OS: cl7 kernel: kernel-3.10.0-427.10.1.lve1.4.19.el7 time: 2016-12-20 20:30:20 uname: 3.10.0-427.28.2.lve1.4.24.el7 kpatch-name: 3.10.0/keys-fix-asn1-indefinite-length-object-parsing.patch kpatch-description: KEYS: Fix ASN.1 indefinite length object parsing kpatch-kernel: kernel-3.10.0-327.18.2.el7 kpatch-cve: CVE-2016-0758 kpatch-cvss: 7.2 kpatch-cve-url: https://access.redhat.com/security/cve/cve-2016-0758 kpatch-patch-url: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/patch/?id=23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa kpatch-name: 3.10.0/fs-pnodec-treat-zero-mnt_group_id-s-as-unequal-427.patch kpatch-description: fs/pnode.c: treat zero mnt_group_id-s as unequal kpatch-kernel: >kernel-3.10.0-327.18.2.el7 kpatch-cve: CVE-2016-4581 kpatch-cvss: 4.7 kpatch-cve-url: https://access.redhat.com/security/cve/cve-2016-4581 kpatch-patch-url: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/patch/?id=7ae8fd0351f912b075149a1e03a017be8b903b9a kpatch-name: 3.10.0/propogate_mnt-handle-the-first-propogated-copy-being-a-slave.patch kpatch-description: propogate_mnt: Handle the first propogated copy being a slave kpatch-kernel: >kernel-3.10.0-327.18.2.el7 kpatch-cve: CVE-2016-4581 kpatch-cvss: 4.7 kpatch-cve-url: https://access.redhat.com/security/cve/cve-2016-4581 kpatch-patch-url: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/patch/?id=5ec0811d30378ae104f250bfc9b3640242d81e3f kpatch-name: 3.10.0/ib-security-restrict-use-of-the-write-interface.patch kpatch-description: IB/security: Restrict use of the write() interface kpatch-kernel: kernel-3.10.0-327.22.2.el7 kpatch-cve: CVE-2016-4565 kpatch-cvss: 6.9 kpatch-cve-url: https://access.redhat.com/security/cve/cve-2016-4565 kpatch-patch-url: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/patch/?id=e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3 kpatch-name: 3.10.0/sctp-Prevent-soft-lockup-when-sctp_accept-is-calle.patch kpatch-description: sctp: Prevent soft lockup when sctp_accept() is called during a timeout event kpatch-kernel: kernel-3.10.0-327.22.2.el7 kpatch-cve: CVE-2015-8767 kpatch-cvss: 7.1 kpatch-cve-url: https://access.redhat.com/security/cve/cve-2015-8767 kpatch-patch-url: https://kernel.googlesource.com/pub/scm/linux/kernel/git/horms/ipvs/+/635682a14427d241bab7bbdeebb48a7d7b91638e kpatch-name: 3.10.0/0020-netfilter-x_tables-validate-e-target_offset-early-327.patch kpatch-description: netfilter: x_tables: validate e->target_offset early kpatch-kernel: >kernel-3.10.0-327.22.2.el7 kpatch-cve: CVE-2016-4997 CVE-2016-4998 kpatch-cvss: n/a kpatch-cve-url: http://www.openwall.com/lists/oss-security/2016/06/24/5 kpatch-patch-url: http://git.kernel.org/linus/bdf533de6968e9686df777dc178486f600c6e617 kpatch-name: 3.10.0/0021-netfilter-x_tables-make-sure-e-next_offset-covers-re.patch kpatch-description: netfilter: x_tables: make sure e->next_offset covers remaining blob size kpatch-kernel: >kernel-3.10.0-327.22.2.el7 kpatch-cve: CVE-2016-4997 CVE-2016-4998 kpatch-cvss: n/a kpatch-cve-url: http://www.openwall.com/lists/oss-security/2016/06/24/5 kpatch-patch-url: http://git.kernel.org/linus/6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91 kpatch-name: 3.10.0/0022-netfilter-x_tables-fix-unconditional-helper.patch kpatch-description: netfilter: x_tables: fix unconditional helper kpatch-kernel: >kernel-3.10.0-327.22.2.el7 kpatch-cve: cve-2016-3134 kpatch-cvss: 6.2 kpatch-cve-url: https://access.redhat.com/security/cve/cve-2016-3134 kpatch-patch-url: http://git.kernel.org/linus/54d83fc74aa9ec72794373cb47432c5f7fb1a309 kpatch-name: 3.10.0/0023-netfilter-x_tables-check-for-bogus-target-offset.patch kpatch-description: netfilter: x_tables: check for bogus target offset kpatch-kernel: >kernel-3.10.0-327.22.2.el7 kpatch-cve: CVE-2016-4997 CVE-2016-4998 kpatch-cvss: n/a kpatch-cve-url: http://www.openwall.com/lists/oss-security/2016/06/24/5 kpatch-patch-url: http://git.kernel.org/linus/ce683e5f9d045e5d67d1312a42b359cb2ab2a13c kpatch-name: 3.10.0/tcp-make-challenge-acks-less-predictable.patch kpatch-description: tcp: make challenge acks less predictable kpatch-kernel: >kernel-3.10.0-327.28.2.el7 kpatch-cve: CVE-2016-5696 kpatch-cvss: 5.8 kpatch-cve-url: https://access.redhat.com/security/cve/cve-2016-5696 kpatch-patch-url: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758 kpatch-name: 3.10.0/tcp-make-challenge-acks-less-predictable.kpatch-1.patch kpatch-description: tcp: make challenge acks less predictable kpatch-kernel: >kernel-3.10.0-327.28.2.el7 kpatch-cve: CVE-2016-5696 kpatch-cvss: 5.8 kpatch-cve-url: https://access.redhat.com/security/cve/cve-2016-5696 kpatch-patch-url: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758 kpatch-name: 3.10.0/net-add-recursion-limit-to-GRO.patch kpatch-description: [net] add recursion limit to GRO kpatch-kernel: kernel-3.10.0-327.36.2.el7 kpatch-cve: CVE-2016-7039 kpatch-cvss: 7.1 kpatch-cve-url: https://access.redhat.com/security/cve/CVE-2016-7039 kpatch-patch-url: https://access.redhat.com/labs/psb/versions/kernel-3.10.0-327.36.2.el7/patches/net-add-recursion-limit-to-GRO kpatch-name: 3.10.0/0001-mm-remove-gup_flags-FOLL_WRITE-games-from-__get_user-327.patch kpatch-description: mm: remove gup_flags FOLL_WRITE games from __get_user_pages() kpatch-kernel: >kernel-3.10.0-327.36.2.el7 kpatch-cve: CVE-2016-5195 kpatch-cvss: 6.9 kpatch-cve-url: https://access.redhat.com/security/cve/cve-2016-5195 kpatch-patch-url: https://git.kernel.org/linus/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619 kpatch-name: 3.10.0/Btrfs-fix-truncation-of-compressed-and-inlined-exten.patch kpatch-description: Btrfs: fix truncation of compressed and inlined extents kpatch-kernel: kernel-3.10.0-514.el7 kpatch-cve: CVE-2015-8374 kpatch-cvss: 3.5 kpatch-cve-url: https://access.redhat.com/security/cve/CVE-2015-8374 kpatch-patch-url: https://git.kernel.org/linus/0305cd5f7fca85dae392b9ba85b116896eb7c1c7 kpatch-name: 3.10.0/net-add-validation-for-the-socket-syscall-protocol-a.patch kpatch-description: Btrfs: fix truncation of compressed and inlined extents kpatch-kernel: kernel-3.10.0-514.el7 kpatch-cve: CVE-2015-8543 kpatch-cvss: 4.6 kpatch-cve-url: https://access.redhat.com/security/cve/CVE-2015-8543 kpatch-patch-url: https://git.kernel.org/linus/79462ad02e861803b3840cc782248c7359451cd9 kpatch-name: 3.10.0/iw_cxgb3-Fix-incorrectly-returning-error-on-success.patch kpatch-description: iw_cxgb3: Fix incorrectly returning error on success kpatch-kernel: kernel-3.10.0-514.el7 kpatch-cve: CVE-2015-8812 kpatch-cvss: 6.9 kpatch-cve-url: https://access.redhat.com/security/cve/CVE-2015-8812 kpatch-patch-url: https://git.kernel.org/linus/67f1aee6f45059fd6b0f5b0ecb2c97ad0451f6b3 kpatch-name: 3.10.0/Bluetooth-Fix-potential-NULL-dereference-in-RFCOMM-b.patch kpatch-description: Bluetooth: Fix potential NULL dereference in RFCOMM bind callback kpatch-kernel: kernel-3.10.0-514.el7 kpatch-cve: CVE-2015-8956 kpatch-cvss: 5.4 kpatch-cve-url: https://access.redhat.com/security/cve/CVE-2015-8956 kpatch-patch-url: https://git.kernel.org/linus/951b6a0717db97ce420547222647bcc40bf1eacd kpatch-name: 3.10.0/ASN.1-Fix-non-match-detection-failure-on-data-overru.patch kpatch-description: ASN.1: Fix non-match detection failure on data overrun kpatch-kernel: kernel-3.10.0-514.el7 kpatch-cve: CVE-2016-2053 kpatch-cvss: 4.6 kpatch-cve-url: https://access.redhat.com/security/cve/CVE-2016-2053 kpatch-patch-url: https://git.kernel.org/linus/0d62e9dd6da45bbf0f33a8617afc5fe774c8f45f kpatch-name: 3.10.0/x86-mm-Add-barriers-and-document-switch_mm-vs-flush-.patch kpatch-description: x86/mm: Add barriers and document switch_mm()-vs-flush synchronization kpatch-kernel: kernel-3.10.0-514.el7 kpatch-cve: CVE-2016-2069 kpatch-cvss: 3.7 kpatch-cve-url: https://access.redhat.com/security/cve/CVE-2016-2069 kpatch-patch-url: https://git.kernel.org/linus/71b3c126e61177eb693423f2e18a1914205b165e kpatch-name: 3.10.0/ALSA-usb-audio-avoid-freeing-umidi-object-twice.patch kpatch-description: ALSA: usb-audio: avoid freeing umidi object twice kpatch-kernel: kernel-3.10.0-514.el7 kpatch-cve: CVE-2016-2384 kpatch-cvss: 6.2 kpatch-cve-url: https://access.redhat.com/security/cve/CVE-2016-2384 kpatch-patch-url: https://git.kernel.org/linus/07d86ca93db7e5cdf4743564d98292042ec21af7 kpatch-name: 3.10.0/atl2-Disable-unimplemented-scatter-gather-feature.patch kpatch-description: atl2: Disable unimplemented scatter/gather feature kpatch-kernel: kernel-3.10.0-514.el7 kpatch-cve: CVE-2016-2117 kpatch-cvss: 2.6 kpatch-cve-url: https://access.redhat.com/security/cve/CVE-2016-2117 kpatch-patch-url: https://git.kernel.org/linus/f43bfaeddc79effbf3d0fcb53ca477cca66f3db8 kpatch-name: 3.10.0/atl2-Disable-unimplemented-scatter-gather-feature-kpatch-1.patch kpatch-description: atl2: Disable unimplemented scatter/gather feature (kpatch adaptation) kpatch-kernel: kernel-3.10.0-514.el7 kpatch-cve: CVE-2016-2117 kpatch-cvss: 2.6 kpatch-cve-url: https://access.redhat.com/security/cve/CVE-2016-2117 kpatch-patch-url: https://git.kernel.org/linus/f43bfaeddc79effbf3d0fcb53ca477cca66f3db8 kpatch-name: 3.10.0/ALSA-timer-Fix-leak-in-SNDRV_TIMER_IOCTL_PARAMS.patch kpatch-description: ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS kpatch-kernel: kernel-3.10.0-514.el7 kpatch-cve: CVE-2016-4569 kpatch-cvss: 2.1 kpatch-cve-url: https://access.redhat.com/security/cve/CVE-2016-4569 kpatch-patch-url: https://git.kernel.org/linus/cec8f96e49d9be372fdb0c3836dcf31ec71e457e kpatch-name: 3.10.0/ALSA-timer-Fix-leak-in-events-via-snd_timer_user_cca.patch kpatch-description: ALSA: timer: Fix leak in events via snd_timer_user_ccallback kpatch-kernel: kernel-3.10.0-514.el7 kpatch-cve: CVE-2016-4578 kpatch-cvss: 2.1 kpatch-cve-url: https://access.redhat.com/security/cve/CVE-2016-4578 kpatch-patch-url: https://git.kernel.org/linus/9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6 kpatch-name: 3.10.0/ALSA-timer-Fix-leak-in-events-via-snd_timer_user_tin.patch kpatch-description: ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt kpatch-kernel: kernel-3.10.0-514.el7 kpatch-cve: CVE-2016-4578 kpatch-cvss: 2.1 kpatch-cve-url: https://access.redhat.com/security/cve/CVE-2016-4578 kpatch-patch-url: https://git.kernel.org/linus/e4ec8cc8039a7063e24204299b462bd1383184a5 kpatch-name: 3.10.0/IB-srpt-Simplify-srpt_handle_tsk_mgmt.patch kpatch-description: IB/srpt: Simplify srpt_handle_tsk_mgmt() kpatch-kernel: kernel-3.10.0-514.el7 kpatch-cve: CVE-2016-6327 kpatch-cvss: 4.7 kpatch-cve-url: https://access.redhat.com/security/cve/CVE-2016-6327 kpatch-patch-url: https://git.kernel.org/linus/51093254bf879bc9ce96590400a87897c7498463 kpatch-name: 3.10.0/aacraid-Check-size-values-after-double-fetch-from-us.patch kpatch-description: aacraid: Check size values after double-fetch from user kpatch-kernel: kernel-3.10.0-514.el7 kpatch-cve: CVE-2016-6480 kpatch-cvss: 4.7 kpatch-cve-url: https://access.redhat.com/security/cve/CVE-2016-6480 kpatch-patch-url: https://git.kernel.org/linus/fa00c437eef8dc2e7b25f8cd868cfa405fcc2bb3 kpatch-name: 3.10.0/mm-memcontrol-fix-race-between-kmem-uncharge-and-cha.patch kpatch-description: mm: memcontrol: fix race between kmem uncharge and charge reparenting kpatch-kernel: kernel-3.10.0-427.18.2.lve1.4.24.el7 kpatch-cve: N/A kpatch-cvss: N/A kpatch-cve-url: https://bugs.openvz.org/browse/OVZ-6756 kpatch-patch-url: https://src.openvz.org/projects/OVZ/repos/vzkernel/commits/35c0d2a992aaa399cccaee2fc9f3ed6879840dd4 kpatch-name: 3.10.0/packet-fix-race-condition-in-packet_set_ring.patch kpatch-description: packet: fix race condition in packet_set_ring kpatch-kernel: >kernel-3.10.0-327.36.3.el7 kpatch-cve: CVE-2016-8655 kpatch-cvss: 6.6 kpatch-cve-url: http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-8655.html kpatch-patch-url: https://git.kernel.org/linus/84ac7260236a49c79eede91617700174c2c19b0c kpatch-name: 3.10.0/proc-restrict-pagemap-access.patch kpatch-description: Restrict access to pagemap/kpageflags/kpagecount kpatch-kernel: kpatch-cve: kpatch-cvss: kpatch-cve-url: http://googleprojectzero.blogspot.ru/2015/03/exploiting-dram-rowhammer-bug-to-gain.html kpatch-patch-url: