- kernel-3.10.0-1160.80.1.el7 (rhel7)
- 3.10.0-1160.123.1.el7
- 2024-09-09 16:30:25
- 2024-09-13 12:48:17
- K20240909_01
- CVE-2022-2964, CVSSv2 Score: 7.8
- Description:
net: usb: ax88179_178a: fix packet alignment padding
- CVE: https://access.redhat.com/security/cve/CVE-2022-2964
- Patch: 3.10.0/CVE-2022-2964-1510-net-usb-ax88179_178a-fix-packet-alignment-padding.patch
- From: kernel-3.10.0-1160.83.1.el7
- CVE-2022-2964, CVSSv2 Score: 7.8
- Description:
ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32
- CVE: https://access.redhat.com/security/cve/CVE-2022-2964
- Patch: 3.10.0/CVE-2022-2964-1511-ax88179_178a-Merge-memcpy-le32_to_cpus-to-get_unalig.patch
- From: kernel-3.10.0-1160.83.1.el7
- CVE-2022-2964, CVSSv2 Score: 7.8
- Description:
net: usb: Merge cpu_to_le32s + memcpy to put_unaligned_le32
- CVE: https://access.redhat.com/security/cve/CVE-2022-2964
- Patch: 3.10.0/CVE-2022-2964-1512-net-usb-Merge-cpu_to_le32s-memcpy-to-put_unaligned_l.patch
- From: kernel-3.10.0-1160.83.1.el7
- CVE-2022-2964, CVSSv2 Score: 7.8
- Description:
net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
- CVE: https://access.redhat.com/security/cve/CVE-2022-2964
- Patch: 3.10.0/CVE-2022-2964-1518-net-usb-ax88179_178a-Fix-out-of-bounds-accesses-in-R.patch
- From: kernel-3.10.0-1160.83.1.el7
- CVE-2022-2964, CVSSv2 Score: 7.8
- Description:
net: usb: ax88179_178a: Fix packet receiving
- CVE: https://access.redhat.com/security/cve/CVE-2022-2964
- Patch: 3.10.0/CVE-2022-2964-1519-net-usb-ax88179_178a-Fix-packet-receiving.patch
- From: kernel-3.10.0-1160.83.1.el7
- CVE-2021-26401, CVSSv2 Score:
- Description:
An introduction of required changes through KernelCare could cause unavoidable problems to applications which use unprivileged eBPF.
- CVE:
- Patch: skipped/CVE-2021-26401.patch
- From:
- CVE-2022-4378, CVSSv2 Score: 7.8
- Description:
proc: avoid integer type confusion in get_proc_long
- CVE: https://access.redhat.com/security/cve/CVE-2022-4378
- Patch: 3.10.0/CVE-2022-4378-1-proc-avoid-integer-type-confusion-in-get_proc_long.patch
- From: 3.10.0-1160.88.1.el7
- CVE-2022-4378, CVSSv2 Score: 7.8
- Description:
proc: proc_skip_spaces() shouldn't think it is working on C strings
- CVE: https://access.redhat.com/security/cve/CVE-2022-4378
- Patch: 3.10.0/CVE-2022-4378-2-proc-sysctl-fix-return-error-for-proc_doulongvec_min.patch
- From: 3.10.0-1160.88.1.el7
- CVE-2022-43750, CVSSv2 Score: 6.7
- Description:
usb: mon: make mmapped memory read only
- CVE: https://access.redhat.com/security/cve/CVE-2022-43750
- Patch: 3.10.0/CVE-2022-43750-usb-mon-make-mmapped-memory-read-only.patch
- From: 3.10.0-1160.90.1
- CVE-2022-3564, CVSSv2 Score: 7.1
- Description:
Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
- CVE: https://access.redhat.com/security/cve/CVE-2022-3564
- Patch: 3.10.0/CVE-2022-3564-Bluetooth-L2CAP-Fix-use-after-free-caused-by-l2cap_reassemble_sdu.patch
- From: 3.10.0-1160.95.1.el7
- CVE-2023-35788, CVSSv2 Score: 7.8
- Description:
net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
- CVE: https://access.redhat.com/security/cve/CVE-2023-35788
- Patch: rhel7/3.10.0-1160.99.1.el7/CVE-2023-35788-net-sched-flower-fix-possible-oob-write-in-fl-set-geneve-opt.patch
- From: 3.10.0-1160.99.1.el7
- CVE-2023-20593, CVSSv2 Score: 6.5
- Description:
hw: amd: Cross-Process Information Leak
- CVE: https://access.redhat.com/security/cve/cve-2023-20593
- Patch: rhel7/3.10.0-1160.99.1.el7/CVE-2023-20593-zenbleed.patch
- From: 3.10.0-1160.99.1.el7
- CVE-2023-32233, CVSSv2 Score: 7.8
- Description:
netfilter: nf_tables: deactivate anonymous set from preparation phase
- CVE: https://access.redhat.com/security/cve/CVE-2023-32233
- Patch: rhel7/3.10.0-1160.102.1.el7/CVE-2023-32233-1.patch
- From: 3.10.0-1160.102.1.el7
- CVE-2023-32233, CVSSv2 Score: 7.8
- Description:
netfilter: nf_tables: deactivate anonymous set from preparation phase (adaptation)
- CVE: https://access.redhat.com/security/cve/CVE-2023-32233
- Patch: rhel7/3.10.0-1160.102.1.el7/CVE-2023-32233-1-kpatch.patch
- From: 3.10.0-1160.102.1.el7
- CVE-2023-32233, CVSSv2 Score: 7.8
- Description:
netfilter: nf_tables: do not allow SET_ID to refer to another table
- CVE: https://access.redhat.com/security/cve/CVE-2023-32233
- Patch: rhel7/3.10.0-1160.102.1.el7/CVE-2023-32233-2.patch
- From: 3.10.0-1160.102.1.el7
- CVE-2023-32233, CVSSv2 Score: 7.8
- Description:
netfilter: nf_tables: skip deactivated anonymous sets during lookups
- CVE: https://access.redhat.com/security/cve/CVE-2023-32233
- Patch: rhel7/3.10.0-1160.102.1.el7/CVE-2023-32233-3.patch
- From: 3.10.0-1160.102.1.el7
- CVE-2023-35001, CVSSv2 Score: 7.8
- Description:
netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
- CVE: https://access.redhat.com/security/cve/CVE-2023-35001
- Patch: rhel7/3.10.0-1160.102.1.el7/CVE-2023-35001.patch
- From: 3.10.0-1160.102.1.el7
- CVE-2023-3609, CVSSv2 Score: 7.0
- Description:
Smart Patch for net/sched: cls_u32: Fix reference counter leak leading to overflow
- CVE: https://access.redhat.com/security/cve/CVE-2023-3609
- Patch: rhel7/3.10.0-1160.102.1.el7/CVE-2023-3609-smart-backport-for-net-sched-cls-u32-c.patch
- From: 3.10.0-1160.102.1.el7
- CVE-2023-4208 CVE-2023-4128, CVSSv2 Score:
- Description:
Smart Patch for net/sched/cls_u32.c
- CVE: https://access.redhat.com/security/cve/CVE-2023-4208
- Patch: rhel7/3.10.0-1160.102.1.el7/CVE-2023-4208-smart-patch-for-net-sched-cls-u32-c.patch
- From: kernel-3.10.0-1160.105.1.el7
- CVE-2023-4207 CVE-2023-4128, CVSSv2 Score: 7.8
- Description:
net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free
- CVE: https://access.redhat.com/security/cve/CVE-2023-4207
- Patch: rhel7/3.10.0-1160.105.1.el7/CVE-2023-4207-net-sched-cls-fw-no-longer-copy-tcf-result-on-update-to-avoid.patch
- From: kernel-3.10.0-1160.105.1.el7
- CVE-2023-4206 CVE-2023-4128, CVSSv2 Score: 7.8
- Description:
net/sched: cls_route: No longer copy tcf_result on update to avoid use-after-free
- CVE: https://access.redhat.com/security/cve/CVE-2023-4206
- Patch: rhel7/3.10.0-1160.105.1.el7/CVE-2023-4206-net-sched-cls-route-no-longer-copy-tcf-result-on-update-to-avoid.patch
- From: kernel-3.10.0-1160.105.1.el7
- CVE-2023-3776, CVSSv2 Score: 7.0
- Description:
net/sched: cls_fw: Fix improper refcount update leads to use-after-free
- CVE: https://access.redhat.com/security/cve/CVE-2023-3776
- Patch: rhel7/3.10.0-1160.105.1.el7/CVE-2023-3776-net-sched-cls-fw-fix-improper-refcount-update-leads-to.patch
- From: kernel-3.10.0-1160.105.1.el7
- CVE-2023-3611, CVSSv2 Score: 7.8
- Description:
net/sched: sch_qfq: account for stab overhead in qfq_enqueue
- CVE: https://access.redhat.com/security/cve/CVE-2023-3611
- Patch: rhel7/3.10.0-1160.105.1.el7/CVE-2023-3611-net-sched-sch-qfq-account-for-stab-overhead-in-qfq-enqueue.patch
- From: kernel-3.10.0-1160.105.1.el7
- CVE-2022-40982, CVSSv2 Score:
- Description:
Complex adaptation required.
- CVE:
- Patch: skipped/CVE-2022-40982.patch
- From:
- CVE-2023-31436, CVSSv2 Score: 7.0
- Description:
net/sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
- CVE: https://access.redhat.com/security/cve/CVE-2023-31436
- Patch: rhel7/3.10.0-1160.105.1.el7/CVE-2023-31436-net-sched-sch_qfq-prevent-slab-out-of-bounds-in-qfq_.patch
- From: kernel-3.10.0-1160.105.1.el7
- CVE-2023-42753, CVSSv2 Score: 7.0
- Description:
revert of: netfilter: ipset: actually allow allowable CIDR 0 in hash:net, port, net
- CVE: https://access.redhat.com/security/cve/CVE-2023-42753
- Patch: rhel7/3.10.0-1160.108.1.el7/CVE-2023-42753-REVERT-net-netfilter-ipset-actually-allow-allowable-CIDR-0-.patch
- From: 3.10.0-1160.108.1.el7
- CVE-2022-42896, CVSSv2 Score: 8.1
- Description:
Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
- CVE: https://access.redhat.com/security/cve/CVE-2022-42896
- Patch: rhel7/3.10.0-1160.114.2.el7/CVE-2022-42896-Bluetooth-L2CAP-Fix-accepting-connection-request-for-invalid-SPSM.patch
- From: 3.10.0-1160.114.2.el7
- CVE-2022-42896, CVSSv2 Score: 8.1
- Description:
Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm
- CVE: https://access.redhat.com/security/cve/CVE-2022-42896
- Patch: rhel7/3.10.0-1160.114.2.el7/CVE-2022-42896-Bluetooth-L2CAP-Fix-l2cap_global_chan_by_psm.patch
- From: 3.10.0-1160.114.2.el7
- CVE-2023-4921, CVSSv2 Score: 7.8
- Description:
net: sched: sch_qfq: Fix UAF in qfq_dequeue()
- CVE: https://access.redhat.com/security/cve/CVE-2023-4921
- Patch: rhel7/3.10.0-1160.114.2.el7/CVE-2023-4921-net-sched-sch-qfq-fix-uaf-in-qfq-dequeue.patch
- From: 3.10.0-1160.114.2.el7
- CVE-2023-4921, CVSSv2 Score: 7.8
- Description:
net: sched: sch_qfq: Fix UAF in qfq_dequeue() (adaptation)
- CVE: https://access.redhat.com/security/cve/CVE-2023-4921
- Patch: rhel7/3.10.0-1160.114.2.el7/CVE-2023-4921-net-sched-sch-qfq-fix-uaf-in-qfq-dequeue-kpatch.patch
- From: 3.10.0-1160.114.2.el7
- CVE-2023-38409, CVSSv2 Score:
- Description:
fbcon driver was updated and patched in the same kernel 3.10.0-1160.111.1.el7. Older versions don't contain vulnerabilities b07db3958485 and d443d9386472
- CVE:
- Patch: skipped/CVE-2023-38409.patch
- From:
- CVE-2023-45871, CVSSv2 Score: 7.5
- Description:
igb: set max size RX buffer when store bad packet is enabled
- CVE: https://access.redhat.com/security/cve/CVE-2023-45871
- Patch: rhel7/3.10.0-1160.114.2.el7/CVE-2023-45871-igb-set-max-size-rx-buffer-when-store-bad-packet-is-enabled.patch
- From: 3.10.0-1160.114.2.el7
- CVE-2023-45871, CVSSv2 Score: 7.5
- Description:
igb: set max size RX buffer when store bad packet is enabled (adaptation)
- CVE: https://access.redhat.com/security/cve/CVE-2023-45871
- Patch: rhel7/3.10.0-1160.114.2.el7/CVE-2023-45871-igb-set-max-size-rx-buffer-when-store-bad-packet-is-enabled-kpatch.patch
- From: 3.10.0-1160.114.2.el7
- CVE-2024-1086, CVSSv2 Score: 7.0
- Description:
netfilter: nf_tables: reject QUEUE/DROP verdict parameters
- CVE: https://access.redhat.com/security/cve/CVE-2024-1086
- Patch: rhel7/3.10.0-1160.114.2.el7/CVE-2024-1086-netfilter-nf-tables-reject-queue-drop-verdict-parameters.patch
- From: 3.10.0-1160.114.2.el7
- CVE-2024-26602, CVSSv2 Score: 5.5
- Description:
sched/membarrier: reduce the ability to hammer on sys_membarrier
- CVE: https://access.redhat.com/security/cve/CVE-2024-26602
- Patch: rhel7/3.10.0-1160.114.2.el7/CVE-2024-26602-sched-membarrier-reduce-the-ability-to-hammer-on-sys_membarrier.patch
- From: 3.10.0-1160.114.2.el7
- CVE-2023-4622, CVSSv2 Score: 7.8
- Description:
[PATCH 1681/1699] af_unix: Fix null-ptr-deref in
- CVE: https://access.redhat.com/security/cve/CVE-2023-4622
- Patch: rhel7/3.10.0-1160.118.1.el7/CVE-2023-4622-patch-1681-1699-af-unix-fix-null-ptr-deref-in.patch
- From: 3.10.0-1160.118.1.el7
- CVE-2023-4623, CVSSv2 Score: 7.8
- Description:
[PATCH 1658/1699] net/sched: sch_hfsc: Ensure inner classes have fsc
- CVE: https://access.redhat.com/security/cve/CVE-2023-4623
- Patch: rhel7/3.10.0-1160.118.1.el7/CVE-2023-4623-patch-1658-1699-net-sched-sch-hfsc-ensure-inner-classes-have-fsc.patch
- From: 3.10.0-1160.118.1.el7
- CVE-2023-4623, CVSSv2 Score: 7.8
- Description:
[PATCH 1659/1699] net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it
- CVE: https://access.redhat.com/security/cve/CVE-2023-4623
- Patch: rhel7/3.10.0-1160.118.1.el7/CVE-2023-4623-patch-1659-1699-net-sched-sch-hfsc-upgrade-rt-to-sc-when-it.patch
- From: 3.10.0-1160.118.1.el7
- CVE-2023-2002, CVSSv2 Score: 6.8
- Description:
[PATCH 1686/1699] bluetooth: Perform careful capability checks in
- CVE: https://access.redhat.com/security/cve/CVE-2023-2002
- Patch: rhel7/3.10.0-1160.118.1.el7/CVE-2023-2002-patch-1686-1699-bluetooth-perform-careful-capability-checks-in.patch
- From: 3.10.0-1160.118.1.el7
- CVE-2023-2002, CVSSv2 Score: 6.8
- Description:
[PATCH 1689/1699] bluetooth: Add cmd validity checks at the start of
- CVE: https://access.redhat.com/security/cve/CVE-2023-2002
- Patch: rhel7/3.10.0-1160.118.1.el7/CVE-2023-2002-patch-1689-1699-bluetooth-add-cmd-validity-checks-at-the-start-of.patch
- From: 3.10.0-1160.118.1.el7
- CVE-2020-36558, CVSSv2 Score: 5.1
- Description:
[PATCH 1696/1699] vt: vt_ioctl: fix race in VT_RESIZEX
- CVE: https://access.redhat.com/security/cve/CVE-2020-36558
- Patch: rhel7/3.10.0-1160.118.1.el7/CVE-2020-36558-patch-1696-1699-vt-vt-ioctl-fix-race-in-vt-resizex.patch
- From: 3.10.0-1160.118.1.el7
- CVE-2023-25775, CVSSv2 Score: 9.8
- Description:
[PATCH 1643/1699] RDMA/i40iw: Prevent zero-length STAG registration
- CVE: https://access.redhat.com/security/cve/CVE-2023-25775
- Patch: rhel7/3.10.0-1160.118.1.el7/CVE-2023-25775-patch-1643-1699-rdma-i40iw-prevent-zero-length-stag-registration.patch
- From: 3.10.0-1160.118.1.el7
- CVE-2023-25775, CVSSv2 Score: 9.8
- Description:
RDMA/irdma: Prevent zero-length STAG registration (adaptation)
- CVE: https://ubuntu.com/security/CVE-2023-25775
- Patch: rhel7/3.10.0-1160.118.1.el7/CVE-2023-25775-patch-1643-1699-rdma-i40iw-prevent-zero-length-stag-registration-kpatch.patch
- From: 5.15.0-89.99
- CVE-2024-36971, CVSSv2 Score: 7.8
- Description:
net: fix __dst_negative_advice() race
- CVE: https://access.redhat.com/security/cve/CVE-2024-36971
- Patch: rhel7/3.10.0-1160.123.1.el7/CVE-2024-36971-ELSCVE-27162-net-fix-__dst_negative_advice-race.patch
- From: 3.10.0-1160.123.1.el7
- CVE-2022-1011, CVSSv2 Score: 7.0
- Description:
fuse: fix pipe buffer lifetime for direct_io
- CVE: https://access.redhat.com/security/cve/CVE-2022-1011
- Patch: rhel7/3.10.0-1160.123.1.el7/CVE-2022-1011-ELSCVE-14458-fuse-fix-pipe-buffer-lifetime-for-direc.patch
- From: 3.10.0-1160.123.1.el7
- CVE-2022-1011, CVSSv2 Score: 7.0
- Description:
fuse: fix pipe buffer lifetime for direct_io
- CVE: https://access.redhat.com/security/cve/CVE-2022-1011
- Patch: rhel7/3.10.0-1160.123.1.el7/CVE-2022-1011-ELSCVE-14458-fuse-fix-pipe-buffer-lifetime-for-direc-kpatch.patch
- From: 3.10.0-1160.123.1.el7
- N/A, CVSSv2 Score: N/A
- Description:
Restrict access to pagemap/kpageflags/kpagecount
- CVE: http://googleprojectzero.blogspot.ru/2015/03/exploiting-dram-rowhammer-bug-to-gain.html
- Patch: 3.10.0/proc-restrict-pagemap-access-1062.patch
- From: N/A