- kernel-uek-5.4.17-2136.346.6.el8uek (oel8-uek6)
- 5.4.17-2136.347.6.el8uek
- 2025-09-17 22:07:32
- 2025-09-19 06:50:46
- K20250917_25
- CVE-2025-38083
- Description:
net_sched: prio: fix a race in prio_tune()
- CVE: https://linux.oracle.com/cve/CVE-2025-38083.html
- Patch: oel8-uek6/5.4.17-2136.347.6.el8uek/CVE-2025-38083-net-sched-prio-fix-a-race-in-prio-tune.patch
- From: 5.4.17-2136.347.6.el8uek
- CVE-2025-38108
- Description:
net_sched: red: fix a race in __red_change()
- CVE: https://linux.oracle.com/cve/CVE-2025-38108.html
- Patch: oel8-uek6/5.4.17-2136.347.6.el8uek/CVE-2025-38108-net-sched-red-fix-a-race-in-red-change.patch
- From: 5.4.17-2136.347.6.el8uek
- CVE-2025-38430
- Description:
nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request
- CVE: https://linux.oracle.com/cve/CVE-2025-38430.html
- Patch: oel8-uek6/5.4.17-2136.347.6.el8uek/CVE-2025-38430-nfsd-nfsd4-spo-must-allow-must-check-this-is-a-v4-compound-request.patch
- From: 5.4.17-2136.347.6.el8uek
- CVE-2025-38336
- Description:
ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330
- CVE: https://linux.oracle.com/cve/CVE-2025-38336.html
- Patch: oel8-uek6/5.4.17-2136.347.6.el8uek/CVE-2025-38336-ata-pata-via-force-pio-for-atapi-devices-on-vt6415-vt6330.patch
- From: 5.4.17-2136.347.6.el8uek
- CVE-2025-38214
- Description:
fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var
- CVE: https://linux.oracle.com/cve/CVE-2025-38214.html
- Patch: oel8-uek6/5.4.17-2136.347.6.el8uek/CVE-2025-38214-fbdev-fix-fb-set-var-to-prevent-null-ptr-deref-in-fb-videomode-to-var.patch
- From: 5.4.17-2136.347.6.el8uek
- CVE-2025-38212
- Description:
ipc: fix to protect IPCS lookups using RCU
- CVE: https://linux.oracle.com/cve/CVE-2025-38212.html
- Patch: oel8-uek6/5.4.17-2136.347.6.el8uek/CVE-2025-38212-ipc-fix-to-protect-ipcs-lookups-using-rcu.patch
- From: 5.4.17-2136.347.6.el8uek
- CVE-2025-38086
- Description:
net: ch9200: fix uninitialised access during mii_nway_restart
- CVE: https://linux.oracle.com/cve/CVE-2025-38086.html
- Patch: oel8-uek6/5.4.17-2136.347.6.el8uek/CVE-2025-38086-net-ch9200-fix-uninitialised-access-during-mii-nway-restart.patch
- From: 5.4.17-2136.347.6.el8uek
- CVE-2025-38332
- Description:
scsi: lpfc: Use memcpy() for BIOS version
- CVE: https://linux.oracle.com/cve/CVE-2025-38332.html
- Patch: oel8-uek6/5.4.17-2136.347.6.el8uek/CVE-2025-38332-scsi-lpfc-use-memcpy-for-bios-version.patch
- From: 5.4.17-2136.347.6.el8uek
- CVE-2025-38200
- Description:
i40e: fix MMIO write access to an invalid page in i40e_clear_hw
- CVE: https://linux.oracle.com/cve/CVE-2025-38200.html
- Patch: oel8-uek6/5.4.17-2136.347.6.el8uek/CVE-2025-38200-i40e-fix-mmio-write-access-to-an-invalid-page-in-i40e-clear-hw.patch
- From: 5.4.17-2136.347.6.el8uek
- CVE-2025-38194
- Description:
jffs2: check that raw node were preallocated before writing summary
- CVE: https://linux.oracle.com/cve/CVE-2025-38194.html
- Patch: oel8-uek6/5.4.17-2136.347.6.el8uek/CVE-2025-38194-jffs2-check-that-raw-node-were-preallocated-before-writing-summary.patch
- From: 5.4.17-2136.347.6.el8uek
- CVE-2025-38328
- Description:
jffs2: check jffs2_prealloc_raw_node_refs() result in few other places
- CVE: https://linux.oracle.com/cve/CVE-2025-38328.html
- Patch: oel8-uek6/5.4.17-2136.347.6.el8uek/CVE-2025-38328-jffs2-check-jffs2-prealloc-raw-node-refs-result-in-few-other-places.patch
- From: 5.4.17-2136.347.6.el8uek
- CVE-2025-38420
- Description:
wifi: carl9170: do not ping device which has failed to load firmware
- CVE: https://linux.oracle.com/cve/CVE-2025-38420.html
- Patch: oel8-uek6/5.4.17-2136.347.6.el8uek/CVE-2025-38420-wifi-carl9170-do-not-ping-device-which-has-failed-to-load-firmware.patch
- From: 5.4.17-2136.347.6.el8uek
- CVE-2025-38324
- Description:
mpls: Use rcu_dereference_rtnl() in mpls_route_input_rcu().
- CVE: https://linux.oracle.com/cve/CVE-2025-38324.html
- Patch: oel8-uek6/5.4.17-2136.347.6.el8uek/CVE-2025-38324-mpls-use-rcu-dereference-rtnl-in-mpls-route-input-rcu.patch
- From: 5.4.17-2136.347.6.el8uek
- CVE-2025-38184
- Description:
tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer
- CVE: https://linux.oracle.com/cve/CVE-2025-38184.html
- Patch: oel8-uek6/5.4.17-2136.347.6.el8uek/CVE-2025-38184-tipc-fix-null-ptr-deref-when-acquiring-remote-ip-of-ethernet-bearer.patch
- From: 5.4.17-2136.347.6.el8uek
- CVE-2025-38181
- Description:
calipso: Fix null-ptr-deref in calipso_req_{set,del}attr().
- CVE: https://linux.oracle.com/cve/CVE-2025-38181.html
- Patch: oel8-uek6/5.4.17-2136.347.6.el8uek/CVE-2025-38181-calipso-fix-null-ptr-deref-in-calipso-req-set-del-attr.patch
- From: 5.4.17-2136.347.6.el8uek
- CVE-2025-38323
- Description:
net: atm: add lec_mutex
- CVE: https://linux.oracle.com/cve/CVE-2025-38323.html
- Patch: oel8-uek6/5.4.17-2136.347.6.el8uek/CVE-2025-38323-net-atm-add-lec-mutex.patch
- From: 5.4.17-2136.347.6.el8uek
- CVE-2025-38180
- Description:
net: atm: fix /proc/net/atm/lec handling
- CVE: https://linux.oracle.com/cve/CVE-2025-38180.html
- Patch: oel8-uek6/5.4.17-2136.347.6.el8uek/CVE-2025-38180-net-atm-fix-proc-net-atm-lec-handling.patch
- From: 5.4.17-2136.347.6.el8uek
- CVE-2025-37958
- Description:
mm/huge_memory: fix dereferencing invalid pmd migration entry
- CVE: https://linux.oracle.com/cve/CVE-2025-37958.html
- Patch: oel8-uek6/5.4.17-2136.347.6.el8uek/CVE-2025-37958-mm-huge-memory-fix-dereferencing-invalid-pmd-migration-entry.patch
- From: 5.4.17-2136.347.6.el8uek
- CVE-2025-38337
- Description:
jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata()
- CVE: https://linux.oracle.com/cve/CVE-2025-38337.html
- Patch: oel8-uek6/5.4.17-2136.347.6.el8uek/CVE-2025-38337-jbd2-fix-data-race-and-null-ptr-deref-in-jbd2-journal-dirty-metadata.patch
- From: 5.4.17-2136.347.6.el8uek
- CVE-2025-38424
- Description:
perf: Fix sample vs do_exit()
- CVE: https://linux.oracle.com/cve/CVE-2025-38424.html
- Patch: oel8-uek6/5.4.17-2136.347.6.el8uek/CVE-2025-38424-perf-fix-sample-vs-do-exit.patch
- From: 5.4.17-2136.347.6.el8uek
- n/a
- Description:
x86/xen: Add xenpv_restore_regs_and_return_to_usermode()
- CVE: n/a
- Patch: 5.4.17/x86-xen-Add-xenpv_restore_regs_and_return_to_usermode.patch
- From: v5.16
- N/A
- Description:
kpatch add alt asm definitions
- CVE: N/A
- Patch: 5.11.0/kpatch-add-alt-asm-definitions.patch
- From: N/A
- N/A
- Description:
kpatch add paravirt asm definitions
- CVE: N/A
- Patch: 5.11.0/kpatch-add-paravirt-asm-definitions.patch
- From: N/A
- N/A
- Description:
Restrict access to pagemap/kpageflags/kpagecount
- CVE: http://googleprojectzero.blogspot.ru/2015/03/exploiting-dram-rowhammer-bug-to-gain.html
- Patch: 4.15.0/proc-restrict-pagemap-access.patch
- From: N/A