- kernel-4.18.0-553.56.1.el8_10 (rhel8)
- 4.18.0-553.107.1.el8_10
- 2026-03-09 11:08:46
- 2026-03-10 09:11:18
- K20260309_01
- CVE-2022-48919
- Description:
cifs: fix double free race when mount fails in cifs_get_root()
- CVE: https://access.redhat.com/security/cve/CVE-2022-48919
- Patch: rhel8/4.18.0-553.58.1.el8_10/CVE-2022-48919-cifs-fix-double-free-race-when-mount-fails-in-cifs_get_root.patch
- From: 4.18.0-553.58.1.el8_10
- CVE-2024-50301
- Description:
security/keys: fix slab-out-of-bounds in key_task_permission
- CVE: https://access.redhat.com/security/cve/CVE-2024-50301
- Patch: rhel8/4.18.0-553.58.1.el8_10/CVE-2024-50301-security-keys-fix-slab-out-of-bounds-in-key_task_permission.patch
- From: 4.18.0-553.58.1.el8_10
- CVE-2024-53064
- Description:
idpf: fix idpf_vc_core_init error path
- CVE: https://access.redhat.com/security/cve/CVE-2024-53064
- Patch: rhel8/4.18.0-553.58.1.el8_10/CVE-2024-53064-idpf-fix-idpf_vc_core_init-error-path.patch
- From: 4.18.0-553.58.1.el8_10
- CVE-2025-21764
- Description:
ndisc: use RCU protection in ndisc_alloc_skb()
- CVE: https://access.redhat.com/security/cve/CVE-2025-21764
- Patch: rhel8/4.18.0-553.58.1.el8_10/CVE-2025-21764-ndisc-use-rcu-protection-in-ndisc_alloc_skb.patch
- From: 4.18.0-553.58.1.el8_10
- CVE-2022-49111
- Description:
Bluetooth: Fix use after free in hci_send_acl
- CVE: https://access.redhat.com/security/cve/CVE-2022-49111
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2022-49111-bluetooth-fix-use-after-free-in-hci_send_acl.patch
- From: 4.18.0-553.60.1.el8_10
- CVE-2022-49136
- Description:
Bluetooth: hci_sync: Fix queuing commands when HCI_UNREGISTER is set
- CVE: https://access.redhat.com/security/cve/CVE-2022-49136
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2022-49136-bluetooth-hci_sync-fix-queuing-commands-when-hci_unregister-is-set.patch
- From: 4.18.0-553.60.1.el8_10
- CVE-2022-49846
- Description:
udf: Fix a slab-out-of-bounds write bug in udf_find_entry()
- CVE: https://access.redhat.com/security/cve/CVE-2022-49846
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2022-49846-udf-fix-a-slab-out-of-bounds-write-bug-in-udf_find_entry.patch
- From: 4.18.0-553.60.1.el8_10
- CVE-2022-49058
- Description:
cifs: potential buffer overflow in handling symlinks
- CVE: http://access.redhat.com/security/cve/cve-2022-49058
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2022-49058-cifs-potential-buffer-overflow-in-handling-symlinks.patch
- From: 4.18.0-553.62.1.el8_10
- CVE-2024-57980
- Description:
media: uvcvideo: Fix double free in error path
- CVE: https://access.redhat.com/security/cve/cve-2024-57980
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2024-57980-media-uvcvideo-fix-double-free-in-error-path.patch
- From: 4.18.0-553.62.1.el8_10
- CVE-2025-21991
- Description:
x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes
- CVE: https://access.redhat.com/security/cve/cve-2025-21991
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2025-21991-x86-microcode-amd-fix-out-of-bounds-on-systems-with-cpu-less-numa-nodes.patch
- From: 4.18.0-553.62.1.el8_10
- CVE-2025-22004
- Description:
net: atm: fix use after free in lec_send()
- CVE: https://access.redhat.com/security/cve/cve-2025-22004
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2025-22004-net-atm-fix-use-after-free-in-lec-send.patch
- From: 4.18.0-553.62.1.el8_10
- CVE-2022-49788
- Description:
misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
- CVE: https://access.redhat.com/security/cve/cve-2022-49788
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2022-49788-misc-vmw_vmci-fix-an-infoleak-in-vmci_host_do_receive_datagram.patch
- From: 4.18.0-553.62.1.el8_10
- CVE-2025-23150
- Description:
ext4: fix off-by-one error in do_split
- CVE: https://access.redhat.com/security/cve/CVE-2025-23150
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2025-23150-ext4-fix-off-by-one-error-in-do-split.patch
- From: 4.18.0-553.62.1.el8_10
- CVE-2025-37738
- Description:
ext4: ignore xattrs past end
- CVE: https://access.redhat.com/security/cve/CVE-2025-37738
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2025-37738-ext4-ignore-xattrs-past-end.patch
- From: 4.18.0-553.62.1.el8_10
- CVE-2024-58002
- Description:
media: uvcvideo: Remove dangling pointers
- CVE: https://access.redhat.com/security/cve/CVE-2024-58002
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2024-58002-media-uvcvideo-Only-save-async-fh-if-success.patch
- From: 4.18.0-553.62.1.el8_10
- CVE-2024-58002
- Description:
media: uvcvideo: Remove dangling pointers
- CVE: https://access.redhat.com/security/cve/CVE-2024-58002
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2024-58002-media-uvcvideo-remove-dangling-pointers.patch
- From: 4.18.0-553.62.1.el8_10
- CVE-2024-58002
- Description:
media: uvcvideo: Remove dangling pointers
- CVE: https://access.redhat.com/security/cve/CVE-2024-58002
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2024-58002-media-uvcvideo-remove-dangling-pointers-kpatch.patch
- From: 4.18.0-553.62.1.el8_10
- CVE-2024-58002
- Description:
media: uvcvideo: Remove dangling pointers
- CVE: https://access.redhat.com/security/cve/CVE-2024-58002
- Patch: rhel8/4.18.0-553.60.1.el8_10/CVE-2024-58002-convert-guard-mutex.patch
- From: 4.18.0-553.62.1.el8_10
- CVE-2024-50154
- Description:
tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().
- CVE: https://access.redhat.com/security/cve/CVE-2024-50154
- Patch: rhel8/4.18.0-553.63.1.el8_10/CVE-2024-50154-tcp-dccp-Don-t-use-timer_pending-in-reqsk_queue_unli.patch
- From: 4.18.0-553.63.1.el8_10
- CVE-2025-38086
- Description:
net: ch9200: fix uninitialised access during mii_nway_restart
- CVE: https://access.redhat.com/security/cve/CVE-2025-38086
- Patch: rhel8/4.18.0-553.63.1.el8_10/CVE-2025-38086-net-ch9200-fix-uninitialised-access-during-mii_nway_restart.patch
- From: 4.18.0-553.63.1.el8_10
- CVE-2025-21919
- Description:
sched/fair: Fix potential memory corruption in child_cfs_rq_on_list
- CVE: https://access.redhat.com/security/cve/CVE-2025-21919
- Patch: rhel8/4.18.0-553.64.1.el8_10/CVE-2025-21919-sched-fair-fix-potential-memory-corruption-in-child-cfs-rq-on-list.patch
- From: kernel-4.18.0-553.63.1.el8_10
- CVE-2025-21905
- Description:
wifi: iwlwifi: limit printed string from FW file
- CVE: https://access.redhat.com/security/cve/CVE-2025-21905
- Patch: rhel8/4.18.0-553.64.1.el8_10/CVE-2025-21905-wifi-iwlwifi-limit-printed-string-from-fw-file.patch
- From: kernel-4.18.0-553.63.1.el8_10
- CVE-2022-49977
- Description:
ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead
- CVE: https://access.redhat.com/security/cve/CVE-2022-49977
- Patch: rhel8/4.18.0-553.64.1.el8_10/CVE-2022-49977-ftrace-Fix-NULL-pointer-dereference-in-is_ftrace_trampoline-when-ftrace-is-dead.patch
- From: 4.18.0-553.64.1.el8_10
- CVE-2025-21928
- Description:
HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove()
- CVE: https://access.redhat.com/security/cve/CVE-2025-21928
- Patch: rhel8/4.18.0-553.66.1.el8_10/CVE-2025-21928-hid-intel-ish-hid-fix-use-after-free-issue-in-ishtp-hid-remove.patch
- From: 4.18.0-553.66.1.el8_10
- CVE-2025-22020
- Description:
memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove
- CVE: https://access.redhat.com/security/cve/CVE-2025-22020
- Patch: rhel8/4.18.0-553.66.1.el8_10/CVE-2025-22020-memstick-rtsx-usb-ms-fix-slab-use-after-free-in-rtsx-usb-ms-drv-remove.patch
- From: 4.18.0-553.66.1.el8_10
- CVE-2022-50020
- Description:
ext4: avoid resizing to a partial cluster size
- CVE: https://access.redhat.com/security/cve/CVE-2022-50020
- Patch: rhel8/4.18.0-553.66.1.el8_10/CVE-2022-50020-ext4-avoid-resizing-to-a-partial-cluster-size.patch
- From: 4.18.0-553.66.1.el8_10
- CVE-2025-38079
- Description:
crypto: algif_hash - fix double free in hash_accept
- CVE: https://access.redhat.com/security/cve/CVE-2025-38079
- Patch: rhel8/4.18.0-553.66.1.el8_10/CVE-2025-38079-crypto-algif_hash-fix-double-free-in-hash_accept.patch
- From: 4.18.0-553.66.1.el8_10
- CVE-2025-37890
- Description:
net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc
- CVE: https://access.redhat.com/security/cve/CVE-2025-37890
- Patch: rhel8/4.18.0-553.66.1.el8_10/CVE-2025-37890-net-sched-hfsc-fix-a-uaf-vulnerability-in-class-with-netem-as-child-qdisc.patch
- From: 4.18.0-553.66.1.el8_10
- CVE-2025-37890
- Description:
sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()
- CVE: https://access.redhat.com/security/cve/CVE-2025-37890
- Patch: rhel8/4.18.0-553.66.1.el8_10/CVE-2025-37890-sch_hfsc-Fix-qlen-accounting-bug-when-using-peek-in-hfsc_enqueue.patch
- From: 4.18.0-553.66.1.el8_10
- CVE-2025-37890
- Description:
net_sched: hfsc: Address reentrant enqueue adding class to eltree twice
- CVE: https://access.redhat.com/security/cve/CVE-2025-37890
- Patch: rhel8/4.18.0-553.66.1.el8_10/CVE-2025-37890-net-sched-hfsc-address-reentrant-enqueue-adding-class-to-eltree-twice.patch
- From: 4.18.0-553.66.1.el8_10
- CVE-2025-38052
- Description:
Complex adaptation required. Low impact CVE
- CVE:
- Patch: skipped/CVE-2025-38052.patch
- From:
- CVE-2021-47670
- Description:
can: peak_usb: fix use after free bugs
- CVE: https://access.redhat.com/security/cve/CVE-2021-47670
- Patch: rhel8/4.18.0-553.69.1.el8_10/CVE-2021-47670-can-peak_usb-fix-use-after-free-bugs.patch
- From: kernel-4.18.0-553.69.1.el8_10
- CVE-2025-21727
- Description:
padata: fix UAF in padata_reorder
- CVE: https://access.redhat.com/security/cve/CVE-2025-21727
- Patch: rhel8/4.18.0-553.69.1.el8_10/CVE-2025-21727-padata-fix-uaf-in-padata-reorder.patch
- From: kernel-4.18.0-553.69.1.el8_10
- CVE-2025-21759
- Description:
ipv6: mcast: extend RCU protection in igmp6_send()
- CVE: https://access.redhat.com/security/cve/CVE-2025-21759
- Patch: rhel8/4.18.0-553.69.1.el8_10/CVE-2025-21759-ipv6-mcast-add-dev_net_rcu-helper.patch
- From: kernel-4.18.0-553.69.1.el8_10
- CVE-2025-21759
- Description:
ipv6: mcast: extend RCU protection in igmp6_send()
- CVE: https://access.redhat.com/security/cve/CVE-2025-21759
- Patch: rhel8/4.18.0-553.69.1.el8_10/CVE-2025-21759-ipv6-mcast-extend-RCU-protection-in-igmp6_send.patch
- From: kernel-4.18.0-553.69.1.el8_10
- CVE-2025-38159
- Description:
wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds
- CVE: https://access.redhat.com/security/cve/CVE-2025-38159
- Patch: rhel8/4.18.0-553.69.1.el8_10/CVE-2025-38159-wifi-rtw88-fix-the-para-buffer-size-to-avoid-reading-out-of-bounds.patch
- From: kernel-4.18.0-553.69.1.el8_10
- CVE-2024-56644
- Description:
net/ipv6: release expired exception dst cached in socket
- CVE: https://access.redhat.com/security/cve/CVE-2024-56644
- Patch: rhel8/4.18.0-553.69.1.el8_10/CVE-2024-56644-net-ipv6-release-expired-exception-dst-cached-in-socket.patch
- From: kernel-4.18.0-553.69.1.el8_10
- CVE-2025-38085
- Description:
Complex adaptation required. High risk of regression.
- CVE:
- Patch: skipped/CVE-2025-38085.patch
- From:
- CVE-2025-22097
- Description:
drm/vkms: Fix use after free and double free on init error
- CVE: https://access.redhat.com/security/cve/CVE-2025-22097
- Patch: rhel8/4.18.0-553.70.1.el8_10/CVE-2025-22097-drm-vkms-fix-use-after-free-and-double-free-on-init-error.patch
- From: 4.18.0-553.70.1.el8_10
- CVE-2025-22097
- Description:
drm/vkms: Fix use after free and double free on init error
- CVE: https://access.redhat.com/security/cve/CVE-2025-22097
- Patch: rhel8/4.18.0-553.70.1.el8_10/CVE-2025-22097-drm-vkms-fix-use-after-free-and-double-free-on-init-error-kpatch.patch
- From: 4.18.0-553.70.1.el8_10
- CVE-2025-37914
- Description:
net_sched: ets: Fix double list add in class with netem as child qdisc
- CVE: https://access.redhat.com/security/cve/CVE-2025-37914
- Patch: rhel8/4.18.0-553.70.1.el8_10/CVE-2025-37914-net_sched-ets-fix-double-list-add-in-class-with-netem-as-child-qdisc.patch
- From: 4.18.0-553.70.1.el8_10
- CVE-2025-38380
- Description:
i2c/designware: Fix an initialization issue
- CVE: https://access.redhat.com/security/cve/CVE-2025-38380
- Patch: rhel8/4.18.0-553.70.1.el8_10/CVE-2025-38380-i2c-designware-Fix-an-initialization-issue.patch
- From: 4.18.0-553.70.1.el8_10
- CVE-2025-38250
- Description:
Bluetooth: hci_core: Fix use-after-free in vhci_flush()
- CVE: https://access.redhat.com/security/cve/CVE-2025-38250
- Patch: rhel8/4.18.0-553.70.1.el8_10/CVE-2025-38250-bluetooth-hci-core-fix-use-after-free-in-vhci-flush-553.58.1.patch
- From: 5.14.0-570.35.1.el9_6
- CVE-2025-22058
- Description:
udp: Fix memory accounting leak.
- CVE: https://access.redhat.com/security/cve/CVE-2025-22058
- Patch: rhel8/4.18.0-553.71.1.el8_10/CVE-2025-22058-udp-Fix-memory-accounting-leak.patch
- From: kernel-4.18.0-553.71.1.el8_10
- CVE-2025-38200
- Description:
i40e: fix MMIO write access to an invalid page in i40e_clear_hw
- CVE: https://access.redhat.com/security/cve/CVE-2025-38200
- Patch: rhel8/4.18.0-553.71.1.el8_10/CVE-2025-38200-i40e-fix-MMIO-write-access-to-an-invalid-page-in-i40e_clear_hw.patch
- From: kernel-4.18.0-553.71.1.el8_10
- CVE-2025-38477
- Description:
net/sched: sch_qfq: Fix race condition on qfq_aggregate
- CVE: https://access.redhat.com/security/cve/CVE-2025-38477
- Patch: rhel8/4.18.0-553.72.1.el8_10/CVE-2025-38477-net-sched-sch_qfq-Fix-race-condition-on-qfq_aggregate.patch
- From: 4.18.0-553.72.1.el8_10
- CVE-2025-38477
- Description:
net/sched: sch_qfq: Fix race condition on qfq_aggregate
- CVE: https://access.redhat.com/security/cve/CVE-2025-38477
- Patch: rhel8/4.18.0-553.72.1.el8_10/CVE-2025-38477-net-sched-sch_qfq-Avoid-triggering-might_sleep-in-atomic-context-in-qfq_delete_class.patch
- From: 4.18.0-553.72.1.el8_10
- CVE-2025-38464
- Description:
tipc: Fix use-after-free in tipc_conn_close().
- CVE: https://access.redhat.com/security/cve/CVE-2025-38464
- Patch: rhel8/4.18.0-553.72.1.el8_10/CVE-2025-38464-tipc-fix-use-after-free-in-tipc-conn-close.patch
- From: 4.18.0-553.72.1.el8_10
- CVE-2025-38211
- Description:
RDMA/iwcm: Fix a use-after-free related to destroying CM IDs
- CVE: https://access.redhat.com/security/cve/CVE-2025-38211
- Patch: rhel8/4.18.0-553.72.1.el8_10/CVE-2025-38211-rdma-iwcm-Fix-a-use-after-free-related-to-destroying-CM-IDs.patch
- From: 4.18.0-553.72.1.el8_10
- CVE-2025-38211
- Description:
RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction
- CVE: https://access.redhat.com/security/cve/CVE-2025-38211
- Patch: rhel8/4.18.0-553.72.1.el8_10/CVE-2025-38211-rdma-iwcm-fix-use-after-free-of-work-objects-after-cm-id-destruction.patch
- From: 4.18.0-553.72.1.el8_10
- CVE-2025-38332
- Description:
scsi: lpfc: Use memcpy() for BIOS version
- CVE: https://access.redhat.com/security/cve/CVE-2025-38332
- Patch: rhel8/4.18.0-553.72.1.el8_10/CVE-2025-38332-scsi-lpfc-use-memcpy-for-bios-version.patch
- From: 4.18.0-553.72.1.el8_10
- CVE-2022-49985
- Description:
bpf: Don't use tnum_range on array range checking for poke descriptors
- CVE: https://access.redhat.com/security/cve/CVE-2022-49985
- Patch: rhel8/4.18.0-553.74.1.el8_10/CVE-2022-49985-bpf-don-t-use-tnum_range-on-array-range-checking-for-poke-descriptors.patch
- From: 4.18.0-553.74.1.el8_10
- CVE-2025-38352
- Description:
posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()
- CVE: https://access.redhat.com/security/cve/CVE-2025-38352
- Patch: rhel8/4.18.0-553.74.1.el8_10/CVE-2025-38352-posix-cpu-timers-fix-race-between-handle_posix_cpu_timers-and-posix_cpu_timer_del.patch
- From: 4.18.0-553.74.1.el8_10
- CVE-2023-53125
- Description:
net: usb: smsc75xx: Limit packet length to skb->len
- CVE: https://access.redhat.com/security/cve/CVE-2023-53125
- Patch: rhel8/4.18.0-553.75.1.el8_10/CVE-2023-53125-net-usb-smsc75xx-Limit-packet-length-to-skb-len.patch
- From: kernel-4.18.0-553.75.1.el8_10
- CVE-2023-53125
- Description:
net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull
- CVE: https://access.redhat.com/security/cve/CVE-2023-53125
- Patch: rhel8/4.18.0-553.75.1.el8_10/CVE-2023-53125-net-usb-smsc75xx-Move-packet-length-check-to-prevent-kernel-panic-in-skb_pull.patch
- From: kernel-4.18.0-553.75.1.el8_10
- CVE-2025-38350
- Description:
sch_qfq: make qfq_qlen_notify() idempotent
- CVE: https://access.redhat.com/security/cve/CVE-2025-38350
- Patch: rhel8/4.18.0-553.75.1.el8_10/CVE-2025-38350-sch_qfq-make-qfq_qlen_notify-idempotent.patch
- From: kernel-4.18.0-553.75.1.el8_10
- CVE-2025-38350
- Description:
sch_cbq: make cbq_qlen_notify() idempotent
- CVE: https://access.redhat.com/security/cve/CVE-2025-38350
- Patch: rhel8/4.18.0-553.75.1.el8_10/CVE-2025-38350-sch_cbq-make-cbq_qlen_notify-idempotent.patch
- From: kernel-4.18.0-553.75.1.el8_10
- CVE-2025-38350
- Description:
sch_htb: make htb_qlen_notify() idempotent
- CVE: https://access.redhat.com/security/cve/CVE-2025-38350
- Patch: rhel8/4.18.0-553.75.1.el8_10/CVE-2025-38350-sch_htb-make-htb_qlen_notify-idempotent.patch
- From: kernel-4.18.0-553.75.1.el8_10
- CVE-2025-38350
- Description:
sch_htb: make htb_deactivate() idempotent
- CVE: https://access.redhat.com/security/cve/CVE-2025-38350
- Patch: rhel8/4.18.0-553.75.1.el8_10/CVE-2025-38350-sch_htb-make-htb_deactivate-idempotent.patch
- From: kernel-4.18.0-553.75.1.el8_10
- CVE-2025-38350
- Description:
sch_hfsc: make hfsc_qlen_notify() idempotent
- CVE: https://access.redhat.com/security/cve/CVE-2025-38350
- Patch: rhel8/4.18.0-553.75.1.el8_10/CVE-2025-38350-sch_hfsc-make-hfsc_qlen_notify-idempotent.patch
- From: kernel-4.18.0-553.75.1.el8_10
- CVE-2025-38350
- Description:
sch_ets: make est_qlen_notify() idempotent
- CVE: https://access.redhat.com/security/cve/CVE-2025-38350
- Patch: rhel8/4.18.0-553.75.1.el8_10/CVE-2025-38350-sch_ets-make-est_qlen_notify-idempotent.patch
- From: kernel-4.18.0-553.75.1.el8_10
- CVE-2025-38350
- Description:
sch_drr: make drr_qlen_notify() idempotent
- CVE: https://access.redhat.com/security/cve/CVE-2025-38350
- Patch: rhel8/4.18.0-553.75.1.el8_10/CVE-2025-38350-sch_drr-make-drr_qlen_notify-idempotent.patch
- From: kernel-4.18.0-553.75.1.el8_10
- CVE-2025-38350
- Description:
net/sched: Always pass notifications when child class becomes empty
- CVE: https://access.redhat.com/security/cve/CVE-2025-38350
- Patch: rhel8/4.18.0-553.75.1.el8_10/CVE-2025-38350-net-sched-always-pass-notifications-when-child-class-becomes-empty.patch
- From: kernel-4.18.0-553.75.1.el8_10
- CVE-2025-38449
- Description:
requires a very complex adaptation
- CVE:
- Patch: skipped/CVE-2025-38449.patch
- From:
- CVE-2025-38392
- Description:
idpf: convert control queue mutex to a spinlock
- CVE: https://access.redhat.com/security/cve/CVE-2025-38392
- Patch: rhel8/4.18.0-553.75.1.el8_10/CVE-2025-38392-idpf-convert-control-queue-mutex-to-a-spinlock.patch
- From: 4.18.0-553.75.1.el8_10
- CVE-2025-38461
- Description:
vsock: Fix transport_* TOCTOU
- CVE: https://access.redhat.com/security/cve/CVE-2025-38461
- Patch: rhel8/4.18.0-553.76.1.el8_10/CVE-2025-38461-vsock-Fix-transport_-TOCTOU.patch
- From: kernel-4.18.0-553.76.1.el8_10
- CVE-2025-38498
- Description:
vsock: Fix transport_* TOCTOU
- CVE: https://access.redhat.com/security/cve/CVE-2025-38498
- Patch: rhel8/4.18.0-553.76.1.el8_10/CVE-2025-38498-do_change_type-refuse-to-operate-on-unmounted-not-ours-mounts.patch
- From: kernel-4.18.0-553.76.1.el8_10
- CVE-2025-38498
- Description:
use uniform permission checks for all mount propagation changes
- CVE: https://access.redhat.com/security/cve/CVE-2025-38498
- Patch: rhel8/4.18.0-553.76.1.el8_10/CVE-2025-38498-use-uniform-permission-checks-for-all-mount-propagation-changes.patch
- From: kernel-4.18.0-553.76.1.el8_10
- CVE-2025-38556
- Description:
HID: core: Harden s32ton() against conversion to 0 bits
- CVE: https://access.redhat.com/security/cve/CVE-2025-38556
- Patch: rhel8/4.18.0-553.76.1.el8_10/CVE-2025-38556-core-Harden-s32ton-against-conversion-to-0-bits.patch
- From: kernel-4.18.0-553.76.1.el8_10
- CVE-2025-38556
- Description:
HID: core: fix shift-out-of-bounds in hid_report_raw_event
- CVE: https://access.redhat.com/security/cve/CVE-2025-38556
- Patch: rhel8/4.18.0-553.76.1.el8_10/CVE-2025-38556-HID-core-fix-shift-out-of-bounds-in-hid_report_raw_event.patch
- From: kernel-4.18.0-553.76.1.el8_10
- CVE-2025-38718
- Description:
sctp: linearize cloned gso packets in sctp_rcv
- CVE: https://access.redhat.com/security/cve/CVE-2025-38718
- Patch: rhel8/4.18.0-553.77.1.el8_10/CVE-2025-38718-sctp-linearize-cloned-gso-packets-in-sctp-rcv.patch
- From: 4.18.0-553.77.1.el8_10
- CVE-2025-22026
- Description:
Out of scope: not affected
- CVE:
- Patch: skipped/CVE-2025-22026.patch
- From:
- CVE-2025-37797
- Description:
net_sched: hfsc: Fix a UAF vulnerability in class handling
- CVE: https://access.redhat.com/security/cve/CVE-2025-37797
- Patch: rhel8/4.18.0-553.77.1.el8_10/CVE-2025-37797-net_sched-hfsc-Fix-a-UAF-vulnerability-in-class-handling.patch
- From: 4.18.0-553.77.1.el8_10
- CVE-2022-50087
- Description:
Out of scope: not affected
- CVE:
- Patch: skipped/CVE-2022-50087.patch
- From:
- CVE-2025-39730
- Description:
NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()
- CVE: https://access.redhat.com/security/cve/CVE-2025-39730
- Patch: rhel8/4.18.0-553.78.1.el8_10/CVE-2025-39730-NFS-Fix-filehandle-bounds-checking-in-nfs_fh_to_dentry.patch
- From: 4.18.0-553.78.1.el8_10
- CVE-2025-38527
- Description:
smb: client: fix use-after-free in cifs_oplock_break
- CVE: https://access.redhat.com/security/cve/CVE-2025-38527
- Patch: rhel8/4.18.0-553.78.1.el8_10/CVE-2025-38527-smb-client-fix-use-after-free-in-cifs_oplock_break.patch
- From: 4.18.0-553.78.1.el8_10
- CVE-2023-53305 CVE-2022-50386
- Description:
Bluetooth: L2CAP: Fix use-after-free
- CVE: https://access.redhat.com/security/cve/CVE-2022-50386
- Patch: rhel8/4.18.0-553.79.1.el8_10/CVE-2023-53305-bluetooth-l2cap-fix-use-after-free.patch
- From: 4.18.0-553.79.1.el8_10
- CVE-2022-50228
- Description:
KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0
- CVE: https://access.redhat.com/security/cve/CVE-2022-50228
- Patch: rhel8/4.18.0-553.79.1.el8_10/CVE-2022-50228-KVM-SVM-dont-BUG-if-userspace-injects-an-interrupt.patch
- From: 4.18.0-553.79.1.el8_10
- CVE-2023-53373
- Description:
crypto: seqiv - Handle EBUSY correctly
- CVE: https://access.redhat.com/security/cve/CVE-2023-53373
- Patch: rhel8/4.18.0-553.80.1.el8_10/CVE-2023-53373-crypto-seqiv-handle-ebusy-correctly.patch
- From: 4.18.0-553.80.1.el8_10
- CVE-2025-39751
- Description:
This CVE has been rejected or withdrawn by its CVE Numbering Authority as per NVD website
- CVE:
- Patch: skipped/CVE-2025-39751.patch
- From:
- CVE-2025-39757
- Description:
ALSA: usb-audio: Validate UAC3 cluster segment descriptors
- CVE: https://access.redhat.com/security/cve/CVE-2025-39757
- Patch: rhel8/4.18.0-553.80.1.el8_10/CVE-2025-39757-ALSA-usb-audio-Validate-UAC3-cluster-segment-descriptors.patch
- From: 4.18.0-553.80.1.el8_10
- CVE-2025-39757
- Description:
ALSA: usb-audio: Validate UAC3 cluster segment descriptors
- CVE: https://access.redhat.com/security/cve/CVE-2025-39757
- Patch: rhel8/4.18.0-553.80.1.el8_10/CVE-2025-39757-ALSA-usb-audio-Fix-size-validation-in-convert_chmap_v3.patch
- From: 4.18.0-553.80.1.el8_10
- CVE-2023-53297
- Description:
Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp
- CVE: https://access.redhat.com/security/cve/CVE-2023-53297
- Patch: rhel8/4.18.0-553.81.1.el8_10/CVE-2023-53297-Bluetooth-L2CAP-fix-bad-unlock-balance-in-l2cap_disconnect_rsp.patch
- From: 4.18.0-553.81.1.el8_10
- CVE-2025-39817
- Description:
efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare
- CVE: https://access.redhat.com/security/cve/CVE-2025-39817
- Patch: rhel8/4.18.0-553.81.1.el8_10/CVE-2025-39817-efivarfs-fix-slab-out-of-bounds-in-efivarfs-d-compare.patch
- From: 4.18.0-553.81.1.el8_10
- CVE-2025-39841
- Description:
scsi: lpfc: Fix buffer free/clear order in deferred receive path
- CVE: https://access.redhat.com/security/cve/CVE-2025-39841
- Patch: rhel8/4.18.0-553.81.1.el8_10/CVE-2025-39841-scsi-lpfc-fix-buffer-free-clear-order-in-deferred-receive-path.patch
- From: 4.18.0-553.81.1.el8_10
- CVE-2025-39849
- Description:
wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result()
- CVE: https://access.redhat.com/security/cve/CVE-2025-39849
- Patch: rhel8/4.18.0-553.81.1.el8_10/CVE-2025-39849-wifi-cfg80211-sme-cap-ssid-length-in-cfg80211-connect-result.patch
- From: 4.18.0-553.81.1.el8_10
- CVE-2023-53386
- Description:
Bluetooth: Fix potential use-after-free when clear keys
- CVE: https://access.redhat.com/security/cve/CVE-2023-53386
- Patch: rhel8/4.18.0-553.81.1.el8_10/CVE-2023-53386-Bluetooth-Fix-potential-use-after-free-when-clear-keys.patch
- From: 4.18.0-553.81.1.el8_10
- CVE-2025-39864
- Description:
wifi: cfg80211: fix use-after-free in cmp_bss()
- CVE: https://access.redhat.com/security/cve/CVE-2025-39864
- Patch: rhel8/4.18.0-553.82.1.el8_10/CVE-2025-39864-wifi-cfg80211-fix-use-after-free-in-cmp-bss.patch
- From: 4.18.0-553.82.1.el8_10
- CVE-2023-53226
- Description:
wifi: mwifiex: Fix OOB and integer underflow when rx packets
- CVE: https://access.redhat.com/security/cve/CVE-2023-53226
- Patch: rhel8/4.18.0-553.82.1.el8_10/CVE-2023-53226-wifi-mwifiex-Fix-OOB-and-integer-underflow-when-rx-packets.patch
- From: 4.18.0-553.82.1.el8_10
- CVE-2023-53226
- Description:
wifi: mwifiex: Fix missed return in oob checks failed path
- CVE: https://access.redhat.com/security/cve/CVE-2023-53226
- Patch: rhel8/4.18.0-553.82.1.el8_10/CVE-2023-53226-wifi-mwifiex-Fix-missed-return-in-oob-checks-failed-path.patch
- From: 4.18.0-553.82.1.el8_10
- CVE-2023-53226
- Description:
wifi: mwifiex: Fix OOB and integer underflow when rx packets
- CVE: https://access.redhat.com/security/cve/CVE-2023-53226
- Patch: rhel8/4.18.0-553.82.1.el8_10/CVE-2023-53226-wifi-mwifiex-Fix-oob-check-condition-in-mwifiex_process_rx_packet.patch
- From: 4.18.0-553.82.1.el8_10
- CVE-2023-53257
- Description:
wifi: mac80211: check S1G action frame size
- CVE: https://access.redhat.com/security/cve/CVE-2023-53257
- Patch: rhel8/4.18.0-553.82.1.el8_10/CVE-2023-53257-wifi-mac80211-check-S1G-action-frame-size.patch
- From: 4.18.0-553.82.1.el8_10
- CVE-2023-53751
- Description:
cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname
- CVE: https://access.redhat.com/security/cve/CVE-2023-53751
- Patch: rhel8/4.18.0-553.82.1.el8_10/CVE-2023-53751-cifs-fix-potential-use-after-free-bugs-in-TCP_Server_Info-hostname.patch
- From: 4.18.0-553.82.1.el8_10
- CVE-2023-53751
- Description:
cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname
- CVE: https://access.redhat.com/security/cve/CVE-2023-53751
- Patch: rhel8/4.18.0-553.82.1.el8_10/CVE-2023-53751-cifs-fix-potential-use-after-free-bugs-in-TCP_Server_Info-hostname-kpatch.patch
- From: 4.18.0-553.82.1.el8_10
- CVE-2022-50367
- Description:
fs: fix UAF/GPF bug in nilfs_mdt_destroy
- CVE: https://access.redhat.com/security/cve/CVE-2022-50367
- Patch: rhel8/4.18.0-553.83.1.el8_10/CVE-2022-50367-fs-fix-uaf-gpf-bug-in-nilfs-mdt-destroy.patch
- From: 4.18.0-553.83.1.el8_10
- CVE-2023-53178
- Description:
mm: fix zswap writeback race condition
- CVE: https://access.redhat.com/security/cve/CVE-2023-53178
- Patch: rhel8/4.18.0-553.83.1.el8_10/CVE-2023-53178-mm-fix-zswap-writeback-race-condition.patch
- From: 4.18.0-553.83.1.el8_10
- CVE-2023-53178
- Description:
mm: zswap: fix missing folio cleanup in writeback race path
- CVE: https://access.redhat.com/security/cve/CVE-2023-53178
- Patch: rhel8/4.18.0-553.83.1.el8_10/CVE-2023-53178-mm-zswap-fix-missing-folio-cleanup-in-writeback-race-path.patch
- From: 4.18.0-553.83.1.el8_10
- CVE-2025-39718
- Description:
vsock/virtio: Validate length in packet header before skb_put()
- CVE: https://access.redhat.com/security/cve/CVE-2025-39718
- Patch: rhel8/4.18.0-553.84.1.el8_10/CVE-2025-39718-vsock-virtio-validate-length-in-packet-header-before-skb-put.patch
- From: 4.18.0-553.84.1.el8_10
- CVE-2025-39697
- Description:
NFS: Fix a race when updating an existing write
- CVE: https://access.redhat.com/security/cve/CVE-2025-39697
- Patch: rhel8/4.18.0-553.85.1.el8_10/CVE-2025-39697-nfs-fix-a-race-when-updating-an-existing-write.patch
- From: 4.18.0-553.85.1.el8_10
- CVE-2025-39971
- Description:
i40e: fix idx validation in config queues msg
- CVE: https://access.redhat.com/security/cve/CVE-2025-39971
- Patch: rhel8/4.18.0-553.85.1.el8_10/CVE-2025-39971-i40e-fix-idx-validation-in-config-queues-msg.patch
- From: 4.18.0-553.85.1.el8_10
- CVE-2023-53513
- Description:
nbd: fix incomplete validation of ioctl arg
- CVE: https://access.redhat.com/security/cve/CVE-2023-53513
- Patch: rhel8/4.18.0-553.87.1.el8_10/CVE-2023-53513-nbd-fix-incomplete-validation-of-ioctl-arg.patch
- From: 4.18.0-553.87.1.el8_10
- CVE-2025-39825
- Description:
smb: client: fix race with concurrent opens in rename(2)
- CVE: https://access.redhat.com/security/cve/CVE-2025-39825
- Patch: rhel8/4.18.0-553.87.1.el8_10/CVE-2025-39825-smb-client-fix-race-with-concurrent-opens-in-rename2.patch
- From: 4.18.0-553.87.1.el8_10
- CVE-2025-38724
- Description:
nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()
- CVE: https://access.redhat.com/security/cve/CVE-2025-38724
- Patch: rhel8/4.18.0-553.87.1.el8_10/CVE-2025-38724-nfsd-handle-get_client_locked-failure-in-nfsd4_setclientid_confirm.patch
- From: 4.18.0-553.87.1.el8_10
- CVE-2025-39898
- Description:
e1000e: fix heap overflow in e1000_set_eeprom
- CVE: https://access.redhat.com/security/cve/CVE-2025-39898
- Patch: rhel8/4.18.0-553.87.1.el8_10/CVE-2025-39898-e1000e-fix-heap-overflow-in-e1000_set_eeprom.patch
- From: 4.18.0-553.87.1.el8_10
- CVE-2025-39883
- Description:
mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory
- CVE: https://access.redhat.com/security/cve/CVE-2025-39883
- Patch: rhel8/4.18.0-553.87.1.el8_10/CVE-2025-39883-mm-memory-failure-fix-VM_BUG_ON_PAGE-when-unpoison-memory.patch
- From: 4.18.0-553.87.1.el8_10
- CVE-2025-39955
- Description:
tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect().
- CVE: https://access.redhat.com/security/cve/CVE-2025-39955
- Patch: rhel8/4.18.0-553.87.1.el8_10/CVE-2025-39955-tcp-clear-tcp_sk-sk-fastopen_rsk-in-tcp_disconnect.patch
- From: 4.18.0-553.87.1.el8_10
- CVE-2025-39955
- Description:
tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request().
- CVE: https://access.redhat.com/security/cve/CVE-2025-39955
- Patch: rhel8/4.18.0-553.87.1.el8_10/CVE-2025-39955-tcp-don-t-call-reqsk_fastopen_remove-in-tcp_conn_request.patch
- From: 4.18.0-553.87.1.el8_10
- CVE-2022-50543
- Description:
RDMA/rxe: Fix mr->map double free
- CVE: https://access.redhat.com/security/cve/CVE-2022-50543
- Patch: rhel8/4.18.0-553.89.1.el8_10/CVE-2022-50543-rdma-rxe-fix-mr-map-double-free.patch
- From: 4.18.0-553.89.1.el8_10
- CVE-2023-53401
- Description:
mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required()
- CVE: https://access.redhat.com/security/cve/CVE-2023-53401
- Patch: rhel8/4.18.0-553.89.1.el8_10/CVE-2023-53401-mm-kmem-fix-a-null-pointer-dereference-in-obj-stock-flush-required.patch
- From: 4.18.0-553.89.1.el8_10
- CVE-2023-53539
- Description:
RDMA/rxe: Fix incomplete state save in rxe_requester
- CVE: https://access.redhat.com/security/cve/CVE-2023-53539
- Patch: rhel8/4.18.0-553.89.1.el8_10/CVE-2023-53539-rdma-rxe-fix-incomplete-state-save-in-rxe-requester.patch
- From: 4.18.0-553.89.1.el8_10
- CVE-2025-40240
- Description:
sctp: avoid NULL dereference when chunk data buffer is missing
- CVE: https://access.redhat.com/security/cve/CVE-2025-40240
- Patch: rhel8/4.18.0-553.92.1.el8_10/CVE-2025-40240-sctp-avoid-null-dereference-when-chunk-data-buffer-is-missing.patch
- From: 4.18.0-553.92.1.el8_10
- CVE-2025-68285
- Description:
libceph: fix potential use-after-free in have_mon_and_osd_map()
- CVE: https://access.redhat.com/security/cve/CVE-2025-68285
- Patch: rhel8/4.18.0-553.92.1.el8_10/CVE-2025-68285-libceph-fix-potential-use-after-free-in-have-mon-and-osd-map.patch
- From: 4.18.0-553.92.1.el8_10
- CVE-2025-68285
- Description:
libceph: fix potential use-after-free in have_mon_and_osd_map()
- CVE: https://access.redhat.com/security/cve/CVE-2025-68285
- Patch: rhel8/4.18.0-553.92.1.el8_10/CVE-2025-68285-libceph-fix-potential-use-after-free-in-have-mon-and-osd-map-kpatch.patch
- From: 4.18.0-553.92.1.el8_10
- CVE-2025-39993
- Description:
media: rc: fix races with imon_disconnect()
- CVE: https://access.redhat.com/security/cve/CVE-2025-39993
- Patch: rhel8/4.18.0-553.92.1.el8_10/CVE-2025-39993-media-rc-fix-races-with-imon-disconnect-kpatch.patch
- From: 4.18.0-553.92.1.el8_10
- CVE-2023-53552
- Description:
Complex adaptation required.
- CVE:
- Patch: skipped/CVE-2023-53552.patch
- From:
- CVE-2025-40096
- Description:
drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies
- CVE: https://access.redhat.com/security/cve/CVE-2025-40096
- Patch: rhel8/4.18.0-553.94.1.el8_10/CVE-2025-40096-drm-sched-fix-potential-double-free-in-drm-sched.patch
- From: 4.18.0-553.94.1.el8_10
- CVE-2025-68301
- Description:
net: atlantic: fix fragment overflow handling in RX path
- CVE: https://access.redhat.com/security/cve/CVE-2025-68301
- Patch: rhel8/4.18.0-553.94.1.el8_10/CVE-2025-68301-net-atlantic-fix-fragment-overflow-handling-in-rx-path.patch
- From: 4.18.0-553.94.1.el8_10
- CVE-2025-38051
- Description:
smb: client: Fix use-after-free in cifs_fill_dirent
- CVE: https://access.redhat.com/security/cve/CVE-2025-38051
- Patch: rhel8/4.18.0-553.94.1.el8_10/CVE-2025-38051-smb-client-fix-use-after-free-in-cifs-fill-dirent.patch
- From: 4.18.0-553.94.1.el8_10
- CVE-2025-39933
- Description:
smb: client: let recv_done verify data_offset, data_length and remaining_data_length
- CVE: https://access.redhat.com/security/cve/CVE-2025-39933
- Patch: rhel8/4.18.0-553.94.1.el8_10/CVE-2025-39933-smb-client-let-recv-done-verify-data-offset.patch
- From: 4.18.0-553.94.1.el8_10
- CVE-2025-40248
- Description:
vsock: Ignore signal/timeout on connect() if already established
- CVE: https://access.redhat.com/security/cve/CVE-2025-40248
- Patch: rhel8/4.18.0-553.97.1.el8_10/CVE-2025-40248-vsock-ignore-signal-timeout-on-connect-if-already-established.patch
- From: 4.18.0-553.97.1.el8_10
- CVE-2025-40277
- Description:
drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE
- CVE: https://access.redhat.com/security/cve/CVE-2025-40277
- Patch: rhel8/4.18.0-553.97.1.el8_10/CVE-2025-40277-drm-vmwgfx-validate-command-header-size-against-svga-cmd-max-datasize.patch
- From: 4.18.0-553.97.1.el8_10
- CVE-2023-53673
- Description:
Bluetooth: hci_event: call disconnect callback before deleting conn
- CVE: https://access.redhat.com/security/cve/CVE-2023-53673
- Patch: rhel8/4.18.0-553.97.1.el8_10/CVE-2023-53673-bluetooth-hci-event-call-disconnect-callback-before-deleting-conn.patch
- From: 4.18.0-553.97.1.el8_10
- CVE-2025-40154
- Description:
ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping
- CVE: https://access.redhat.com/security/cve/CVE-2025-40154
- Patch: rhel8/4.18.0-553.97.1.el8_10/CVE-2025-40154-asoc-intel-bytcr-rt5640-fix-invalid-quirk-input-mapping.patch
- From: 4.18.0-553.97.1.el8_10
- CVE-2022-50865
- Description:
tcp: fix a signed-integer-overflow bug in tcp_add_backlog()
- CVE: https://access.redhat.com/security/cve/CVE-2022-50865
- Patch: rhel8/4.18.0-553.100.1.el8_10/CVE-2022-50865-tcp-fix-a-signed-integer-overflow-bug-in-tcp_add_backlog.patch
- From: 4.18.0-553.100.1.el8_10
- CVE-2025-38415
- Description:
Squashfs: check return result of sb_min_blocksize
- CVE: https://access.redhat.com/security/cve/CVE-2025-38415
- Patch: rhel8/4.18.0-553.100.1.el8_10/CVE-2025-38415-squashfs-check-return-result-of-sb_min_blocksize.patch
- From: 4.18.0-553.100.1.el8_10
- CVE-2025-38415
- Description:
squashfs: fix memory leak in squashfs_fill_super
- CVE: https://access.redhat.com/security/cve/CVE-2025-38415
- Patch: rhel8/4.18.0-553.100.1.el8_10/CVE-2025-38415-squashfs-fix-memory-leak-in-squashfs_fill_super.patch
- From: 4.18.0-553.100.1.el8_10
- CVE-2025-38415
- Description:
Squashfs: check return result of sb_min_blocksize
- CVE: https://access.redhat.com/security/cve/CVE-2025-38415
- Patch: rhel8/4.18.0-553.100.1.el8_10/CVE-2025-38415-squashfs-check-return-result-of-sb_min_blocksize-kpatch.patch
- From: 4.18.0-553.100.1.el8_10
- CVE-2024-26766
- Description:
IB/hfi1: Fix sdma.h tx->num_descs off-by-one error
- CVE: https://access.redhat.com/security/cve/CVE-2024-26766
- Patch: rhel8/4.18.0-553.100.1.el8_10/CVE-2024-26766-ib-hfi1-fix-sdma-h-tx-num-descs-off-by-one-error.patch
- From: 4.18.0-553.100.1.el8_10
- CVE-2025-38022
- Description:
RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem
- CVE: https://access.redhat.com/security/cve/CVE-2025-38022
- Patch: rhel8/4.18.0-553.100.1.el8_10/CVE-2025-38022-rdma-core-fix-kasan-slab-use-after-free-read-in-ib-register-device-problem.patch
- From: 4.18.0-553.100.1.el8_10
- CVE-2025-38024
- Description:
RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug
- CVE: https://access.redhat.com/security/cve/CVE-2025-38024
- Patch: rhel8/4.18.0-553.100.1.el8_10/CVE-2025-38024-rdma-rxe-fix-slab-use-after-free-read-in-rxe-queue-cleanup-bug.patch
- From: 4.18.0-553.100.1.el8_10
- CVE-2025-38459
- Description:
atm: clip: Fix infinite recursive call of clip_push().
- CVE: https://access.redhat.com/security/cve/CVE-2025-38459
- Patch: rhel8/4.18.0-553.100.1.el8_10/CVE-2025-38459-atm-clip-fix-infinite-recursive-call-of-clip-push.patch
- From: 4.18.0-553.100.1.el8_10
- CVE-2025-39760
- Description:
usb: core: config: Prevent OOB read in SS endpoint companion parsing
- CVE: https://access.redhat.com/security/cve/CVE-2025-39760
- Patch: rhel8/4.18.0-553.100.1.el8_10/CVE-2025-39760-usb-core-config-prevent-oob-read-in-ss-endpoint-companion-parsing.patch
- From: 4.18.0-553.100.1.el8_10
- CVE-2025-40258
- Description:
mptcp: fix race condition in mptcp_schedule_work()
- CVE: https://access.redhat.com/security/cve/CVE-2025-40258
- Patch: rhel8/4.18.0-553.100.1.el8_10/CVE-2025-40258-mptcp-fix-race-condition-in-mptcp-schedule-work.patch
- From: 4.18.0-553.100.1.el8_10
- CVE-2025-40271
- Description:
fs/proc: fix uaf in proc_readdir_de()
- CVE: https://access.redhat.com/security/cve/CVE-2025-40271
- Patch: rhel8/4.18.0-553.100.1.el8_10/CVE-2025-40271-fs-proc-fix-uaf-in-proc-readdir-de.patch
- From: 4.18.0-553.100.1.el8_10
- CVE-2025-40322
- Description:
fbdev: bitblit: bound-check glyph index in bit_putcs*
- CVE: https://access.redhat.com/security/cve/CVE-2025-40322
- Patch: rhel8/4.18.0-553.100.1.el8_10/CVE-2025-40322-fbdev-bitblit-bound-check-glyph-index-in-bit-putcs.patch
- From: 4.18.0-553.100.1.el8_10
- CVE-2022-50673
- Description:
ext4: fix use-after-free in ext4_orphan_cleanup
- CVE: https://access.redhat.com/security/cve/CVE-2022-50673
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2022-50673-ext4-fix-use-after-free-in-ext4_orphan_cleanup.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-38403
- Description:
vsock/vmci: Clear the vmci transport packet properly when initializing it
- CVE: https://access.redhat.com/security/cve/CVE-2025-38403
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-38403-vsock-vmci-clear-the-vmci-transport-packet-properly-when-initializing-it.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40269
- Description:
ALSA: usb-audio: Fix potential overflow of PCM transfer buffer
- CVE: https://access.redhat.com/security/cve/CVE-2025-40269
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-40269-alsa-usb-audio-fix-potential-overflow-of-pcm-transfer-buffer.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-68349
- Description:
NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid
- CVE: https://access.redhat.com/security/cve/CVE-2025-68349
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-68349-nfsv4-pnfs-clear-nfs-ino-layoutcommit-in-pnfs-mark-layout-stateid-invalid.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2026-22998
- Description:
nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec
- CVE: https://access.redhat.com/security/cve/CVE-2026-22998
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2026-22998-nvme-tcp-fix-null-pointer-dereferences-in-nvmet-tcp-build-pdu-iovec.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40158
- Description:
net: dst: add four helpers to annotate data-races around dst->dev
- CVE: https://access.redhat.com/security/cve/CVE-2025-40158
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-40158-01-net-dst-add-four-helpers-to-annotate-data-races.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40158
- Description:
net: Add locking to protect skb->dev access in ip_output
- CVE: https://access.redhat.com/security/cve/CVE-2025-40158
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-40158-02-net-add-locking-to-protect-skb-dev-access-in-ip_output.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40158
- Description:
net: gain ipv4 mtu when mtu is not locked
- CVE: https://access.redhat.com/security/cve/CVE-2025-40158
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-40158-03-net-gain-ipv4-mtu-when-mtu-is-not-locked.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40158
- Description:
ipv4: use RCU protection in __ip_rt_update_pmtu()
- CVE: https://access.redhat.com/security/cve/CVE-2025-40158
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-40158-03-ipv4-use-RCU-protection-in-__ip_rt_update_pmtu.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40158
- Description:
net: dst: introduce dst->dev_rcu
- CVE: https://access.redhat.com/security/cve/CVE-2025-40158
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-40158-04-net-dst-introduce-dst-dev_rcu.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40158
- Description:
ipv6: use RCU in ip6_output()
- CVE: https://access.redhat.com/security/cve/CVE-2025-40158
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-40158-ipv6-use-RCU-in-ip6_output.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40135
- Description:
ipv6: use RCU in ip6_xmit()
- CVE: https://access.redhat.com/security/cve/CVE-2025-40135
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-40135-ipv6-use-RCU-in-ip6_xmit.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40170
- Description:
net: use dst_dev_rcu() in sk_setup_caps()
- CVE: https://access.redhat.com/security/cve/CVE-2025-40170
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-40170-00-optimize-kpatch.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40170
- Description:
ipv4: add RCU protection to ip4_dst_hoplimit()
- CVE: https://access.redhat.com/security/cve/CVE-2025-40170
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-40170-01-ipv4-add-RCU-protection-to-ip4_dst_hoplimit.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40170
- Description:
ipv4: use RCU protection in ip_dst_mtu_maybe_forward()
- CVE: https://access.redhat.com/security/cve/CVE-2025-40170
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-40170-02-ipv4-use-RCU-protection-in-ip_dst_mtu_maybe_forward.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40170
- Description:
net: use dst_dev_rcu() in sk_setup_caps()
- CVE: https://access.redhat.com/security/cve/CVE-2025-40170
- Patch: rhel8/4.18.0-553.104.1.el8_10/CVE-2025-40170-net-use-dst_dev_rcu-in-sk_setup_caps.patch
- From: 4.18.0-553.104.1.el8_10
- CVE-2025-40168
- Description:
smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match().
- CVE: https://access.redhat.com/security/cve/CVE-2025-40168
- Patch: rhel8/4.18.0-553.105.1.el8_10/CVE-2025-40168-smc-use-sk-dst-get-and-dst-dev-rcu-in-smc-clc-prfx-match.patch
- From: 4.18.0-553.105.1.el8_10
- CVE-2025-40304
- Description:
fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds
- CVE: https://access.redhat.com/security/cve/CVE-2025-40304
- Patch: rhel8/4.18.0-553.105.1.el8_10/CVE-2025-40304-fbdev-add-bounds-checking-in-bit-putcs-to-fix-vmalloc-out-of-bounds.patch
- From: 4.18.0-553.105.1.el8_10
- CVE-2025-40064
- Description:
smc: Fix use-after-free in __pnet_find_base_ndev().
- CVE: https://access.redhat.com/security/cve/CVE-2025-40064
- Patch: rhel8/4.18.0-553.107.1.el8_10/CVE-2025-40064-smc-fix-use-after-free-in-pnet-find-base-ndev.patch
- From: 4.18.0-553.107.1.el8_10
- CVE-2025-68800
- Description:
mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats
- CVE: https://access.redhat.com/security/cve/CVE-2025-68800
- Patch: rhel8/4.18.0-553.107.1.el8_10/CVE-2025-68800-mlxsw-spectrum-mr-fix-use-after-free-when-updating-multicast-route-stats.patch
- From: 4.18.0-553.107.1.el8_10
- CVE-2026-23074
- Description:
net/sched: Enforce that teql can only be used as root qdisc
- CVE: https://access.redhat.com/security/cve/CVE-2026-23074
- Patch: rhel8/4.18.0-553.107.1.el8_10/CVE-2026-23074-net-sched-enforce-that-teql-can-only-be-used-as-root-qdisc.patch
- From: 4.18.0-553.107.1.el8_10
- CVE-2025-38248
- Description:
bridge: mcast: Fix use-after-free during router port configuration
- CVE: https://access.redhat.com/security/cve/CVE-2025-38248
- Patch: rhel8/4.18.0-553.107.1.el8_10/CVE-2025-38248-bridge-mcast-fix-use-after-free-during-router-port-configuration.patch
- From: 4.18.0-553.107.1.el8_10
- N/A
- Description:
x86 xen add xenpv restore regs and return to usermode
- CVE: N/A
- Patch: 4.18.0/x86-xen-Add-xenpv_restore_regs_and_return_to_usermode-el8-372.patch
- From: N/A
- N/A
- Description:
kpatch add alt asm definitions
- CVE: https://www.kernel.org
- Patch: 4.18.0/kpatch-add-alt-asm-definitions-el8-372.patch
- From: N/A