- kernel-2.6.32-954.3.5.lve1.4.66.el6 (cl6)
- 2.6.32-954.3.5.lve1.4.87.el6
- 2022-08-31 03:57:17
- CVE N/A, CVSSv2 Score: N/A
- Description:
tcp: check skb tailroom before collapsing
- Patch: 2.6.32/CKSIX-224.patch
- From: >2.6.32-954.3.5.lve1.4.66.el6
- CVE CVE-2017-17805, CVSSv2 Score: 5.5
- Description:
[crypto] salsa20 - fix blkcipher_walk API usage
- Patch: 2.6.32/crypto-salsa20-fix-blkcipher_walk-API-usage.patch
- From: 2.6.32-754.18.2.el6
- CVE CVE-2019-5489, CVSSv2 Score: 7.1
- Description:
[mm] mincore.c: make mincore() more conservative
- Patch: 2.6.32/mm-mincore.c-make-mincore-more-conservative.patch
- From: 2.6.32-754.18.2.el6
- CVE CVE-2018-17972, CVSSv2 Score: 3.3
- Description:
[fs] proc: restrict kernel stack dumps to root
- Patch: 2.6.32/proc-restrict-kernel-stack-dumps-to-root.patch
- From: 2.6.32-754.18.2.el6
- CVE , CVSSv2 Score:
- Description:
- Patch: 2.6.32/cl6-adjust-context-in-arch-x86-kernel-entry_64.S-1-4.67.patch
- From:
- CVE , CVSSv2 Score:
- Description:
- Patch: 2.6.32/kpatch-entry_64-include.patch
- From:
- CVE CVE-2019-1125, CVSSv2 Score: 5.9
- Description:
[x86] x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations
- Patch: 2.6.32/swapgs-fix.patch
- From: 2.6.32-754.18.2.el6
- CVE , CVSSv2 Score:
- Description:
map kpatch code that patch .entry.text section code
- Patch: 2.6.32/kpatch_map_kaiser_kp_text-no-kaiser_enabled.patch
- From:
- CVE , CVSSv2 Score:
- Description:
- Patch: 2.6.32/CKSIX-230-tcp-fix-retransmit-of-partially-acked-fram.patch
- From:
- CVE , CVSSv2 Score:
- Description:
- Patch: 2.6.32/CKSIX-230-tcp-fix-skb_availroom.patch
- From:
- CVE CVE-2019-14835, CVSSv2 Score: 7.2
- Description:
host: make sure log_num < in_num
- Patch: 2.6.32/CVE-2019-14835-vhost-make-sure-log_num-in_num.patch
- From: >2.6.32-754.22.1.el6
- CVE CVE-2019-11810, CVSSv2 Score: 6.2
- Description:
scsi: megaraid_sas: return error when create DMA pool failed
- Patch: 2.6.32/CVE-2019-11810.patch
- From: kernel-2.6.32-754.22.1.el6
- CVE CVE-2018-9568, CVSSv2 Score: 7
- Description:
net: Set sk_prot_creator when cloning sockets to the right proto
- Patch: 2.6.32/CVE-2018-9568-el6.patch
- From: 2.6.32-754.22.1.el6
- CVE CVE-2019-17055, CVSSv2 Score: 3.3
- Description:
mISDN: enforce CAP_NET_RAW for raw sockets
- Patch: 2.6.32/CVE-2019-17055.patch
- From: 2.6.39-400.317.1.el6uek
- CVE CVE-2019-17133, CVSSv2 Score: 8.8
- Description:
cfg80211: wext: avoid copying malformed SSIDs
- Patch: 2.6.32/cve-2019-17133-cfg80211-wext-avoid-copying-malformed-SSID.patch
- From: kernel-2.6.32-754.28.1.el6
- CVE CVE-2018-12207, CVSSv2 Score: 6.5
- Description:
kvm: mmu: ITLB_MULTIHIT mitigation (adaptation)
- Patch: 2.6.32/CVE-2018-12207-mitigation.patch
- From: kernel-2.6.32-754.23.1.el6
- CVE CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [1/13]
- Patch: 2.6.32/i915/1171-drm-drm-i915-gtt-Add-read-only-pages-to-gen8_pte_enc.patch
- From: 2.6.32-754.24.3.el6
- CVE CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [2/13] (kcare adaptation)
- Patch: 2.6.32/i915/1172-drm-erm-i915-gtt-Read-only-pages-for-insert_entries-.patch
- From: 2.6.32-754.24.3.el6
- CVE CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [3/13]
- Patch: 2.6.32/i915/1173-drm-drm-i915-gtt-Disable-read-only-support-under-GVT.patch
- From: 2.6.32-754.24.3.el6
- CVE CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [4/13]
- Patch: 2.6.32/i915/1174-drm-drm-i915-Rename-gen7-cmdparser-tables.patch
- From: 2.6.32-754.24.3.el6
- CVE CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [5/13]
- Patch: 2.6.32/i915/1175-drm-drm-i915-Disable-Secure-Batches-for-gen6.patch
- From: 2.6.32-754.24.3.el6
- CVE CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [6/13] (kcare adaptation)
- Patch: 2.6.32/i915/1176-drm-drm-i915-Remove-Master-tables-from-cmdparser.patch
- From: 2.6.32-754.24.3.el6
- CVE CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [7/13] (kcare adaptation)
- Patch: 2.6.32/i915/1177-drm-drm-i915-Add-support-for-mandatory-cmdparsing.patch
- From: 2.6.32-754.24.3.el6
- CVE CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [8/13]
- Patch: 2.6.32/i915/1178-drm-drm-i915-Support-ro-ppgtt-mapped-cmdparser-shado.patch
- From: 2.6.32-754.24.3.el6
- CVE CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [9/13]
- Patch: 2.6.32/i915/1179-drm-drm-i915-Allow-parsing-of-unsized-batches.patch
- From: 2.6.32-754.24.3.el6
- CVE CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [10/13] (kcare adaptation)
- Patch: 2.6.32/i915/1180-drm-drm-i915-Add-gen9-BCS-cmdparsing.patch
- From: 2.6.32-754.24.3.el6
- CVE CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [11/13] (kcare adaptation)
- Patch: 2.6.32/i915/1181-drm-drm-i915-cmdparser-Add-support-for-backward-jump.patch
- From: 2.6.32-754.24.3.el6
- CVE CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [12/13] (kcare adaptation)
- Patch: 2.6.32/i915/1182-drm-drm-i915-cmdparser-Ignore-Length-operands-during.patch
- From: 2.6.32-754.24.3.el6
- CVE CVE-2019-0154, CVSSv2 Score: 6.5
- Description:
fixed possible hw level crash if MMIO registers were read while the i915 GPU was in a low-power state [1/2] (kcare adaptation)
- Patch: 2.6.32/i915/1183-drm-drm-i915-gen8-Add-RC6-CTX-corruption-WA.patch
- From: 2.6.32-754.24.3.el6
- CVE CVE-2019-0154, CVSSv2 Score: 6.5
- Description:
fixed possible hw level crash if MMIO registers were read while the i915 GPU was in a low-power state [2/2]
- Patch: 2.6.32/i915/1184-drm-drm-i915-Lower-RM-timeout-to-avoid-DSI-hard-hang.patch
- From: 2.6.32-754.24.3.el6
- CVE CVE-2019-0155, CVSSv2 Score: 8.8
- Description:
fixed possible memory corruption or privilege escalation for i915 gpu [13/13]
- Patch: 2.6.32/i915/1195-drm-drm-i915-cmdparser-Fix-jump-whitelist-clearing-le-754.23.1.patch
- From: 2.6.32-754.24.3.el6
- CVE CVE-2019-14821, CVSSv2 Score: 7.0
- Description:
KVM: MMIO: Lock coalesced device when checking for available entry
- Patch: 2.6.32/CVE-2019-14821-1.patch
- From: 2.6.32-754.25.1.el6
- CVE CVE-2019-14821, CVSSv2 Score: 7.0
- Description:
KVM: coalesced_mmio: add bounds checking
- Patch: 2.6.32/CVE-2019-14821-2.patch
- From: 2.6.32-754.25.1.el6
- CVE CVE-2017-6951, CVSSv2 Score: 5.5
- Description:
KEYS: Change the name of the dead type to ".dead" to prevent user access
- Patch: 3.13.0/422472-KEYS-Change-the-name-of-the-dead-type-to-.dead-to-.patch
- From: kernel-3.13.0-130.179
- CVE CVE-2017-6951, CVSSv2 Score: 5.5
- Description:
KEYS: Change the name of the dead type to ".dead" to prevent user access (kpatch adaptation)
- Patch: 2.6.32/422472-KEYS-Change-the-name-of-the-dead-type-to-.dead-to-kpatch-1.patch
- From: kernel-3.13.0-130.179
- CVE CVE-2021-22555, CVSSv2 Score: 7.8
- Description:
netfilter: x_tables: fix compat match/target pad out-of-bound write
- Patch: 2.6.32/CVE-2021-22555.patch
- From: v5.12
- CVE CVE-2020-0543, CVSSv2 Score: 6.5
- Description:
x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation
- Patch: srbds-enable.patch
- From: N/A
- CVE CVE-2017-1000371, CVSSv2 Score: 7.8
- Description:
binfmt_elf: use ELF_ET_DYN_BASE only for PIE
- Patch: rhel6/kernel-2.6.32-754.29.1.el6/CVE-2017-1000371-binfmt-elf-use-elf-et-dyn-base-only-for-pie-openvz.patch
- From: kernel-2.6.32-754.29.1.el6
- CVE CVE-2019-17666, CVSSv2 Score: 6.3
- Description:
rtlwifi: Fix potential overflow on P2P code
- Patch: rhel6/kernel-2.6.32-754.29.1.el6/CVE-2019-17666-rtlwifi-Fix-potential-overflow-on-P2P-code.patch
- From: kernel-2.6.32-754.29.1.el6
- CVE CVE-2019-14896, CVSSv2 Score: 9.8
- Description:
more overflows in marvell wifi driver
- Patch: 2.6.32/cve-2019-14896-14897-fix-two-buffer-overflows-at-parsing-bss-desc.patch
- From: kernel-2.6.32-754.33.1
- CVE CVE-2019-11487, CVSSv2 Score: 7.8
- Description:
prevent page refcount overflow
- Patch: 2.6.32/cve-2019-11487.patch
- From: kernel-2.6.32-754.35.1.el6
- CVE CVE-2014-4508, CVSSv2 Score:
- Description:
- Patch: skipped/CVE-2014-4508.patch
- From:
- CVE CVE-2021-27365, CVSSv2 Score: 7.0
- Description:
sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output
- Patch: 2.6.32/CVE-2021-27365-sysfs-Add-sysfs_emit-and-sysfs_emit_at-to-format-sys-CL.patch
- From: 2.6.32-754.35.3.el6
- CVE CVE-2021-27364 CVE-2021-27363, CVSSv2 Score: 6.3
- Description:
scsi: iscsi: Restrict sessions and handles to admin capabilities
- Patch: 2.6.32/CVE-2021-27363-CVE-2021-27364-scsi-iscsi-Restrict-sessions-and-handles-to-admin-ca.patch
- From: 2.6.32-754.35.3.el6
- CVE CVE-2021-27365, CVSSv2 Score: 7.0
- Description:
scsi: iscsi: Verify lengths on passthrough PDU
- Patch: 2.6.32/CVE-2021-27365-scsi-iscsi-Verify-lengths-on-passthrough-PDUs.patch
- From: 2.6.32-754.35.3.el6
- CVE CVE-2021-27365, CVSSv2 Score: 7.0
- Description:
scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE
- Patch: 2.6.32/CVE-2021-27365-scsi-iscsi-Ensure-sysfs-attributes-are-limited-to-PA.patch
- From: 2.6.32-754.35.3.el6
- CVE CVE-2020-29661, CVSSv2 Score: 7.8
- Description:
tty: Fix ->pgrp locking in tiocspgrp()
- Patch: 2.6.32/CVE-2020-29661-tty-Fix-pgrp-locking-in-tiocspgrp.patch
- From: 2.6.32-754.39.1
- CVE CVE-2021-20265, CVSSv2 Score: 5.1
- Description:
af_unix: fix struct pid memory leak
- Patch: 2.6.32/CVE-2021-20265-0001-af_unix-fix-struct-pid-memory-leak.patch
- From: 2.6.32-754.39.1.el6
- CVE CVE-2021-33909, CVSSv2 Score:
- Description:
- Patch: skipped/CVE-2021-33909.patch
- From:
- CVE CVE-2020-12362, CVSSv2 Score:
- Description:
- Patch: skipped/CVE-2020-12362.patch
- From:
- CVE CVE-2021-3347, CVSSv2 Score: 7.4
- Description:
futex: Handle faults correctly for PI futexes
- Patch: 2.6.32/CVE-2021-3347-futex-Handle-faults-correctly-for-PI-futexes.patch
- From: >2.6.32-754.35.1
- CVE CVE-2021-3347, CVSSv2 Score: 7.4
- Description:
futex: Provide and use pi_state_update_owner()
- Patch: 2.6.32/CVE-2021-3347-futex-Provide-and-use-pi_state_update_owner.patch
- From: >2.6.32-754.35.1
- CVE CVE-2020-36385, CVSSv2 Score: 7.8
- Description:
RDMA/ucma: Put a lock around every call to the rdma_cm layer
- Patch: 2.6.32/CVE-2020-36385-1201-RDMA-ucma-Put-a-lock-around-every-call-to-the-rdma_cm_layer.patch
- From: 2.6.32-754.35.8.el6
- CVE CVE-2020-36385, CVSSv2 Score: n/a
- Description:
RDMA/ucma: Put a lock around every call to the rdma_cm layer (adaptation)
- Patch: 2.6.32/CVE-2020-36385-1201-RDMA-ucma-Put-a-lock-around-every-call-to-the-rdma_cm_layer-kpatch.patch
- From: 2.6.32-754.35.8.el6
- CVE CVE-2020-36385, CVSSv2 Score: 7.8
- Description:
RDMA/cma: Add missing locking to rdma_accept()
- Patch: 2.6.32/CVE-2020-36385-1202-RDMA-ucma-Add-missing-locking-to-rdma_accept.patch
- From: 2.6.32-754.35.8.el6
- CVE CVE-2020-36385, CVSSv2 Score: 7.8
- Description:
RDMA/ucma: Fix the locking of ctx->file
- Patch: 2.6.32/CVE-2020-36385-1203-RDMA-ucma-Fix-the-locking-of-ctx-file.patch
- From: 2.6.32-754.35.8.el6
- CVE CVE-2020-36385, CVSSv2 Score: 7.8
- Description:
RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy
- Patch: 2.6.32/CVE-2020-36385-1205-RDMA-ucma-Rework-ucma_migrate_id-to-avoid-races-with.patch
- From: 2.6.32-754.35.8.el6
- CVE CVE-2021-32399, CVSSv2 Score: 7.0
- Description:
bluetooth: eliminate the potential race condition
- Patch: 2.6.32/CVE-2021-32399-bluetooth-eliminate-the-po.patch
- From: 2.6.32-754.35.8.el6
- CVE CVE-2020-0466, CVSSv2 Score: 7.8
- Description:
epoll: Keep a reference on files added to the check list
- Patch: 2.6.32/CVE-2020-0466-epoll-Keep-a-reference-on-files-added-to-the-check-954.patch
- From: 2.6.32-754.35.1.el6
- CVE CVE-2021-0920, CVSSv2 Score: 6.4
- Description:
af_unix: fix garbage collect vs MSG_PEEK
- Patch: 2.6.32/CVE-2021-0920-af_unix-fix-garbage-collect-vs-MSG_PEEK.patch
- From: 2.6.32-754.35.1.el6
- CVE CVE-2021-0920, CVSSv2 Score: 6.4
- Description:
af_unix: fix garbage collect vs MSG_PEEK (adaptation)
- Patch: 3.10.0/CVE-2021-0920-kpatch.patch
- From: 4.1.12-124.59.1.2
- CVE CVE-2021-4155, CVSSv2 Score: 5.5
- Description:
xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like
- Patch: 2.6.32/CVE-2021-4155-xfs-map-unwritten-blocks-in-XFS_IOC_ALLOC-FREESP-just-like.patch
- From: 2.6.32-754.35.8.el6
- CVE CVE-2022-0492, CVSSv2 Score: 7.8
- Description:
cgroup-v1: Require capabilities to set release_agent
- Patch: 2.6.32/CVE-2022-0492-cgroup-v1-Require-capabilities-to-set-release_agent-openvz.patch
- From: 2.6.32-954.3.5.lve1.4.89.el6
- CVE CVE-2021-22543, CVSSv2 Score: 7.8
- Description:
KVM: do not allow mapping valid but non-reference-counted pages
- Patch: 2.6.32/CVE-2021-22543-KVM-do-not-allow-mapping-valid-but-non-reference-co-954.patch
- From: 2.6.32-754.48.1.el6
- CVE CVE-2020-11565, CVSSv2 Score: 7.8
- Description:
mm: mempolicy: require at least one nodeid for MPOL_PREFERRED
- Patch: 2.6.32/cve-2020-11565-mempolicy-require-at-least-one-nodeid.patch
- From: kernel-2.6.32-754.29.1.el6
- CVE CVE-2020-10942, CVSSv2 Score: 5.3
- Description:
vhost: Check docket sk_family instead of call getname
- Patch: 2.6.32/cve-2020-10942-vhost-check-docket-sk_family.patch
- From: kernel-2.6.32-754.29.1.el6
- CVE , CVSSv2 Score:
- Description:
Restrict access to pagemap/kpageflags/kpagecount
- Patch: 2.6.32/proc-restrict-pagemap-access.patch
- From:
- CVE , CVSSv2 Score:
- Description:
vmx_vcpu_run wrapper
- Patch: 2.6.32/x86-kvm-vmx_vcpu_run-wrapper.patch
- From:
- CVE , CVSSv2 Score:
- Description:
- Patch: 2.6.32/kpatch-add-paravirt-asm-definitions.patch
- From: