- kernel-4.14.355-280.695.amzn2 (amazon2)
- 4.14.355-280.713.amzn2
- 2026-03-10 07:47:01
- 2026-03-11 07:22:26
- K20260310_01
- CVE-2023-53343
- Description:
icmp6: Fix null-ptr-deref of ip6_null_entry->rt6i_idev in icmp6_dev().
- CVE: https://alas.aws.amazon.com/cve/html/CVE-2023-53343.html
- Patch: amazon2/4.14.355-280.698.amzn2/CVE-2023-53343-icmp6-fix-null-ptr-deref-of-ip6-null-entry-rt6i-idev-in-icmp6-dev.patch
- From: 4.14.355-280.698.amzn2
- CVE-2022-50410
- Description:
NFSD: Protect against send buffer overflow in NFSv2 READ
- CVE: https://alas.aws.amazon.com/cve/html/CVE-2022-50410.html
- Patch: amazon2/4.14.355-280.698.amzn2/CVE-2022-50410-nfsd-protect-against-send-buffer-overflow-in-nfsv2-read.patch
- From: 4.14.355-280.698.amzn2
- CVE-2022-50422
- Description:
scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()
- CVE: https://alas.aws.amazon.com/cve/html/CVE-2022-50422.html
- Patch: amazon2/4.14.355-280.706.amzn2/CVE-2022-50422-scsi-libsas-fix-use-after-free-bug-in-smp-execute-task-sg.patch
- From: 4.14.355-280.706.amzn2
- CVE-2023-53530
- Description:
scsi: qla2xxx: Use raw_smp_processor_id() instead of smp_processor_id()
- CVE: https://alas.aws.amazon.com/cve/html/CVE-2023-53530.html
- Patch: amazon2/4.14.355-280.706.amzn2/CVE-2023-53530-scsi-qla2xxx-use-raw_smp_processor_id-instead-of-smp_processor_id.patch
- From: 4.14.355-280.706.amzn2
- CVE-2023-53567
- Description:
spi: qup: Don't skip cleanup in remove's error path
- CVE: https://alas.aws.amazon.com/cve/html/CVE-2023-53567.html
- Patch: amazon2/4.14.355-280.706.amzn2/CVE-2023-53567-spi-qup-don-t-skip-cleanup-in-remove-s-error-path.patch
- From: 4.14.355-280.706.amzn2
- CVE-2025-39773
- Description:
net: bridge: mcast: add and enforce query interval minimum
- CVE: https://alas.aws.amazon.com/cve/html/CVE-2025-39773.html
- Patch: amazon2/4.14.355-280.706.amzn2/CVE-2025-39773-net-bridge-mcast-add-and-enforce-query-interval-minimum.patch
- From: 4.14.355-280.706.amzn2
- CVE-2025-39773
- Description:
net: bridge: mcast: add and enforce startup query interval minimum
- CVE: https://alas.aws.amazon.com/cve/html/CVE-2025-39773.html
- Patch: amazon2/4.14.355-280.706.amzn2/CVE-2025-39773-net-bridge-mcast-add-and-enforce-startup-query-interval-minimum.patch
- From: 4.14.355-280.706.amzn2
- CVE-2025-39773
- Description:
net: bridge: fix soft lockup in br_multicast_query_expired()
- CVE: https://alas.aws.amazon.com/cve/html/CVE-2025-39773.html
- Patch: amazon2/4.14.355-280.706.amzn2/CVE-2025-39773-net-bridge-fix-soft-lockup-in-br-multicast-query-expired.patch
- From: 4.14.355-280.706.amzn2
- CVE-2025-39773
- Description:
net: bridge: fix soft lockup in br_multicast_query_expired()
- CVE: https://alas.aws.amazon.com/cve/html/CVE-2025-39773.html
- Patch: amazon2/4.14.355-280.706.amzn2/CVE-2025-39773-net-bridge-fix-soft-lockup-in-br-multicast-query-expired-kpatch.patch
- From: 6.1.150-174.273.amzn2023
- CVE-2025-39923
- Description:
dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees
- CVE: https://alas.aws.amazon.com/cve/html/CVE-2025-39923.html
- Patch: amazon2/4.14.355-280.706.amzn2/CVE-2025-39923-dmaengine-qcom-bam-dma-fix-dt-error-handling-for-num-channels-ees.patch
- From: 4.14.355-280.706.amzn2
- CVE-2025-39955
- Description:
tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect().
- CVE: https://alas.aws.amazon.com/cve/html/CVE-2025-39955.html
- Patch: amazon2/4.14.355-280.706.amzn2/CVE-2025-39955-tcp-clear-tcp-sk-sk-fastopen-rsk-in-tcp-disconnect.patch
- From: 4.14.355-280.706.amzn2
- CVE-2022-50516
- Description:
fs: dlm: fix invalid derefence of sb_lvbptr
- CVE: https://alas.aws.amazon.com/cve/html/CVE-2022-50516.html
- Patch: amazon2/4.14.355-280.708.amzn2/CVE-2022-50516-fs-dlm-fix-invalid-derefence-of-sb-lvbptr.patch
- From: 4.14.355-280.708.amzn2
- CVE-2023-53626
- Description:
ext4: fix possible double unlock when moving a directory
- CVE: https://alas.aws.amazon.com/cve/html/CVE-2023-53626.html
- Patch: amazon2/4.14.355-280.708.amzn2/CVE-2023-53626-ext4-fix-possible-double-unlock-when-moving-a-directory.patch
- From: 4.14.355-280.708.amzn2
- CVE-2023-53680
- Description:
NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL
- CVE: https://alas.aws.amazon.com/cve/html/CVE-2023-53680.html
- Patch: amazon2/4.14.355-280.710.amzn2/CVE-2023-53680-nfsd-avoid-calling-opdesc-with-ops-opnum-op-illegal.patch
- From: 4.14.355-280.710.amzn2
- CVE-2025-40070
- Description:
pps: fix warning in pps_register_cdev when register device fail
- CVE: https://alas.aws.amazon.com/cve/html/CVE-2025-40070.html
- Patch: amazon2/4.14.355-280.713.amzn2/CVE-2025-40070-pps-fix-warning-in-pps-register-cdev-when-register-device-fail.patch
- From: 4.14.355-280.713.amzn2
- CVE-2024-26804
- Description:
net: ip_tunnel: prevent perpetual headroom growth
- CVE: https://alas.aws.amazon.com/cve/html/CVE-2024-26804.html
- Patch: amazon2/4.14.355-280.713.amzn2/CVE-2024-26804-net-ip-tunnel-prevent-perpetual-headroom-growth.patch
- From: 4.14.355-280.713.amzn2
- CVE-2025-40173
- Description:
net/ip6_tunnel: Prevent perpetual tunnel growth
- CVE: https://alas.aws.amazon.com/cve/html/CVE-2025-40173.html
- Patch: amazon2/4.14.355-280.713.amzn2/CVE-2025-40173-net-ip6-tunnel-prevent-perpetual-tunnel-growth.patch
- From: 4.14.355-280.713.amzn2
- CVE-2024-47696
- Description:
RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency
- CVE: https://linux.oracle.com/cve/CVE-2024-47696.html
- Patch: amazon2/CVE-2024-47696-rdma-iwcm-fix-warning-at_kernel-workqueue.c-check_flush_dependency.patch
- From: 5.15.0-303.171.5.2.el9uek
- CVE-2024-47696
- Description:
RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency kpatch
- CVE: https://linux.oracle.com/cve/CVE-2024-47696.html
- Patch: amazon2/CVE-2024-47696-rdma-iwcm-fix-warning-at_kernel-workqueue.c-check_flush_dependency-kpatch.patch
- From: 5.15.0-303.171.5.2.el9uek
- n/a
- Description:
x86/xen: Add xenpv_restore_regs_and_return_to_usermode()
- CVE: n/a
- Patch: 4.14.0/x86-xen-Add-xenpv_restore_regs_and_return_to_usermode.patch
- From: v5.16
- N/A
- Description:
N/A
- CVE: N/A
- Patch: 4.14.0/kpatch-pti-add-KernelCare-mapping-into-shadow-PGD.patch
- From: N/A
- N/A
- Description:
N/A
- CVE: N/A
- Patch: 4.14.0/kpatch-add-asm-definitions.patch
- From: N/A
- N/A
- Description:
Restrict access to pagemap/kpageflags/kpagecount
- CVE: http://googleprojectzero.blogspot.ru/2015/03/exploiting-dram-rowhammer-bug-to-gain.html
- Patch: 4.15.0/proc-restrict-pagemap-access.patch
- From: N/A
- N/A
- Description:
vmx_vcpu_run wrapper
- CVE:
- Patch: 4.14.0/x86-kvm-vmx_vcpu_run-wrapper.patch
- From: