KernelCare Directory

pve-kernel-5.3.13-1-pve_5.3.13-1 (pve-6)
Kernel Update Version: 5.4.189-2-pve-5.4.189-2
Release Date: 2022-07-07 11:37:27

CVE , CVSSv2 Score:
Description:
Patch: 4.15.0/CVE-2019-0154-CVE-2019-14615-helper.patch
From:

CVE CVE-2019-14615, CVSSv2 Score: 5.5
Description:
drm/i915/gen9: Clear residual context state on context switch
Patch: 5.0.0/CVE-2019-14615-drm-i915-gen9-Clear-residual-context-state-on-context-switch.patch
From: kernel-kernel-5.3.0-28.30~18.04.1

CVE , CVSSv2 Score:
Description:
Patch: 5.0.0/CVE-2019-14615-kpatch.patch
From:

CVE CVE-2019-20812, CVSSv2 Score: 4.4
Description:
af_packet: set defaule value for tmo
Patch: 4.14.0/cve-2019-20812-af_packet-set-default-value-for-tmo.patch
From: 4.14.35-1902.306.2

CVE CVE-2019-15291, CVSSv2 Score: 4.6
Description:
media: b2c2-flexcop-usb: add sanity checking
Patch: 5.3.0/CVE-2019-15291-media-b2c2-flexcop-usb-add-sanity-checking.patch
From: 5.3.0-40.32~18.04.1

CVE CVE-2019-19050, CVSSv2 Score: 7.5
Description:
crypto: user - fix memory leak in crypto_reportstat
Patch: 5.3.0/CVE-2019-19050-crypto-user-fix-memory-leak-in-crypto_reportstat.patch
From: 5.3.0-40.32~18.04.1

CVE CVE-2019-19062, CVSSv2 Score: 7.5
Description:
crypto: user - fix memory leak in crypto_report
Patch: 5.3.0/CVE-2019-19062-crypto-user-fix-memory-leak-in-crypto_report.patch
From: 5.3.0-40.32~18.04.1

CVE CVE-2019-19947, CVSSv2 Score: 4.6
Description:
can: kvaser_usb: kvaser_usb_leaf: Fix some info-leaks to USB devices
Patch: 5.3.0/CVE-2019-19947-can-kvaser_usb-kvaser_usb_leaf-Fix-some-info-leaks-to-USB-devices.patch
From: 5.3.0-40.32~18.04.1

CVE CVE-2019-19071, CVSSv2 Score: 7.5
Description:
rsi: release skb if rsi_prepare_beacon fails
Patch: 5.3.0/CVE-2019-19071-rsi-release-skb-if-rsi_prepare_beacon-fails.patch
From: 5.3.0-40.32~18.04.1

CVE CVE-2019-19078, CVSSv2 Score: 7.5
Description:
ath10k: fix memory leak
Patch: 5.3.0/CVE-2019-19078-ath10k-fix-memory-leak.patch
From: 5.3.0-40.32~18.04.1

CVE CVE-2019-19332, CVSSv2 Score: 6.1
Description:
KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID
Patch: 5.3.0/CVE-2019-19332-KVM-x86-fix-out-of-bounds-write-in-KVM_GET_EMULATED_CPUID.patch
From: 5.3.0-40.32~18.04.1

CVE CVE-2019-19767, CVSSv2 Score: 5.5
Description:
ext4: add more paranoia checking in ext4_expand_extra_isize handling
Patch: 5.3.0/CVE-2019-19767-ext4-add-more-paranoia-checking-in-ext4_expand_extra_isize-handling.patch
From: 5.3.0-40.32~18.04.1

CVE CVE-2019-15099, CVSSv2 Score: 7.5
Description:
ath10k: Fix a NULL-ptr-deref bug in ath10k_usb_alloc_urb_from_pipe
Patch: 5.3.0/CVE-2019-15099-ath10k-Fix-a-NULL-ptr-deref-bug-in-ath10k_usb_alloc_urb_from_pipe.patch
From: 5.3.0-40.32~18.04.1

CVE CVE-2019-18683, CVSSv2 Score: 7.0
Description:
media: vivid: Fix wrong locking that causes race conditions on streaming stop
Patch: 5.3.0/CVE-2019-18683-media-vivid-Fix-wrong-locking-that-causes-race-conditions-on-streaming-stop.patch
From: 5.3.0-40.32~18.04.1

CVE CVE-2019-18811, CVSSv2 Score: 7.5
Description:
ASoC: SOF: ipc: Fix memory leak in sof_set_get_large_ctrl_data
Patch: 5.3.0/CVE-2019-18811-ASoC-SOF-ipc-Fix-memory-leak-in-sof_set_get_large_ctrl_data.patch
From: 5.3.0-40.32~18.04.1

CVE CVE-2019-19241, CVSSv2 Score: 7.8
Description:
io_uring: async workers should inherit the user creds
Patch: 5.3.0/CVE-2019-19241-io_uring-async-workers-should-inherit-the-user-creds.patch
From: 5.3.0-40.32~18.04.1

CVE CVE-2019-19241, CVSSv2 Score: 7.8
Description:
net: separate out the msghdr copy from ___sys_{send,recv}msg()
Patch: 5.3.0/CVE-2019-19241-net-separate-out-the-msghdr-copy-from-___sys_send-recv-msg.patch
From: 5.3.0-40.32~18.04.1

CVE CVE-2019-19241, CVSSv2 Score: 7.8
Description:
net: disallow ancillary data for __sys_{send,recv}msg_file()
Patch: 5.3.0/CVE-2019-19241-net-disallow-ancillary-data-for__sys_send-recv-msg_file.patch
From: 5.3.0-40.32~18.04.1

CVE CVE-2019-19077, CVSSv2 Score: 7.5
Description:
RDMA: Fix goto target to release the allocated memory
Patch: 5.3.0/CVE-2019-19077-RDMA-Fix-goto-target-to-release-the-allocated-memory.patch
From: 5.3.0-40.32~18.04.1

CVE CVE-2019-19082, CVSSv2 Score: 7.5
Description:
drm/amd/display: prevent memory leak
Patch: 5.3.0/CVE-2019-19082-drm-amd-display-prevent-memory-leak.patch
From: 5.3.0-40.32~18.04.1

CVE CVE-2019-19252, CVSSv2 Score: 7.8
Description:
vcs: prevent write access to vcsu devices
Patch: 5.3.0/CVE-2019-19252-vcs-prevent-write-access-to-vcsu-devices.patch
From: 5.3.0-40.32~18.04.1

CVE CVE-2019-19602, CVSSv2 Score: 7.8
Description:
x86/fpu: Don't cache access to fpu_fpregs_owner_ctx
Patch: 5.3.0/CVE-2019-19602-x86-fpu-Dont-cache-access-to-fpu_fpregs_owner_ctx.patch
From: 5.3.0-40.32~18.04.1

CVE CVE-2019-16232, CVSSv2 Score: 7.5
Description:
libertas: fix a potential NULL pointer dereference
Patch: 5.3.0/CVE-2019-16232-libertas-fix-a-potential-NULL-pointer-dereference.patch
From: 5.3.0-40.32~18.04.1

CVE CVE-2019-18786, CVSSv2 Score: 5.5
Description:
media: rcar_drif: fix a memory disclosure
Patch: 5.3.0/CVE-2019-18786-media-rcar_drif-fix-a-memory-disclosure.patch
From: 5.3.0-40.32~18.04.1

CVE CVE-2019-19965, CVSSv2 Score: 4.6
Description:
scsi: libsas: stop discovering if oob mode is disconnected
Patch: 5.3.0/CVE-2019-19965-scsi-libsas-stop-discovering-if-oob-mode-is-disconnected.patch
From: 5.3.0-40.32~18.04.1

CVE CVE-2019-16229, CVSSv2 Score: 7.5
Description:
drm/amdkfd: fix a potential NULL pointer dereference (v2)
Patch: 5.3.0/CVE-2019-16229-drm-amdkfd-fix-a-potential-NULL-pointer-dereference.patch
From: 5.3.0-40.32~18.04.1

CVE CVE-2019-19057, CVSSv2 Score: 3.3
Description:
mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring
Patch: 5.3.0/CVE-2019-19057-mwifiex-pcie-Fix-memory-leak-in-mwifiex_pcie_init_evt_ring.patch
From: 5.3.0-40.32~18.04.1

CVE CVE-2019-19063, CVSSv2 Score: 7.5
Description:
rtlwifi: prevent memory leak in rtl_usb_probe
Patch: 5.3.0/CVE-2019-19063-rtlwifi-prevent-memory-leak-in-rtl_usb_probe.patch
From: 5.3.0-40.32~18.04.1

CVE , CVSSv2 Score:
Description:
net: icmp: fix data-race in cmp_global_allow()
Patch: 4.15.0/CVE-2020-25705-net-icmp-fix-data-race-in-cmp_global_allow.patch
From: kernel-5.3.0-28.30~18.04.1

CVE CVE-2019-19068, CVSSv2 Score: 7.5
Description:
rtl8xxxu: prevent leaking urb
Patch: ubuntu-bionic-hwe-5.3/5.3.0-42.34~18.04.1/CVE-2019-19068-rtl8xxxu-prevent-leaking-urb.patch
From: 5.3.0-42.34~18.04.1

CVE CVE-2019-19058, CVSSv2 Score: 7.5
Description:
iwlwifi: dbg_ini: fix memory leak in alloc_sgtable
Patch: ubuntu-bionic-hwe-5.3/5.3.0-42.34~18.04.1/CVE-2019-19058-iwlwifi-dbg_ini-fix-memory-leak-in-alloc_sgtable.patch
From: 5.3.0-42.34~18.04.1

CVE , CVSSv2 Score:
Description:
Patch: 5.3.0/nested_vmx_check_io_bitmaps.patch
From:

CVE CVE-2020-2732, CVSSv2 Score: 5.8
Description:
KVM: nVMX: Don't emulate instructions in guest mode
Patch: ubuntu-bionic-hwe-5.3/5.3.0-42.34~18.04.1/CVE-2020-2732-KVM-nVMX-Don-t-emulate-instructions-in-guest-mode.patch
From: 5.3.0-42.34~18.04.1

CVE CVE-2020-2732, CVSSv2 Score: 5.8
Description:
KVM: nVMX: Refactor IO bitmap checks into helper function
Patch: ubuntu-bionic-hwe-5.3/5.3.0-42.34~18.04.1/CVE-2020-2732-KVM-nVMX-Refactor-IO-bitmap-checks-into-helper-funct.patch
From: 5.3.0-42.34~18.04.1

CVE CVE-2020-2732, CVSSv2 Score: 5.8
Description:
KVM: nVMX: Check IO instruction VM-exit conditions
Patch: ubuntu-bionic-hwe-5.3/5.3.0-42.34~18.04.1/CVE-2020-2732-KVM-nVMX-Check-IO-instruction-VM-exit-conditions.patch
From: 5.3.0-42.34~18.04.1

CVE CVE-2020-14416, CVSSv2 Score: 4.2
Description:
can, slip: Protect tty->disc_data in write_wakeup and close with RCU
Patch: 4.1.12/cve-2020-14416-can-protect-disc_data-and-close-with-RCU.patch
From: 4.1.12-124.41.1

CVE CVE-2020-12652, CVSSv2 Score: 4.1
Description:
scsi: mptfusion: Fix double fetch bug in ioctl
Patch: 4.9.0/cve-2020-12652-scsi-mpfusion-fix-double-fetch-bug.patch
From: 4.9.210-1+deb9u1

CVE CVE-2019-3016, CVSSv2 Score: 6.2
Description:
x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit
Patch: 4.19.0/CVE-2019-3016-x86-kvm-Introduce-kvm_-un-map_gfn.patch
From: 4.19.98-1+deb10u1

CVE CVE-2019-3016, CVSSv2 Score: 6.2
Description:
x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit
Patch: 4.19.0/CVE-2019-3016-x86-kvm-Cache-gfn-to-pfn-translation.patch
From: 4.19.98-1+deb10u1

CVE CVE-2019-3016, CVSSv2 Score: 6.2
Description:
x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit
Patch: 4.19.0/CVE-2019-3016-x86-kvm-Be-careful-not-to-clear-KVM_VCPU_FLUSH_TLB.patch
From: 4.19.98-1+deb10u1

CVE CVE-2019-3016, CVSSv2 Score: 6.2
Description:
x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit
Patch: 4.19.0/CVE-2019-3016-x86-KVM-Make-sure-KVM_VCPU_FLUSH_TLB-flag-is-not-mis.patch
From: 4.19.98-1+deb10u1

CVE CVE-2019-3016, CVSSv2 Score: 6.2
Description:
x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit
Patch: 4.19.0/CVE-2019-3016-x86-KVM-Clean-up-host-s-steal-time-structure.patch
From: 4.19.98-1+deb10u1

CVE CVE-2019-3016, CVSSv2 Score: 6.2
Description:
x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit (adaptation)
Patch: 4.18.0/CVE-2019-3016-kpatch.patch
From: 4.19.98-1+deb10u1

