KernelCare Directory

linux-5.10.234-1 (debian11)
Kernel Update Version: 5.10.237-1
Build Date: 2025-08-19 08:01:10
Release Date: 2025-08-19 13:29:47
Release: K20250819_01

CVE-2024-58069, CVSSv2 Score: 7.8
Description:
rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read
CVE: https://security-tracker.debian.org/tracker/CVE-2024-58069
Patch: debian11/5.10.237-1/CVE-2024-58069-rtc-pcf85063-fix-potential-oob-write-in-pcf85063-nvmem-read.patch
From: 5.10.237-1

CVE-2025-21715, CVSSv2 Score: 7.8
Description:
net: davicom: fix UAF in dm9000_drv_remove
CVE: https://security-tracker.debian.org/tracker/CVE-2025-21715
Patch: debian11/5.10.237-1/CVE-2025-21715-net-davicom-fix-uaf-in-dm9000-drv-remove.patch
From: 5.10.237-1

CVE-2025-21735, CVSSv2 Score: 7.8
Description:
NFC: nci: Add bounds checking in nci_hci_create_pipe()
CVE: https://security-tracker.debian.org/tracker/CVE-2025-21735
Patch: debian11/5.10.237-1/CVE-2025-21735-nfc-nci-add-bounds-checking-in-nci-hci-create-pipe.patch
From: 5.10.237-1

CVE-2025-21785, CVSSv2 Score:
Description:
Out of scope: ARM64 architecture isn't supported for current kernel
CVE:
Patch: skipped/CVE-2025-21785.patch
From:

CVE-2025-22056, CVSSv2 Score:
Description:
Postponed: complex analysis and adaptation required
CVE:
Patch: skipped/CVE-2025-22056.patch
From:

CVE-2024-46812, CVSSv2 Score: 7.8
Description:
drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration
CVE: https://security-tracker.debian.org/tracker/CVE-2024-46812
Patch: debian11/5.10.237-1/CVE-2024-46812-drm-amd-display-skip-inactive-planes-within-modesupportandsystemconfiguration.patch
From: 5.10.237-1

CVE-2025-37838, CVSSv2 Score: 7.8
Description:
HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition
CVE: https://security-tracker.debian.org/tracker/CVE-2025-37838
Patch: debian11/5.10.237-1/CVE-2025-37838-hsi-ssi-protocol-fix-use-after-free-vulnerability-in-ssi-protocol-driver-due-to-race-condition.patch
From: 5.10.237-1

CVE-2024-50154, CVSSv2 Score: 7.8
Description:
tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().
CVE: https://security-tracker.debian.org/tracker/CVE-2024-50154
Patch: debian11/5.10.237-1/CVE-2024-50154-tcp-dccp-don-t-use-timer-pending-in-reqsk-queue-unlink.patch
From: 5.10.237-1

CVE-2021-47247, CVSSv2 Score: 7.8
Description:
net/mlx5e: Fix use-after-free of encap entry in neigh update handler
CVE: https://security-tracker.debian.org/tracker/CVE-2021-47247
Patch: debian11/5.10.237-1/CVE-2021-47247-net-mlx5e-fix-use-after-free-of-encap-entry-in-neigh-update-handler.patch
From: 5.10.237-1

CVE-2021-47489, CVSSv2 Score: 7.8
Description:
drm/amdgpu: Fix even more out of bound writes from debugfs
CVE: https://security-tracker.debian.org/tracker/CVE-2021-47489
Patch: debian11/5.10.237-1/CVE-2021-47489-drm-amdgpu-fix-even-more-out-of-bound-writes-from-debugfs.patch
From: 5.10.237-1

CVE-2023-52752, CVSSv2 Score: 8.4
Description:
smb: client: fix use-after-free bug in cifs_debug_data_proc_show()
CVE: https://security-tracker.debian.org/tracker/CVE-2023-52752
Patch: debian11/5.10.237-1/CVE-2023-52752-smb-client-fix-use-after-free-bug-in-cifs-debug-data-proc-show.patch
From: 5.10.237-1

CVE-2024-50280, CVSSv2 Score: 7.8
Description:
dm cache: fix flushing uninitialized delayed_work on cache_ctr error
CVE: https://security-tracker.debian.org/tracker/CVE-2024-50280
Patch: debian11/5.10.237-1/CVE-2024-50280-dm-cache-fix-flushing-uninitialized-delayed-work-on-cache-ctr-error.patch
From: 5.10.237-1

CVE-2025-21858, CVSSv2 Score: 7.8
Description:
geneve: Fix use-after-free in geneve_find_dev().
CVE: https://security-tracker.debian.org/tracker/CVE-2025-21858
Patch: debian11/5.10.237-1/CVE-2025-21858-geneve-fix-use-after-free-in-geneve-find-dev.patch
From: 5.10.237-1

CVE-2025-21858, CVSSv2 Score: 7.8
Description:
geneve: Suppress list corruption splat in geneve_destroy_tunnels().
CVE: https://security-tracker.debian.org/tracker/CVE-2025-21858
Patch: debian11/5.10.237-1/CVE-2025-21858-geneve-Suppress-list-corruption-splat-in-geneve_destroy_tunnels.patch
From: 5.10.237-1

CVE-2024-57980, CVSSv2 Score: 7.8
Description:
media: uvcvideo: Fix double free in error path
CVE: https://security-tracker.debian.org/tracker/CVE-2024-57980
Patch: debian11/5.10.237-1/CVE-2024-57980-media-uvcvideo-fix-double-free-in-error-path.patch
From: 5.10.237-1

CVE-2025-21811, CVSSv2 Score: 7.8
Description:
nilfs2: protect access to buffers with no active references
CVE: https://security-tracker.debian.org/tracker/CVE-2025-21811
Patch: debian11/5.10.237-1/CVE-2025-21811-nilfs2-protect-access-to-buffers-with-no-active-references.patch
From: 5.10.237-1

CVE-2024-50047, CVSSv2 Score: 7.8
Description:
smb: client: fix UAF in async decryption
CVE: https://security-tracker.debian.org/tracker/CVE-2024-50047
Patch: debian11/5.10.237-1/CVE-2024-50047-smb-client-fix-UAF-in-async-decryption.patch
From: 5.10.237-1

CVE-2024-50047, CVSSv2 Score: 7.8
Description:
smb: client: fix NULL ptr deref in crypto_aead_setkey()
CVE: https://security-tracker.debian.org/tracker/CVE-2024-50047
Patch: debian11/5.10.237-1/CVE-2024-50047-smb-client-fix-NULL-ptr-deref-in-crypto_aead_setkey.patch
From: 5.10.237-1

CVE-2025-21731, CVSSv2 Score: 7.8
Description:
nbd: don't allow reconnect after disconnect
CVE: https://security-tracker.debian.org/tracker/CVE-2025-21731
Patch: debian11/5.10.237-1/CVE-2025-21731-nbd-don-t-allow-reconnect-after-disconnect.patch
From: 5.10.237-1

CVE-2025-21700, CVSSv2 Score: 7.8
Description:
net: sched: Disallow replacing of child qdisc from one parent to another
CVE: https://security-tracker.debian.org/tracker/CVE-2025-21700
Patch: debian11/5.10.237-1/CVE-2025-21700-net-sched-disallow-replacing-of-child-qdisc-from-one-parent-to-another.patch
From: 5.10.237-1

CVE-2025-21727, CVSSv2 Score: 7.8
Description:
padata: fix UAF in padata_reorder
CVE: https://security-tracker.debian.org/tracker/CVE-2025-21727
Patch: debian11/5.10.237-1/CVE-2025-21727-padata-fix-uaf-in-padata-reorder.patch
From: 5.10.237-1

CVE-2025-21934, CVSSv2 Score: 7.8
Description:
rapidio: fix an API misues when rio_add_net() fails
CVE: https://security-tracker.debian.org/tracker/CVE-2025-21934
Patch: debian11/5.10.237-1/CVE-2025-21934-rapidio-fix-an-api-misues-when-rio-add-net-fails.patch
From: 5.10.237-1

CVE-2025-22020, CVSSv2 Score: 7.8
Description:
memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove
CVE: https://security-tracker.debian.org/tracker/CVE-2025-22020
Patch: debian11/5.10.237-1/CVE-2025-22020-memstick-rtsx-usb-ms-fix-slab-use-after-free-in-rtsx-usb-ms-drv-remove.patch
From: 5.10.237-1

CVE-2024-46821, CVSSv2 Score: 7.8
Description:
drm/amd/pm: Fix negative array index read
CVE: https://security-tracker.debian.org/tracker/CVE-2024-46821
Patch: debian11/5.10.237-1/CVE-2024-46821-drm-amd-pm-fix-negative-array-index-read.patch
From: 5.10.237-1

CVE-2025-22035, CVSSv2 Score: 7.8
Description:
tracing: Fix use-after-free in print_graph_function_flags during tracer switching
CVE: https://security-tracker.debian.org/tracker/CVE-2025-22035
Patch: debian11/5.10.237-1/CVE-2025-22035-tracing-fix-use-after-free-in-print-graph-function-flags-during-tracer-switching.patch
From: 5.10.237-1

CVE-2024-56608, CVSSv2 Score: 7.8
Description:
drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create'
CVE: https://security-tracker.debian.org/tracker/CVE-2024-56608
Patch: debian11/5.10.237-1/CVE-2024-56608-drm-amd-display-fix-out-of-bounds-access-in-dcn21-link-encoder-create.patch
From: 5.10.237-1

CVE-2024-26928, CVSSv2 Score: 7.8
Description:
smb: client: fix potential UAF in cifs_debug_files_proc_show()
CVE: https://security-tracker.debian.org/tracker/CVE-2024-26928
Patch: debian11/5.10.237-1/CVE-2024-26928-smb-client-fix-potential-uaf-in-cifs-debug-files-proc-show.patch
From: 5.10.237-1

N/A, CVSSv2 Score:
Description:
Restrict access to pagemap/kpageflags/kpagecount
CVE: http://googleprojectzero.blogspot.ru/2015/03/exploiting-dram-rowhammer-bug-to-gain.html
Patch: 5.10.0/proc-restrict-pagemap-access.patch
From: