- kernel-uek-5.15.0-305.176.4.el8uek (oel8-uek7)
- 5.15.0-308.179.6.3.el8uek
- 2025-06-02 15:30:58
- 2025-06-04 07:41:53
- K20250602_01
- CVE-2024-56672
- Description:
blk-cgroup: Fix UAF in blkcg_unpin_online()
- CVE: https://linux.oracle.com/cve/CVE-2024-56672.html
- Patch: oel9-uek7/5.15.0-306.177.4.el9uek/CVE-2024-56672-blk-cgroup-fix-uaf-in-blkcg-unpin-online.patch
- From: 5.15.0-306.177.4.el9uek
- CVE-2024-56631
- Description:
scsi: sg: Fix slab-use-after-free read in sg_release()
- CVE: https://linux.oracle.com/cve/CVE-2024-56631.html
- Patch: oel9-uek7/5.15.0-306.177.4.el9uek/CVE-2024-56631-scsi-sg-fix-slab-use-after-free-read-in-sg-release.patch
- From: 5.15.0-306.177.4.el9uek
- CVE-2024-53162
- Description:
crypto: qat/qat_4xxx - fix off by one in uof_get_name()
- CVE: https://linux.oracle.com/cve/CVE-2024-53162.html
- Patch: oel9-uek7/5.15.0-306.177.4.el9uek/CVE-2024-53162-crypto-qat-qat-4xxx-fix-off-by-one-in-uof-get-name.patch
- From: 5.15.0-306.177.4.el9uek
- CVE-2024-36899
- Description:
gpiolib: cdev: Fix use after free in lineinfo_changed_notify
- CVE: https://linux.oracle.com/cve/CVE-2024-36899.html
- Patch: oel9-uek7/5.15.0-306.177.4.el9uek/CVE-2024-36899-gpiolib-cdev-fix-use-after-free-in-lineinfo-changed-notify.patch
- From: 5.15.0-306.177.4.el9uek
- CVE-2024-47687
- Description:
vdpa/mlx5: Fix invalid mr resource destroy
- CVE: https://linux.oracle.com/cve/CVE-2024-47687.html
- Patch: oel9-uek7/5.15.0-306.177.4.el9uek/CVE-2024-47687-vdpa-mlx5-fix-invalid-mr-resource-destroy.patch
- From: 5.15.0-306.177.4.el9uek
- CVE-2024-47707
- Description:
ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev()
- CVE: https://linux.oracle.com/cve/CVE-2024-47707.html
- Patch: oel9-uek7/5.15.0-306.177.4.el9uek/CVE-2024-47707-ipv6-avoid-possible-null-deref-in-rt6-uncached-list-flush-dev.patch
- From: 5.15.0-306.177.4.el9uek
- CVE-2024-53124
- Description:
net: fix data-races around sk->sk_forward_alloc
- CVE: https://linux.oracle.com/cve/CVE-2024-53124.html
- Patch: oel9-uek7/5.15.0-306.177.4.el9uek/CVE-2024-53124-net-fix-data-races-around-sk-sk-forward-alloc.patch
- From: 5.15.0-306.177.4.el9uek
- CVE-2024-57804
- Description:
scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs
- CVE: https://linux.oracle.com/cve/CVE-2024-57804.html
- Patch: oel9-uek7/5.15.0-306.177.4.el9uek/CVE-2024-57804-scsi-mpi3mr-fix-corrupt-config-pages-phy-state-is-switched-in-sysfs.patch
- From: 5.15.0-306.177.4.el9uek
- CVE-2024-53110
- Description:
vp_vdpa: fix id_table array not null terminated error
- CVE: https://linux.oracle.com/cve/CVE-2024-53110.html
- Patch: oel9-uek7/5.15.0-306.177.4.el9uek/CVE-2024-53110-vp-vdpa-fix-id-table-array-not-null-terminated-error.patch
- From: 5.15.0-306.177.4.el9uek
- CVE-2024-53110
- Description:
vp_vdpa: fix id_table array not null terminated error
- CVE: https://linux.oracle.com/cve/CVE-2024-53110.html
- Patch: oel9-uek7/5.15.0-306.177.4.el9uek/CVE-2024-53110-vp-vdpa-fix-id-table-array-not-null-terminated-error-kpatch.patch
- From: 5.15.0-306.177.4.el9uek
- CVE-2024-56760
- Description:
PCI/MSI: Handle lack of irqdomain gracefully
- CVE: https://linux.oracle.com/cve/CVE-2024-56760.html
- Patch: oel9-uek7/5.15.0-307.178.5.el9uek/CVE-2024-56760-pci-msi-handle-lack-of-irqdomain-gracefully.patch
- From: 5.15.0-307.178.5.el9uek
- CVE-2024-53213
- Description:
net: usb: lan78xx: Fix double free issue with interrupt buffer allocation
- CVE: https://linux.oracle.com/cve/CVE-2024-53213.html
- Patch: oel9-uek7/5.15.0-307.178.5.el9uek/CVE-2024-53213-net-usb-lan78xx-fix-double-free-issue-with-interrupt-buffer-allocation.patch
- From: 5.15.0-307.178.5.el9uek
- CVE-2024-50155
- Description:
netdevsim: use cond_resched() in nsim_dev_trap_report_work()
- CVE: https://linux.oracle.com/cve/CVE-2024-50155.html
- Patch: oel9-uek7/5.15.0-307.178.5.el9uek/CVE-2024-50155-netdevsim-use-cond-resched-in-nsim-dev-trap-report-work.patch
- From: 5.15.0-307.178.5.el9uek
- CVE-2024-41079
- Description:
nvmet-auth: complete a request only after freeing the dhchap pointers
- CVE: https://linux.oracle.com/cve/CVE-2024-41079.html
- Patch: oel9-uek7/5.15.0-307.178.5.el9uek/CVE-2024-41079-nvmet-auth-complete-a-request-only-after-freeing-the-dhchap-pointers.patch
- From: 5.15.0-307.178.5.el9uek
- CVE-2024-41079
- Description:
nvmet: always initialize cqe.result
- CVE: https://linux.oracle.com/cve/CVE-2024-41079.html
- Patch: oel9-uek7/5.15.0-307.178.5.el9uek/CVE-2024-41079-nvmet-always-initialize-cqe-result.patch
- From: 5.15.0-307.178.5.el9uek
- CVE-2024-35972
- Description:
bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init()
- CVE: https://linux.oracle.com/cve/CVE-2024-35972.html
- Patch: oel9-uek7/5.15.0-307.178.5.el9uek/CVE-2024-35972-bnxt-en-fix-possible-memory-leak-in-bnxt-rdma-aux-device-init.patch
- From: 5.15.0-307.178.5.el9uek
- CVE-2024-40919
- Description:
bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send()
- CVE: https://linux.oracle.com/cve/CVE-2024-40919.html
- Patch: oel9-uek7/5.15.0-307.178.5.el9uek/CVE-2024-40919-bnxt-en-adjust-logging-of-firmware-messages-in-case-of-released-token-in-hwrm-send.patch
- From: 5.15.0-307.178.5.el9uek
- CVE-2024-53209
- Description:
bnxt_en: Fix receive ring space parameters when XDP is active
- CVE: https://linux.oracle.com/cve/CVE-2024-53209.html
- Patch: oel9-uek7/5.15.0-307.178.5.el9uek/CVE-2024-53209-bnxt-en-fix-receive-ring-space-parameters-when-xdp-is-active.patch
- From: 5.15.0-307.178.5.el9uek
- CVE-2024-56656
- Description:
bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips
- CVE: https://linux.oracle.com/cve/CVE-2024-56656.html
- Patch: oel9-uek7/5.15.0-307.178.5.el9uek/CVE-2024-56656-bnxt-en-fix-aggregation-id-mask-to-prevent-oops-on-5760x-chips.patch
- From: 5.15.0-307.178.5.el9uek
- CVE-2024-56660
- Description:
net/mlx5: DR, prevent potential error pointer dereference
- CVE: https://linux.oracle.com/cve/CVE-2024-56660.html
- Patch: oel9-uek7/5.15.0-307.178.5.el9uek/CVE-2024-56660-net-mlx5-dr-prevent-potential-error-pointer-dereference.patch
- From: 5.15.0-307.178.5.el9uek
- CVE-2024-50215
- Description:
nvmet-auth: assign dh_key to NULL after kfree_sensitive
- CVE: https://linux.oracle.com/cve/CVE-2024-50215.html
- Patch: oel9-uek7/5.15.0-307.178.5.el9uek/CVE-2024-50215-nvmet-auth-assign-dh-key-to-null-after-kfree-sensitive.patch
- From: 5.15.0-307.178.5.el9uek
- CVE-2024-46842
- Description:
scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info
- CVE: https://linux.oracle.com/cve/CVE-2024-46842.html
- Patch: oel9-uek7/5.15.0-307.178.5.el9uek/CVE-2024-46842-scsi-lpfc-Handle-mailbox-timeouts-in-lpfc_get_sfp_info.patch
- From: 5.15.0-307.178.5.el9uek
- CVE-2024-44984
- Description:
bnxt_en: Fix double DMA unmapping for XDP_REDIRECT
- CVE: https://linux.oracle.com/cve/CVE-2024-44984.html
- Patch: oel9-uek7/5.15.0-307.178.5.el9uek/CVE-2024-44984-bnxt_en-Fix-double-DMA-unmapping-for-XDP_REDIRECT.patch
- From: 5.15.0-307.178.5.el9uek
- CVE-2024-56583
- Description:
sched/deadline: Fix warning in migrate_enable for boosted tasks
- CVE: https://linux.oracle.com/cve/CVE-2024-56583.html
- Patch: oel9-uek7/5.15.0-308.179.6.el9uek/CVE-2024-56583-sched-deadline-fix-warning-in-migrate-enable-for-boosted-tasks.patch
- From: 5.15.0-308.179.6.el9uek
- CVE-2024-28956
- Description:
Postponed: complex analysis and adaptation required
- CVE:
- Patch: skipped/CVE-2024-28956.patch
- From:
- N/A
- Description:
kpatch add alt asm definitions
- CVE: https://www.kernel.org
- Patch: 5.15.0/kpatch-add-alt-asm-definitions.patch
- From: N/A
- N/A
- Description:
kpatch add paravirt asm definitions
- CVE: N/A
- Patch: 5.15.0/kpatch-add-paravirt-asm-definitions.patch
- From: N/A