CVE CVE-2019-20636, CVSSv2 Score: 6.7
Description:
Input: add safety guards to input_set_keycode()
Patch: 4.1.12/CVE-2019-20636.patch
From: 4.1.12-124.39.5

CVE CVE-2019-19066, CVSSv2 Score: 7.5
Description:
scsi: bfa: release allocated memory in case of error
Patch: ubuntu-bionic-hwe-5.3/5.3.0-42.34~18.04.1/CVE-2019-19066-scsi-bfa-release-allocated-memory-in-case-of-error.patch
From: 5.3.0-42.34~18.04.1

CVE CVE-2019-16234, CVSSv2 Score: 7.5
Description:
iwlwifi: pcie: fix rb_allocator workqueue allocation
Patch: 4.15.0/CVE-2019-16234-iwlwifi-pcie-fix-rb_allocator-workqueue-allocation.patch
From: 4.15.0-97.98

CVE CVE-2019-19768, CVSSv2 Score: 7.5
Description:
blktrace: Protect q->blk_trace with RCU
Patch: 4.15.0/CVE-2019-19768-blktrace-Protect-q-blk_trace-with-RCU.patch
From: 4.15.0-97.98

CVE CVE-2019-19768, CVSSv2 Score: 7.5
Description:
blktrace: fix dereference after null check
Patch: 4.15.0/CVE-2019-19768-blktrace-fix-dereference-after-null-check.patch
From: 4.15.0-97.98

CVE , CVSSv2 Score: 7.1
Description:
vt: selection, handle pending signals in paste_selection
Patch: 5.3.0/CVE-2020-8648-vt-selection-handle-pending-signals-in-paste_selection.patch
From: 5.3.0-48.41

CVE , CVSSv2 Score: 7.1
Description:
vt: selection, close sel_buffer race
Patch: 5.3.0/CVE-2020-8648-vt-selection-close-sel_buffer-race.patch
From: 5.3.0-48.41

CVE , CVSSv2 Score: 7.1
Description:
floppy: check FDC index for errors before assigning it
Patch: 4.15.0/CVE-2020-9383-floppy-check-FDC-index-for-errors-before-assigning-it.patch
From: 4.15.0-97.98

CVE , CVSSv2 Score: 5.3
Description:
vhost: Check docket sk_family instead of call getname
Patch: 5.3.0/CVE-2020-10942-vhost-Check-docket-sk_family-instead-of-call-getname.patch
From: 5.3.0-48.41

CVE CVE-2020-11565, CVSSv2 Score: 7.8
Description:
stack-based out-of-bounds write
Patch: 4.9.0/CVE-2020-11565.patch
From: 4.9.189-3+deb9u2

CVE , CVSSv2 Score: 5.5
Description:
media: ov519: add missing endpoint sanity checks
Patch: 4.15.0/CVE-2020-11608-media-ov519-add-missing-endpoint-sanity-checks.patch
From: 4.15.0-97.98

CVE , CVSSv2 Score: 5.5
Description:
media: stv06xx: add missing descriptor sanity checks
Patch: 4.15.0/CVE-2020-11609-media-stv06xx-add-missing-descriptor-sanity-checks.patch
From: 4.15.0-97.98

CVE , CVSSv2 Score: 7.1
Description:
media: xirlink_cit: add missing descriptor sanity checks
Patch: 4.15.0/CVE-2020-11668-media-xirlink_cit-add-missing-descriptor-sanity-checks.patch
From: 4.15.0-97.98

CVE CVE-2020-11494, CVSSv2 Score: 4.4
Description:
CAN: zero scl_bump properly
Patch: ubuntu-bionic/4.15.0-101.102/cve-2020-11494-can-leaks-uninitialized-data.patch
From: 4.15.0-101.102

CVE CVE-2019-19377, CVSSv2 Score: 7.8
Description:
btrfs: Don't submit any btree write bio if the fs has errors
Patch: ubuntu-bionic-hwe-5.3/5.3.0-51.44~18.04.2/cve-2019-19377-btrfs-dont-submit-btree-write-bio-if-fs-has-errors.patch
From: kernel-5.3.0-53.47

CVE CVE-2019-19769, CVSSv2 Score: 6.7
Description:
locks: fix a potential use-after-free problem when wakeup a waiter
Patch: ubuntu-bionic-hwe-5.3/5.3.0-51.44~18.04.2/cve-2019-19769-locks-fix-potential-use-after-free.patch
From: kernel-5.3.0-53.47

CVE CVE-2020-12657, CVSSv2 Score: 7.8
Description:
block, bfq: fix use-after-free in bfq_idle_slice_timer_body
Patch: ubuntu-bionic-hwe-5.3/5.3.0-51.44~18.04.2/cve-2020-12657-bfq-fix-use-after-free.patch
From: kernel-5.3.0-53.47

CVE CVE-2020-12826, CVSSv2 Score: 8.8
Description:
signal: Extend exec_id to 64bits
Patch: 4.19.0/CVE-2020-12826-signal-Extend-exec_id-to-64bits.patch
From: 4.19.118-2

CVE CVE-2020-12826, CVSSv2 Score: 8.8
Description:
signal: Extend exec_id to 64bits
Patch: 4.19.0/CVE-2020-12826-signal-Extend-exec_id-to-64bits-kpatch-1.patch
From: 4.19.118-2

CVE CVE-2020-12464, CVSSv2 Score: 6.7
Description:
USB: core: Fix free-while-in-use bug in the USB S-Glibrary
Patch: 5.4.0/CVE-2020-12464-USB-core-Fix-free-while-in-use-bug-in-the-USB-S-Glibrary.patch
From: 5.4.0-34.38

CVE CVE-2020-12659, CVSSv2 Score: 6.7
Description:
xsk: Add missing check on user supplied headroom size
Patch: 4.19.0/CVE-2020-12659-xsk-Add-missing-check-on-user-supplied-headroom-size.patch
From: 4.19.118-2

CVE CVE-2020-0543, CVSSv2 Score: 6.5
Description:
x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation
Patch: srbds-enable.patch
From: N/A

CVE CVE-2020-12770, CVSSv2 Score: 6.7
Description:
scsi: sg: add sg_remove_request in sg_write
Patch: 4.14.0/CVE-2020-12770.patch
From: kernel-4.14.181-140.257.amzn2

CVE CVE-2020-12768, CVSSv2 Score: 1.9
Description:
KVM: SVM: Fix potential memory leak in svm_cpu_init()
Patch: 5.4.17/CVE-2020-12768.patch
From: 5.4.17-2011.3.2.1

CVE CVE-2020-10711, CVSSv2 Score: 5.9
Description:
netlabel: cope with NULL catmap
Patch: 4.18.0/CVE-2020-10711.patch
From: kernel-4.18.0-193.1.2.el8_2

CVE CVE-2020-13143, CVSSv2 Score: 6.5
Description:
USB: gadget: fix illegal array access in binding with UDC
Patch: 5.4.0/CVE-2020-13143-USB-gadget-fix-illegal-array-access-in-binding-with-UDC.patch
From: 5.4.0-40.44

CVE CVE-2020-15780, CVSSv2 Score: 6.7
Description:
UBUNTU: SAUCE: acpi: disallow loading configfs acpi tables when locked down
Patch: ubuntu-bionic-hwe-5.3/5.3.0-64.58~18.04.1/CVE-2020-15780-UBUNTU-SAUCE-acpi-disallow-loading-configfs-acpi-tab.patch
From: 5.3.0-64.58~18.04.1

CVE CVE-2019-16089, CVSSv2 Score: 4.1
Description:
UBUNTU: SAUCE: nbd_genl_status: null check for nla_nest_start
Patch: ubuntu-bionic-hwe-5.3/5.3.0-64.58~18.04.1/CVE-2019-16089-UBUNTU-SAUCE-nbd_genl_status-null-check-for-nla_nest_start.patch
From: kernel-5.3.0-64.58~18.04.1

CVE CVE-2019-19462, CVSSv2 Score: 5.5
Description:
include/linux/relay.h: fix percpu annotation in struct rchan
Patch: ubuntu-bionic-hwe-5.3/5.3.0-64.58~18.04.1/CVE-2019-19462-kernel-relay.c-handle-alloc_percpu-returning-NULL-in-relay_open.patch
From: kernel-5.3.0-64.58~18.04.1

CVE CVE-2019-20810, CVSSv2 Score: 5.5
Description:
media: go7007: fix a miss of snd_card_free
Patch: ubuntu-bionic-hwe-5.3/5.3.0-64.58~18.04.1/CVE-2019-20810-media-go7007-fix-a-miss-of-snd_card_free.patch
From: kernel-5.3.0-64.58~18.04.1

CVE CVE-2020-10732, CVSSv2 Score: N/A
Description:
fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info()
Patch: 4.19.0/CVE-2020-10732-fs-binfmt_elf.c-allocate-initialized-memory-in-fill_.patch
From: 4.19.118-2+deb10u1

CVE CVE-2020-10757, CVSSv2 Score: 6.1
Description:
mm: Fix mremap not considering huge pmd devmap
Patch: 4.19.0/CVE-2020-10757-mm-Fix-mremap-not-considering-huge-pmd-devmap.patch
From: 4.19.118-2+deb10u1

CVE CVE-2020-13974, CVSSv2 Score: 7.8
Description:
vt: keyboard: avoid signed integer overflow in k_ascii
Patch: ubuntu-bionic-hwe-5.3/5.3.0-64.58~18.04.1/CVE-2020-13974-vt-keyboard-avoid-signed-integer-overflow-in-k_ascii.patch
From: kernel-5.3.0-64.58~18.04.1

CVE CVE-2020-11935, CVSSv2 Score: -
Description:
UBUNTU: SAUCE: aufs: do not call i_readcount_inc()
Patch: ubuntu-bionic-hwe-5.3/5.3.0-64.58~18.04.1/CVE-2020-11935-UBUNTU-SAUCE-aufs-do-not-call-readcount-inc.patch
From: kernel-5.3.0-64.58~18.04.1

CVE CVE-2020-11935, CVSSv2 Score: -
Description:
UBUNTU: SAUCE: aufs: bugfix, IMA i_readcount
Patch: ubuntu-bionic-hwe-5.3/5.3.0-64.58~18.04.1/CVE-2020-11935-UBUNTU-SAUCE-aufs-bugfix-IMA-i_readcount.patch
From: kernel-5.3.0-64.58~18.04.1

CVE CVE-2020-10766, CVSSv2 Score: 5.5
Description:
x86/speculation: Prevent rogue cross-process SSBD shutdown
Patch: 5.4.0/CVE-2020-10766-x86-speculation-Prevent-rogue-cross-process-SSBD-shu.patch
From: >5.4.0-39.43

CVE CVE-2020-10766, CVSSv2 Score: 5.5
Description:
x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS.
Patch: 5.4.0/CVE-2020-10767-x86-speculation-Avoid-force-disabling-IBPB-based-on-.patch
From: >5.4.0-39.43

CVE CVE-2020-10766, CVSSv2 Score: 5.5
Description:
x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches.
Patch: 5.4.0/CVE-2020-10768-x86-speculation-PR_SPEC_FORCE_DISABLE-enforcement-fo.patch
From: >5.4.0-39.43

CVE CVE-2020-10766, CVSSv2 Score: 5.5
Description:
x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS. (kpatch adaptation)
Patch: 5.4.0/CVE-2020-10767-x86-speculation-Avoid-force-disabling-IBPB-based-on-kpatch-1.patch
From: >5.4.0-39.43

CVE , CVSSv2 Score:
Description:
Patch: spectre_v2.patch
From:

CVE CVE-2020-15393, CVSSv2 Score: 5.5
Description:
usb: usbtest: fix missing kfree(dev->buf) in usbtest_disconnect
Patch: ubuntu-bionic-hwe-5.3/5.3.0-65.59/CVE-2020-15393-usb-usbtest-fix-missing-kfree-dev-buf-in-usbtest_dis.patch
From: 5.3.0-65.59

CVE CVE-2020-12655, CVSSv2 Score: 5.5
Description:
xfs: add agf freeblocks verify in xfs_agf_verify
Patch: ubuntu-bionic-hwe-5.3/5.3.0-65.59/CVE-2020-12655-xfs-add-agf-freeblocks-verify-in-xfs_agf_verify.patch
From: 5.3.0-65.59

CVE CVE-2020-24394, CVSSv2 Score: 7.1
Description:
nfsd: apply umask on fs without ACL support
Patch: 4.14.0/CVE-2020-24394-nfsd-apply-umask-on-fs-without-ACL-support.patch
From: 4.14.35-2025.400.9

CVE CVE-2020-12771, CVSSv2 Score: 5.5
Description:
bcache: fix potential deadlock problem in btree_gc_coalesce
Patch: ubuntu-bionic-hwe-5.3/5.3.0-65.59/CVE-2020-12771-bcache-fix-potential-deadlock-problem-in-btree_gc_co.patch
From: 5.3.0-65.59

CVE CVE-2020-14356, CVSSv2 Score: 7.8
Description:
cgroup: fix cgroup_sk_alloc() for sk_clone_lock()
Patch: ubuntu-bionic-hwe-5.3/5.3.0-66.60/CVE-2020-14356-cgroup-fix-cgroup_sk_alloc-for-sk_clone_lock-46.38.patch
From: 5.3.0-66.60

CVE CVE-2020-14356, CVSSv2 Score: 7.8
Description:
cgroup: Fix sock_cgroup_data on big-endian.
Patch: ubuntu-bionic-hwe-5.3/5.3.0-66.60/CVE-2020-14356-cgroup-Fix-sock_cgroup_data-on-big-endian.patch
From: 5.3.0-66.60

CVE , CVSSv2 Score: 6.7
Description:
net/packet: fix overflow in tpacket_rcv
Patch: 4.15.0/CVE-2020-14386.patch
From: 4.15.0-117.118

CVE CVE-2020-16120, CVSSv2 Score: 5.3
Description:
ovl: pass correct flags for opening real directory
Patch: 4.15.0/CVE-2020-16120-ovl-pass-correct-flags-for-opening-real-directory.patch
From:

CVE CVE-2020-16120, CVSSv2 Score: 5.3
Description:
ovl: switch to mounter creds in readdir
Patch: 5.3.0/cve-2020-16120-part-one.patch
From:

CVE CVE-2020-16120, CVSSv2 Score: 5.3
Description:
ovl: verify permissions in ovl_path_open()
Patch: 5.3.0/cve-2020-16120-part-two.patch
From:

CVE CVE-2020-8694, CVSSv2 Score: 5.1
Description:
powercap: make attributes only readable by root
Patch: 5.4.0/CVE-2020-8694-powercap-make-attributes-only-readable-by-root.patch
From: kernel-5.4.0-53.59

CVE CVE-2020-8694, CVSSv2 Score: 5.1
Description:
powercap: make attributes only readable by root (adaptation)
Patch: 5.4.0/CVE-2020-8694-kpatch.patch
From: kernel-5.4.0-53.59

CVE CVE-2021-3347, CVSSv2 Score: 7.4
Description:
futex: Ensure the correct return value from futex_lock_pi()
Patch: 5.4.0/futex/CVE-2021-3347-futex-Ensure-the-correct-return-value-from-futex_lock_pi.patch
From: >kernel-5.4.0-65.73

CVE CVE-2021-3347, CVSSv2 Score: 7.4
Description:
futex: Simplify fixup_pi_state_owner()
Patch: 5.4.0/futex/CVE-2021-3347-futex-Simplify-fixup_pi_state_owner.patch
From: >kernel-5.4.0-65.73

CVE CVE-2021-3347, CVSSv2 Score: 7.4
Description:
futex: Handle faults correctly for PI futexes
Patch: 5.3.0/futex/CVE-2021-3347-futex-Handle-faults-correctly-for-PI-futexes.patch
From: >kernel-5.3.0-69.65

CVE CVE-2020-28374, CVSSv2 Score: 6.5
Description:
UBUNTU: SAUCE: target: fix XCOPY NAA identifier lookup
Patch: 4.15.0/CVE-2020-28374-UBUNTU-SAUCE-target-fix-XCOPY-NAA-identifier-lookup.patch
From: 4.15.0-132.136

CVE CVE-2020-28374, CVSSv2 Score: 6.5
Description:
UBUNTU: SAUCE: target: fix XCOPY NAA identifier lookup (adaptation )
Patch: 4.15.0/CVE-2020-28374-kpatch.patch
From: 4.15.0-132.136

CVE CVE-2021-27365, CVSSv2 Score: 7.8
Description:
sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output
Patch: 5.3.0/CVE-2021-27365-sysfs-Add-sysfs_emit-and-sysfs_emit_at-to-format-sysfs-output.patch
From: >kernel-5.4.0-66.74

CVE CVE-2021-27363 CVE-2021-27364, CVSSv2 Score: 7.1
Description:
scsi: iscsi: Restrict sessions and handles to admin capabilities
Patch: 5.4.0/CVE-2021-27363-CVE-2021-27364-scsi-iscsi-Restrict-sessions-and-handles-to-admin-capabilities.patch
From: >kernel-5.4.0-66.74

CVE CVE-2021-27365, CVSSv2 Score: 7.8
Description:
scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE
Patch: 5.4.0/CVE-2021-27365-scsi-iscsi-Ensure-sysfs-attributes-are-limited-to-PAGE_SIZE.patch
From: >kernel-5.4.0-66.74

CVE CVE-2021-27365, CVSSv2 Score: 7.8
Description:
scsi: iscsi: Verify lengths on passthrough PDUs
Patch: 5.4.0/CVE-2021-27365-scsi-iscsi-Verify-lengths-on-passthrough-PDUs.patch
From: >kernel-5.4.0-66.74

CVE CVE-2020-25705, CVSSv2 Score: 7.4
Description:
icmp: randomize the global rate limiter
Patch: 4.18.0/icmp-randomize-the-global-rate-limiter.patch
From: 4.18.0-240.15.1.el8_3

CVE CVE-2020-27170, CVSSv2 Score: 5.5
Description:
bpf: Prohibit alu ops for pointer types not defining ptr_limit
Patch: 5.4.0/CVE-2020-27170-bpf-Prohibit-alu-ops-for-pointer-types-not-defining-ptr_limit.patch
From: >kernel-5.4.0-67.75

CVE CVE-2020-27171, CVSSv2 Score: 5.5
Description:
bpf: Fix off-by-one for area size in creating mask to left
Patch: 5.4.0/CVE-2020-27171-bpf-Fix-off-by-one-for-area-size-in-creating-mask-to-left.patch
From: >kernel-5.4.0-67.75

CVE CVE-2020-27171 CVE-2020-27170, CVSSv2 Score: 5.5
Description:
bpf: Simplify alu_limit masking for pointer arithmetic
Patch: 5.4.0/CVE-2020-27170-CVE-2020-27171-bpf-Simplify-alu_limit-masking-for-pointer-arithmetic.patch
From: >kernel-5.4.0-67.75

CVE CVE-2020-27171 CVE-2020-27170, CVSSv2 Score: 5.5
Description:
bpf: Simplify alu_limit masking for pointer arithmetic
Patch: 5.4.0/CVE-2020-27170-CVE-2020-27171-bpf-Add-sanity-check-for-upper-ptr_limit.patch
From: >kernel-5.4.0-67.75

CVE CVE-2021-29154, CVSSv2 Score: 7.8
Description:
bpf, x86: Validate computation of branch displacements for x86-64
Patch: 5.4.0/CVE-2021-29154-bpf-x86-Validate-computation-of-branch-displacements-for-x86-64.patch
From: >kernel-5.4.0-70.78

CVE CVE-2021-3609, CVSSv2 Score: 7.0
Description:
UBUNTU: SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu
Patch: 5.8.0/CVE-2021-3609-UBUNTU-SAUCE-can-bcm-delay-release-of-struct-bcm_op-after-synchronize_rcu.patch
From:

CVE CVE-2021-22555, CVSSv2 Score: 7.8
Description:
netfilter: x_tables: fix compat match/target pad out-of-bound write
Patch: 5.3.0/CVE-2021-22555-netfilter-x_tables-fix-compat-match-target-pad-out-o.patch
From: >kernel-5.3.0-75.71

CVE CVE-2021-33909, CVSSv2 Score: 7.8
Description:
seq_file: Disallow extremely large seq buffer allocations
Patch: 5.0.0/CVE-2021-33909-seq_file-Disallow-extremely-large-seq-buffer-allocations.patch
From: >kernel-5.3.0-75.71

CVE CVE-2022-0847, CVSSv2 Score: 7.8
Description:
lib/iov_iter: initialize "flags" in new pipe_buffer
Patch: 4.18.0/CVE-2022-0847-lib-iov_iter-initialize-flags-in-new-pipe_buffer.patch
From: >kernel-4.18.0-348.12.2.el8_5

CVE n/a, CVSSv2 Score: n/a
Description:
x86/xen: Add xenpv_restore_regs_and_return_to_usermode()
Patch: 5.4.0/x86-xen-Add-xenpv_restore_regs_and_return_to_usermode.patch
From: v5.16

CVE , CVSSv2 Score:
Description:
Patch: 5.11.0/kpatch-add-alt-asm-definitions.patch
From:

CVE , CVSSv2 Score:
Description:
Patch: 5.11.0/kpatch-add-paravirt-asm-definitions.patch
From:

CVE , CVSSv2 Score: 7.1
Description:
remote stack overflow in Linux kernel
Patch: 5.4.0/CVE-2022-0435.patch
From: kernel-5.4.0-105.119

CVE , CVSSv2 Score:
Description:
Restrict access to pagemap/kpageflags/kpagecount
Patch: 4.18.0/proc-restrict-pagemap-access.patch
From: