RDMA/cma: Do not change route.addr.src_addr.ss_family

Initialize registers to avoid stack leak into userspace.

Bail out in case userspace uses unsupported registers.

cgroup-v1: Require capabilities to set release_agent

perf: Fix sys_perf_event_open() race against self

netfilter: nf_tables: disallow non-stateful expression in

Not affected without certain conditions - Secure Boot, configured kgdb/kdb. Complex adaptation

x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data

net_sched: cls_route: remove from list when handle is 0

Livepatching Retbleed may decrease kernel stability and performance. This vulnerability has medium security impact and applies to certain hardware environments only.

Livepatching Retbleed may decrease kernel stability and performance. This vulnerability has medium security impact and applies to certain hardware environments only.

Livepatching Retbleed may decrease the stability and performance of the kernel, while vulnerability has a medium security impact and only for a certain hardware environment.

Livepatching Retbleed may decrease kernel stability and performance. This vulnerability has medium security impact and applies to certain hardware environments only.

Livepatching Retbleed may decrease the stability and performance of the kernel, while vulnerability has a medium security impact and only for a certain hardware environment.

net: usb: ax88179_178a: fix packet alignment padding

ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32

net: usb: Merge cpu_to_le32s + memcpy to put_unaligned_le32

net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup

net: usb: ax88179_178a: Fix packet receiving

An introduction of required changes through KernelCare could cause unavoidable problems to applications which use unprivileged eBPF.

proc: avoid integer type confusion in get_proc_long

proc: proc_skip_spaces() shouldn't think it is working on C strings

usb: mon: make mmapped memory read only

Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu

net/sched: flower: fix possible OOB write in fl_set_geneve_opt()

hw: amd: Cross-Process Information Leak

netfilter: nf_tables: deactivate anonymous set from preparation phase

netfilter: nf_tables: deactivate anonymous set from preparation phase (adaptation)

netfilter: nf_tables: do not allow SET_ID to refer to another table

netfilter: nf_tables: skip deactivated anonymous sets during lookups

netfilter: nf_tables: prevent OOB access in nft_byteorder_eval

Smart Patch for net/sched: cls_u32: Fix reference counter leak leading to overflow

Smart Patch for net/sched/cls_u32.c

net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free

net/sched: cls_route: No longer copy tcf_result on update to avoid use-after-free

net/sched: cls_fw: Fix improper refcount update leads to use-after-free

net/sched: sch_qfq: account for stab overhead in qfq_enqueue

Complex adaptation required.

net/sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg

revert of: netfilter: ipset: actually allow allowable CIDR 0 in hash:net, port, net

Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM

Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm

net: sched: sch_qfq: Fix UAF in qfq_dequeue()

net: sched: sch_qfq: Fix UAF in qfq_dequeue() (adaptation)

fbcon driver was updated and patched in the same kernel 3.10.0-1160.111.1.el7. Older versions don't contain vulnerabilities b07db3958485 and d443d9386472

igb: set max size RX buffer when store bad packet is enabled

igb: set max size RX buffer when store bad packet is enabled (adaptation)

netfilter: nf_tables: reject QUEUE/DROP verdict parameters

sched/membarrier: reduce the ability to hammer on sys_membarrier

[PATCH 1681/1699] af_unix: Fix null-ptr-deref in

[PATCH 1658/1699] net/sched: sch_hfsc: Ensure inner classes have fsc

[PATCH 1659/1699] net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it

[PATCH 1686/1699] bluetooth: Perform careful capability checks in

[PATCH 1689/1699] bluetooth: Add cmd validity checks at the start of

[PATCH 1696/1699] vt: vt_ioctl: fix race in VT_RESIZEX

[PATCH 1643/1699] RDMA/i40iw: Prevent zero-length STAG registration

RDMA/irdma: Prevent zero-length STAG registration (adaptation)

net: fix __dst_negative_advice() race

fuse: fix pipe buffer lifetime for direct_io

fuse: fix pipe buffer lifetime for direct_io

wifi: mac80211: Avoid address calculations via out of bounds array indexing

N/A

x86/bhi: Add support for clearing branch history at syscall entry

media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format

can: bcm: Fix UAF in bcm_proc_show()

HID: core: zero-initialize the report buffer

ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices

ALSA: usb-audio: Fix a DMA to stack memory bug

ALSA: usb-audio: Fix out of bounds reads when finding clock sources

netfilter: ipset: add missing range check in bitmap_ip_uadt

net: atm: fix use after free in lec_send()

net: atlantic: fix aq_vec index out of range error

HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove()

media: uvcvideo: Fix double free in error path

misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()

ext4: fix off-by-one error in do_split

drivers:md:fix a potential use-after-free bug

sch_hfsc: make hfsc_qlen_notify() idempotent

ext4: avoid resizing to a partial cluster size

Change signature of qdisc_tree_reduce_backlog() to use ints

net/sched: Always pass notifications when child class becomes empty

sch_cbq: make cbq_qlen_notify() idempotent

sch_htb: make htb_deactivate() idempotent

codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()

sch_qfq: make qfq_qlen_notify() idempotent

sch_drr: make drr_qlen_notify() idempotent

sch_htb: make htb_qlen_notify() idempotent

sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()

crypto: algif_hash - fix double free in hash_accept

scsi: lpfc: Use memcpy() for BIOS version

posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()

net: usb: smsc75xx: Limit packet length to skb->len

net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull

net/sched: sch_qfq: Fix race condition on qfq_aggregate

nALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface()

i40e: fix MMIO write access to an invalid page in i40e_clear_hw

ALSA: bcd2000: Fix a UAF bug on the error path of probing

md-raid10: fix KASAN warning

net_sched: hfsc: Fix a UAF vulnerability in class handling

HID: core: Harden s32ton() against conversion to 0 bits

crypto: seqiv - Handle EBUSY correctly

Out of scope: not affected

This CVE has been rejected or withdrawn by its CVE Numbering Authority as per NVD website

HID: core: detect and skip invalid inputs to snto32()

HID: core: fix shift-out-of-bounds in hid_report_raw_event

Out of scope: not affected

Bluetooth: L2CAP: Fix use-after-free

wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()

sctp: linearize cloned gso packets in sctp_rcv

ip6mr: Fix skb_under_panic in ip6mr_cache_report()

cifs: fix oops during encryption

fs: fix UAF/GPF bug in nilfs_mdt_destroy

NFSD: Protect against send buffer overflow in NFSv2 READ

Bug isn't present in RHEL7 kernel.

scsi: qla2xxx: Wait for io return on terminate rport

tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()

mm: fix zswap writeback race condition

ALSA: usb-audio: Validate UAC3 power domain descriptors, too

ALSA: usb-audio: Validate UAC3 power domain descriptors, too

ALSA: usb-audio: Validate UAC3 cluster segment descriptors

Bluetooth: L2CAP: fix bad unlock balance in l2cap_disconnect_rsp

net: sched: sfb: fix null pointer access issue when sfb_init() fails

ext4: fix undefined behavior in bit shift for ext4_check_flag_values

net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too

ipv6: Fix out-of-bounds access in ipv6_find_tlv()

libceph: fix potential use-after-free in have_mon_and_osd_map()

scsi: ses: Fix possible desc_ptr out-of-bounds accesses

i40e: fix idx validation in config queues msg

CVE rejected

vsock: Ignore signal/timeout on connect() if already established

Restrict access to pagemap/kpageflags/kpagecount

atm: clip: Fix infinite recursive call of clip_push().

Squashfs: check return result of sb_min_blocksize

squashfs: fix memory leak in squashfs_fill_super

Squashfs: check return result of sb_min_blocksize

NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid

efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare

usb: core: config: Prevent OOB read in SS endpoint companion parsing

net/sched: Enforce that teql can only be used as root qdisc

fs/proc: fix uaf in proc_readdir_de()

media: rc: fix races with imon_disconnect()

ext4: allow ext4_truncate() to return an error

ext4: lost matching-pair of trace in ext4_truncate

ext4: fix use-after-free in ext4_orphan_cleanup

scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count()

netfilter: nf_tables: fix use-after-free in nf_tables_addchain()

RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug

Rolled back due to regression.

scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count()

scsi: qla2xxx: Fix bsg_done() causing double free

net/sched: cls_u32: use skb_header_pointer_careful()

iavf: Fix reset error handling

RDMA/rxe: Fix incomplete state save in rxe_requester