- kernel-4.18.0-553.76.1.el8_10 (oel8)
- 4.18.0-553.97.1.0.1.el8_10
- 2026-02-04 13:53:10
- 2026-02-06 06:43:05
- K20260204_21
- CVE-2025-38718
- Description:
sctp: linearize cloned gso packets in sctp_rcv
- CVE: https://access.redhat.com/security/cve/CVE-2025-38718
- Patch: rhel8/4.18.0-553.77.1.el8_10/CVE-2025-38718-sctp-linearize-cloned-gso-packets-in-sctp-rcv.patch
- From: 4.18.0-553.77.1.el8_10
- CVE-2025-22026
- Description:
Out of scope: not affected
- CVE:
- Patch: skipped/CVE-2025-22026.patch
- From:
- CVE-2025-37797
- Description:
net_sched: hfsc: Fix a UAF vulnerability in class handling
- CVE: https://access.redhat.com/security/cve/CVE-2025-37797
- Patch: rhel8/4.18.0-553.77.1.el8_10/CVE-2025-37797-net_sched-hfsc-Fix-a-UAF-vulnerability-in-class-handling.patch
- From: 4.18.0-553.77.1.el8_10
- CVE-2022-50087
- Description:
Out of scope: not affected
- CVE:
- Patch: skipped/CVE-2022-50087.patch
- From:
- CVE-2025-39730
- Description:
NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()
- CVE: https://access.redhat.com/security/cve/CVE-2025-39730
- Patch: rhel8/4.18.0-553.78.1.el8_10/CVE-2025-39730-NFS-Fix-filehandle-bounds-checking-in-nfs_fh_to_dentry.patch
- From: 4.18.0-553.78.1.el8_10
- CVE-2025-38527
- Description:
smb: client: fix use-after-free in cifs_oplock_break
- CVE: https://access.redhat.com/security/cve/CVE-2025-38527
- Patch: rhel8/4.18.0-553.78.1.el8_10/CVE-2025-38527-smb-client-fix-use-after-free-in-cifs_oplock_break.patch
- From: 4.18.0-553.78.1.el8_10
- CVE-2023-53305 CVE-2022-50386
- Description:
Bluetooth: L2CAP: Fix use-after-free
- CVE: https://access.redhat.com/security/cve/CVE-2022-50386
- Patch: rhel8/4.18.0-553.79.1.el8_10/CVE-2023-53305-bluetooth-l2cap-fix-use-after-free.patch
- From: 4.18.0-553.79.1.el8_10
- CVE-2022-50228
- Description:
KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0
- CVE: https://access.redhat.com/security/cve/CVE-2022-50228
- Patch: rhel8/4.18.0-553.79.1.el8_10/CVE-2022-50228-KVM-SVM-dont-BUG-if-userspace-injects-an-interrupt.patch
- From: 4.18.0-553.79.1.el8_10
- CVE-2023-53373
- Description:
crypto: seqiv - Handle EBUSY correctly
- CVE: https://access.redhat.com/security/cve/CVE-2023-53373
- Patch: rhel8/4.18.0-553.80.1.el8_10/CVE-2023-53373-crypto-seqiv-handle-ebusy-correctly.patch
- From: 4.18.0-553.80.1.el8_10
- CVE-2025-39751
- Description:
This CVE has been rejected or withdrawn by its CVE Numbering Authority as per NVD website
- CVE:
- Patch: skipped/CVE-2025-39751.patch
- From:
- CVE-2025-39757
- Description:
ALSA: usb-audio: Validate UAC3 cluster segment descriptors
- CVE: https://access.redhat.com/security/cve/CVE-2025-39757
- Patch: rhel8/4.18.0-553.80.1.el8_10/CVE-2025-39757-ALSA-usb-audio-Validate-UAC3-cluster-segment-descriptors.patch
- From: 4.18.0-553.80.1.el8_10
- CVE-2025-39757
- Description:
ALSA: usb-audio: Validate UAC3 cluster segment descriptors
- CVE: https://access.redhat.com/security/cve/CVE-2025-39757
- Patch: rhel8/4.18.0-553.80.1.el8_10/CVE-2025-39757-ALSA-usb-audio-Fix-size-validation-in-convert_chmap_v3.patch
- From: 4.18.0-553.80.1.el8_10
- CVE-2023-53297
- Description:
Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp
- CVE: https://access.redhat.com/security/cve/CVE-2023-53297
- Patch: rhel8/4.18.0-553.81.1.el8_10/CVE-2023-53297-Bluetooth-L2CAP-fix-bad-unlock-balance-in-l2cap_disconnect_rsp.patch
- From: 4.18.0-553.81.1.el8_10
- CVE-2025-39817
- Description:
efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare
- CVE: https://access.redhat.com/security/cve/CVE-2025-39817
- Patch: rhel8/4.18.0-553.81.1.el8_10/CVE-2025-39817-efivarfs-fix-slab-out-of-bounds-in-efivarfs-d-compare.patch
- From: 4.18.0-553.81.1.el8_10
- CVE-2025-39841
- Description:
scsi: lpfc: Fix buffer free/clear order in deferred receive path
- CVE: https://access.redhat.com/security/cve/CVE-2025-39841
- Patch: rhel8/4.18.0-553.81.1.el8_10/CVE-2025-39841-scsi-lpfc-fix-buffer-free-clear-order-in-deferred-receive-path.patch
- From: 4.18.0-553.81.1.el8_10
- CVE-2025-39849
- Description:
wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result()
- CVE: https://access.redhat.com/security/cve/CVE-2025-39849
- Patch: rhel8/4.18.0-553.81.1.el8_10/CVE-2025-39849-wifi-cfg80211-sme-cap-ssid-length-in-cfg80211-connect-result.patch
- From: 4.18.0-553.81.1.el8_10
- CVE-2023-53386
- Description:
Bluetooth: Fix potential use-after-free when clear keys
- CVE: https://access.redhat.com/security/cve/CVE-2023-53386
- Patch: rhel8/4.18.0-553.81.1.el8_10/CVE-2023-53386-Bluetooth-Fix-potential-use-after-free-when-clear-keys.patch
- From: 4.18.0-553.81.1.el8_10
- CVE-2025-39864
- Description:
wifi: cfg80211: fix use-after-free in cmp_bss()
- CVE: https://access.redhat.com/security/cve/CVE-2025-39864
- Patch: rhel8/4.18.0-553.82.1.el8_10/CVE-2025-39864-wifi-cfg80211-fix-use-after-free-in-cmp-bss.patch
- From: 4.18.0-553.82.1.el8_10
- CVE-2023-53226
- Description:
wifi: mwifiex: Fix OOB and integer underflow when rx packets
- CVE: https://access.redhat.com/security/cve/CVE-2023-53226
- Patch: rhel8/4.18.0-553.82.1.el8_10/CVE-2023-53226-wifi-mwifiex-Fix-OOB-and-integer-underflow-when-rx-packets.patch
- From: 4.18.0-553.82.1.el8_10
- CVE-2023-53226
- Description:
wifi: mwifiex: Fix missed return in oob checks failed path
- CVE: https://access.redhat.com/security/cve/CVE-2023-53226
- Patch: rhel8/4.18.0-553.82.1.el8_10/CVE-2023-53226-wifi-mwifiex-Fix-missed-return-in-oob-checks-failed-path.patch
- From: 4.18.0-553.82.1.el8_10
- CVE-2023-53226
- Description:
wifi: mwifiex: Fix OOB and integer underflow when rx packets
- CVE: https://access.redhat.com/security/cve/CVE-2023-53226
- Patch: rhel8/4.18.0-553.82.1.el8_10/CVE-2023-53226-wifi-mwifiex-Fix-oob-check-condition-in-mwifiex_process_rx_packet.patch
- From: 4.18.0-553.82.1.el8_10
- CVE-2023-53257
- Description:
wifi: mac80211: check S1G action frame size
- CVE: https://access.redhat.com/security/cve/CVE-2023-53257
- Patch: rhel8/4.18.0-553.82.1.el8_10/CVE-2023-53257-wifi-mac80211-check-S1G-action-frame-size.patch
- From: 4.18.0-553.82.1.el8_10
- CVE-2022-50367
- Description:
fs: fix UAF/GPF bug in nilfs_mdt_destroy
- CVE: https://access.redhat.com/security/cve/CVE-2022-50367
- Patch: rhel8/4.18.0-553.83.1.el8_10/CVE-2022-50367-fs-fix-uaf-gpf-bug-in-nilfs-mdt-destroy.patch
- From: 4.18.0-553.83.1.el8_10
- CVE-2023-53178
- Description:
mm: fix zswap writeback race condition
- CVE: https://access.redhat.com/security/cve/CVE-2023-53178
- Patch: rhel8/4.18.0-553.83.1.el8_10/CVE-2023-53178-mm-fix-zswap-writeback-race-condition.patch
- From: 4.18.0-553.83.1.el8_10
- CVE-2023-53178
- Description:
mm: zswap: fix missing folio cleanup in writeback race path
- CVE: https://access.redhat.com/security/cve/CVE-2023-53178
- Patch: rhel8/4.18.0-553.83.1.el8_10/CVE-2023-53178-mm-zswap-fix-missing-folio-cleanup-in-writeback-race-path.patch
- From: 4.18.0-553.83.1.el8_10
- CVE-2025-39718
- Description:
vsock/virtio: Validate length in packet header before skb_put()
- CVE: https://access.redhat.com/security/cve/CVE-2025-39718
- Patch: rhel8/4.18.0-553.84.1.el8_10/CVE-2025-39718-vsock-virtio-validate-length-in-packet-header-before-skb-put.patch
- From: 4.18.0-553.84.1.el8_10
- CVE-2025-39971
- Description:
i40e: fix idx validation in config queues msg
- CVE: https://access.redhat.com/security/cve/CVE-2025-39971
- Patch: rhel8/4.18.0-553.85.1.el8_10/CVE-2025-39971-i40e-fix-idx-validation-in-config-queues-msg.patch
- From: 4.18.0-553.85.1.el8_10
- CVE-2023-53513
- Description:
nbd: fix incomplete validation of ioctl arg
- CVE: https://access.redhat.com/security/cve/CVE-2023-53513
- Patch: rhel8/4.18.0-553.87.1.el8_10/CVE-2023-53513-nbd-fix-incomplete-validation-of-ioctl-arg.patch
- From: 4.18.0-553.87.1.el8_10
- CVE-2025-39825
- Description:
smb: client: fix race with concurrent opens in rename(2)
- CVE: https://access.redhat.com/security/cve/CVE-2025-39825
- Patch: rhel8/4.18.0-553.87.1.el8_10/CVE-2025-39825-smb-client-fix-race-with-concurrent-opens-in-rename2.patch
- From: 4.18.0-553.87.1.el8_10
- CVE-2025-38724
- Description:
nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()
- CVE: https://access.redhat.com/security/cve/CVE-2025-38724
- Patch: rhel8/4.18.0-553.87.1.el8_10/CVE-2025-38724-nfsd-handle-get_client_locked-failure-in-nfsd4_setclientid_confirm.patch
- From: 4.18.0-553.87.1.el8_10
- CVE-2025-39898
- Description:
e1000e: fix heap overflow in e1000_set_eeprom
- CVE: https://access.redhat.com/security/cve/CVE-2025-39898
- Patch: rhel8/4.18.0-553.87.1.el8_10/CVE-2025-39898-e1000e-fix-heap-overflow-in-e1000_set_eeprom.patch
- From: 4.18.0-553.87.1.el8_10
- CVE-2025-39883
- Description:
mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory
- CVE: https://access.redhat.com/security/cve/CVE-2025-39883
- Patch: rhel8/4.18.0-553.87.1.el8_10/CVE-2025-39883-mm-memory-failure-fix-VM_BUG_ON_PAGE-when-unpoison-memory.patch
- From: 4.18.0-553.87.1.el8_10
- CVE-2025-39955
- Description:
tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect().
- CVE: https://access.redhat.com/security/cve/CVE-2025-39955
- Patch: rhel8/4.18.0-553.87.1.el8_10/CVE-2025-39955-tcp-clear-tcp_sk-sk-fastopen_rsk-in-tcp_disconnect.patch
- From: 4.18.0-553.87.1.el8_10
- CVE-2025-39955
- Description:
tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request().
- CVE: https://access.redhat.com/security/cve/CVE-2025-39955
- Patch: rhel8/4.18.0-553.87.1.el8_10/CVE-2025-39955-tcp-don-t-call-reqsk_fastopen_remove-in-tcp_conn_request.patch
- From: 4.18.0-553.87.1.el8_10
- CVE-2022-50543
- Description:
RDMA/rxe: Fix mr->map double free
- CVE: https://access.redhat.com/security/cve/CVE-2022-50543
- Patch: rhel8/4.18.0-553.89.1.el8_10/CVE-2022-50543-rdma-rxe-fix-mr-map-double-free.patch
- From: 4.18.0-553.89.1.el8_10
- CVE-2023-53401
- Description:
mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required()
- CVE: https://access.redhat.com/security/cve/CVE-2023-53401
- Patch: rhel8/4.18.0-553.89.1.el8_10/CVE-2023-53401-mm-kmem-fix-a-null-pointer-dereference-in-obj-stock-flush-required.patch
- From: 4.18.0-553.89.1.el8_10
- CVE-2023-53539
- Description:
RDMA/rxe: Fix incomplete state save in rxe_requester
- CVE: https://access.redhat.com/security/cve/CVE-2023-53539
- Patch: rhel8/4.18.0-553.89.1.el8_10/CVE-2023-53539-rdma-rxe-fix-incomplete-state-save-in-rxe-requester.patch
- From: 4.18.0-553.89.1.el8_10
- CVE-2025-40240
- Description:
sctp: avoid NULL dereference when chunk data buffer is missing
- CVE: https://access.redhat.com/security/cve/CVE-2025-40240
- Patch: rhel8/4.18.0-553.92.1.el8_10/CVE-2025-40240-sctp-avoid-null-dereference-when-chunk-data-buffer-is-missing.patch
- From: 4.18.0-553.92.1.el8_10
- CVE-2023-53552
- Description:
Complex adaptation required.
- CVE:
- Patch: skipped/CVE-2023-53552.patch
- From:
- CVE-2025-40096
- Description:
drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies
- CVE: https://access.redhat.com/security/cve/CVE-2025-40096
- Patch: rhel8/4.18.0-553.94.1.el8_10/CVE-2025-40096-drm-sched-fix-potential-double-free-in-drm-sched.patch
- From: 4.18.0-553.94.1.el8_10
- CVE-2025-68301
- Description:
net: atlantic: fix fragment overflow handling in RX path
- CVE: https://access.redhat.com/security/cve/CVE-2025-68301
- Patch: rhel8/4.18.0-553.94.1.el8_10/CVE-2025-68301-net-atlantic-fix-fragment-overflow-handling-in-rx-path.patch
- From: 4.18.0-553.94.1.el8_10
- CVE-2025-38051
- Description:
smb: client: Fix use-after-free in cifs_fill_dirent
- CVE: https://access.redhat.com/security/cve/CVE-2025-38051
- Patch: rhel8/4.18.0-553.94.1.el8_10/CVE-2025-38051-smb-client-fix-use-after-free-in-cifs-fill-dirent.patch
- From: 4.18.0-553.94.1.el8_10
- CVE-2025-39933
- Description:
smb: client: let recv_done verify data_offset, data_length and remaining_data_length
- CVE: https://access.redhat.com/security/cve/CVE-2025-39933
- Patch: rhel8/4.18.0-553.94.1.el8_10/CVE-2025-39933-smb-client-let-recv-done-verify-data-offset.patch
- From: 4.18.0-553.94.1.el8_10
- CVE-2025-40248
- Description:
vsock: Ignore signal/timeout on connect() if already established
- CVE: https://access.redhat.com/security/cve/CVE-2025-40248
- Patch: rhel8/4.18.0-553.97.1.el8_10/CVE-2025-40248-vsock-ignore-signal-timeout-on-connect-if-already-established.patch
- From: 4.18.0-553.97.1.el8_10
- CVE-2025-40277
- Description:
drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE
- CVE: https://access.redhat.com/security/cve/CVE-2025-40277
- Patch: rhel8/4.18.0-553.97.1.el8_10/CVE-2025-40277-drm-vmwgfx-validate-command-header-size-against-svga-cmd-max-datasize.patch
- From: 4.18.0-553.97.1.el8_10
- CVE-2023-53673
- Description:
Bluetooth: hci_event: call disconnect callback before deleting conn
- CVE: https://access.redhat.com/security/cve/CVE-2023-53673
- Patch: rhel8/4.18.0-553.97.1.el8_10/CVE-2023-53673-bluetooth-hci-event-call-disconnect-callback-before-deleting-conn.patch
- From: 4.18.0-553.97.1.el8_10
- CVE-2025-40154
- Description:
ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping
- CVE: https://access.redhat.com/security/cve/CVE-2025-40154
- Patch: rhel8/4.18.0-553.97.1.el8_10/CVE-2025-40154-asoc-intel-bytcr-rt5640-fix-invalid-quirk-input-mapping.patch
- From: 4.18.0-553.97.1.el8_10
- N/A
- Description:
x86 xen add xenpv restore regs and return to usermode
- CVE: N/A
- Patch: 4.18.0/x86-xen-Add-xenpv_restore_regs_and_return_to_usermode-el8-372.patch
- From: N/A
- N/A
- Description:
kpatch add alt asm definitions
- CVE: https://www.kernel.org
- Patch: 4.18.0/kpatch-add-alt-asm-definitions-el8-372.patch
- From: N/A