CVE-2024-49995.html
Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-49995-tipc-guard-against-string-buffer-overrun.patch
From: 5.15.0-303.171.5.2.el9uek

CVE-2024-49924, CVSSv2 Score: 7.8
Description:
fbdev: pxafb: Fix possible use after free in pxafb_task()
CVE: https://linux.oracle.com/cve/CVE-2024-49924.html
Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-49924-fbdev-pxafb-fix-possible-use-after-free-in-pxafb-task.patch
From: 5.15.0-303.171.5.2.el9uek

CVE-2024-49983, CVSSv2 Score: 7.8
Description:
ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free
CVE: https://linux.oracle.com/cve/CVE-2024-49983.html
Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-49983-ext4-drop-ppath-from-ext4-ext-replay-update-ex-to-avoid-double-free.patch
From: 5.15.0-303.171.5.2.el9uek

CVE-2024-50151, CVSSv2 Score: 7.8
Description:
smb: client: fix OOBs when building SMB2_IOCTL request
CVE: https://linux.oracle.com/cve/CVE-2024-50151.html
Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-50151-smb-client-fix-oobs-when-building-smb2-ioctl-request.patch
From: 5.15.0-303.171.5.2.el9uek

CVE-2024-53059, CVSSv2 Score: 7.8
Description:
wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd()
CVE: https://linux.oracle.com/cve/CVE-2024-53059.html
Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-53059-wifi-iwlwifi-mvm-fix-response-handling-in-iwl-mvm-send-recovery-cmd.patch
From: 5.15.0-303.171.5.2.el9uek

CVE-2024-50257, CVSSv2 Score: 7.8
Description:
netfilter: Fix use-after-free in get_info()
CVE: https://linux.oracle.com/cve/CVE-2024-50257.html
Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-50257-netfilter-fix-use-after-free-in-get-info.patch
From: 5.15.0-303.171.5.2.el9uek

CVE-2024-50230, CVSSv2 Score: 7.8
Description:
nilfs2: fix kernel bug due to missing clearing of checked flag
CVE: https://linux.oracle.com/cve/CVE-2024-50230.html
Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-50230-nilfs2-fix-kernel-bug-due-to-missing-clearing-of-checked-flag.patch
From: 5.15.0-303.171.5.2.el9uek

CVE-2024-38384, CVSSv2 Score:
Description:
Issue was backported and fixed in the same 5.15.0-303.168.3.el9uek, previous kernels are not affected
CVE:
Patch: skipped/CVE-2024-38384.patch
From:

CVE-2024-39463, CVSSv2 Score: 7.8
Description:
9p: add missing locking around taking dentry fid list
CVE: https://linux.oracle.com/cve/CVE-2024-39463.html
Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-39463-9p-add-missing-locking-around-taking-dentry-fid-list.patch
From: 5.15.0-303.171.5.2.el9uek

CVE-2024-46852, CVSSv2 Score: 7.8
Description:
dma-buf: heaps: Fix off-by-one in CMA heap fault handler
CVE: https://linux.oracle.com/cve/CVE-2024-46852.html
Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-46852-dma-buf-heaps-Fix-off-by-one-in-CMA-heap-fault-handler.patch
From: 5.15.0-303.171.5.2.el9uek

CVE-2024-47685, CVSSv2 Score: 9.1
Description:
netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put()
CVE: https://linux.oracle.com/cve/CVE-2024-47685.html
Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-47685-netfilter-nf_reject_ipv6-fix-nf_reject_ip6_tcphdr_put.patch
From: 5.15.0-303.171.5.2.el9uek

CVE-2024-47698, CVSSv2 Score: 7.8
Description:
drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error
CVE: https://linux.oracle.com/cve/CVE-2024-47698.html
Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-47698-drivers-media-dvb-frontends-rtl2832-fix-an-out-of-bounds-write-error.patch
From: 5.15.0-303.171.5.2.el9uek

CVE-2024-49982, CVSSv2 Score: 7.8
Description:
aoe: fix the potential use-after-free problem in more places
CVE: https://linux.oracle.com/cve/CVE-2024-49982.html
Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-49982-aoe-fix-the-potential-use-after-free-problem-in-more-places.patch
From: 5.15.0-303.171.5.2.el9uek

CVE-2024-50007, CVSSv2 Score: 7.8
Description:
ALSA: asihpi: Fix potential OOB array access
CVE: https://linux.oracle.com/cve/CVE-2024-50007.html
Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-50007-ALSA-asihpi-Fix-potential-OOB-array-access.patch
From: 5.15.0-303.171.5.2.el9uek

CVE-2024-50143, CVSSv2 Score: 7.8
Description:
udf: fix uninit-value use in udf_get_fileshortad
CVE: https://linux.oracle.com/cve/CVE-2024-50143.html
Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-50143-udf-fix-uninit-value-use-in-udf_get_fileshortad.patch
From: 5.15.0-303.171.5.2.el9uek

CVE-2024-50262, CVSSv2 Score: 7.8
Description:
bpf: Fix out-of-bounds write in trie_get_next_key()
CVE: https://linux.oracle.com/cve/CVE-2024-50262.html
Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-50262-bpf-Fix-out-of-bounds-write-in-trie_get_next_key.patch
From: 5.15.0-303.171.5.2.el9uek

CVE-2024-53057, CVSSv2 Score: 7.8
Description:
net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT
CVE: https://linux.oracle.com/cve/CVE-2024-53057.html
Patch: oel9-uek7/5.15.0-303.171.5.2.el9uek/CVE-2024-53057-net-sched-stop-qdisc_tree_reduce_backlog-on-TC_H_ROOT.patch
From: 5.15.0-303.171.5.2.el9uek

N/A, CVSSv2 Score: N/A
Description:
kpatch add alt asm definitions
CVE: https://www.kernel.org
Patch: 5.15.0/kpatch-add-alt-asm-definitions.patch
From: N/A

N/A, CVSSv2 Score: N/A
Description:
kpatch add paravirt asm definitions
CVE: N/A
Patch: 5.15.0/kpatch-add-paravirt-asm-definitions.patch
From: N/A