apk package
chainguard/linux-gcp-6.18-bootc-boot-installed
pkg:apk/chainguard/linux-gcp-6.18-bootc-boot-installed
Vulnerabilities (107)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-53225 | mod | 5.5 | < 6.18.38-r0 | 6.18.38-r0 | Jun 25, 2026 | kernel: sctp: fix uninit-value in __sctp_rcv_asconf_lookup() | |
| CVE-2026-53221 | mod | 5.5 | < 6.18.38-r0 | 6.18.38-r0 | Jun 25, 2026 | kernel: ip6_vti: fix incorrect tunnel matching in vti6_tnl_lookup() | |
| CVE-2026-53220 | mod | 5.5 | < 6.18.38-r0 | 6.18.38-r0 | Jun 25, 2026 | kernel: netfilter: revalidate bridge ports | |
| CVE-2026-53219 | mod | 5.5 | < 6.18.38-r0 | 6.18.38-r0 | Jun 25, 2026 | kernel: netfilter: x_tables: avoid leaking percpu counter pointers | |
| CVE-2026-53215 | — | < 6.18.38-r0 | 6.18.38-r0 | Jun 25, 2026 | kernel: net: mvpp2: refill RX buffers before XDP or skb use | ||
| CVE-2026-53212 | mod | 7.0 | < 6.18.38-r0 | 6.18.38-r0 | Jun 25, 2026 | kernel: netfilter: nft_tunnel: fix use-after-free on object destroy | |
| CVE-2026-53198 | — | < 6.18.38-r0 | 6.18.38-r0 | Jun 25, 2026 | kernel: ksmbd: fix use-after-free of a deferred file_lock on double SMB2_CANCEL | ||
| CVE-2026-53187 | mod | 5.5 | < 6.18.38-r0 | 6.18.38-r0 | Jun 25, 2026 | kernel: RDMA/core: Validate cpu_id against nr_cpu_ids in DMAH alloc | |
| CVE-2026-53185 | imp | 7.0 | < 6.18.38-r0 | 6.18.38-r0 | Jun 25, 2026 | kernel: zram: fix use-after-free in zram_bvec_write_partial() | |
| CVE-2026-53184 | mod | 5.5 | < 6.18.38-r0 | 6.18.38-r0 | Jun 25, 2026 | kernel: udp: clear skb->dev before running a sockmap verdict | |
| CVE-2026-53176 | imp | 7.0 | < 6.18.38-r0 | 6.18.38-r0 | Jun 25, 2026 | kernel: IB/isert: Reject login PDUs shorter than ISER_HEADERS_LEN | |
| CVE-2026-53161 | — | < 6.18.38-r0 | 6.18.38-r0 | Jun 25, 2026 | kernel: misc: fastrpc: fix use-after-free of fastrpc_user in workqueue context | ||
| CVE-2026-53159 | — | < 6.18.38-r0 | 6.18.38-r0 | Jun 25, 2026 | kernel: misc: fastrpc: fix DMA address corruption due to find_vma misuse | ||
| CVE-2026-53156 | mod | 5.5 | < 6.18.38-r0 | 6.18.38-r0 | Jun 25, 2026 | kernel: nvmem: core: fix use-after-free bugs in error paths | |
| CVE-2026-53148 | imp | 7.0 | < 6.18.38-r0 | 6.18.38-r0 | Jun 25, 2026 | kernel: thunderbolt: Clamp XDomain response data copy to allocation size | |
| CVE-2026-53143 | imp | 7.0 | < 6.18.38-r0 | 6.18.38-r0 | Jun 25, 2026 | kernel: drm/amdkfd: Fix buffer overflow in SDMA queue checkpoint/restore on GFX11 | |
| CVE-2026-53131 | mod | 7.0 | < 6.18.38-r0 | 6.18.38-r0 | Jun 25, 2026 | kernel: netfilter: require Ethernet MAC header before using eth_hdr() | |
| CVE-2026-52942 | mod | 7.0 | < 6.18.38-r0 | 6.18.38-r0 | Jun 24, 2026 | kernel: netfilter: nf_log: validate MAC header was set before dumping it | |
| CVE-2026-52939 | mod | 5.5 | < 6.18.38-r0 | 6.18.38-r0 | Jun 24, 2026 | kernel: net/rds: fix NULL deref in rds_ib_send_cqe_handler() on masked atomic completion | |
| CVE-2026-52935 | mod | 7.0 | < 6.18.38-r0 | 6.18.38-r0 | Jun 24, 2026 | kernel: xfrm: espintcp: do not reuse an in-progress partial send |
- affected < 6.18.38-r0fixed 6.18.38-r0
kernel: sctp: fix uninit-value in __sctp_rcv_asconf_lookup()
- affected < 6.18.38-r0fixed 6.18.38-r0
kernel: ip6_vti: fix incorrect tunnel matching in vti6_tnl_lookup()
- affected < 6.18.38-r0fixed 6.18.38-r0
kernel: netfilter: revalidate bridge ports
- affected < 6.18.38-r0fixed 6.18.38-r0
kernel: netfilter: x_tables: avoid leaking percpu counter pointers
- CVE-2026-53215Jun 25, 2026affected < 6.18.38-r0fixed 6.18.38-r0
kernel: net: mvpp2: refill RX buffers before XDP or skb use
- affected < 6.18.38-r0fixed 6.18.38-r0
kernel: netfilter: nft_tunnel: fix use-after-free on object destroy
- CVE-2026-53198Jun 25, 2026affected < 6.18.38-r0fixed 6.18.38-r0
kernel: ksmbd: fix use-after-free of a deferred file_lock on double SMB2_CANCEL
- affected < 6.18.38-r0fixed 6.18.38-r0
kernel: RDMA/core: Validate cpu_id against nr_cpu_ids in DMAH alloc
- affected < 6.18.38-r0fixed 6.18.38-r0
kernel: zram: fix use-after-free in zram_bvec_write_partial()
- affected < 6.18.38-r0fixed 6.18.38-r0
kernel: udp: clear skb->dev before running a sockmap verdict
- affected < 6.18.38-r0fixed 6.18.38-r0
kernel: IB/isert: Reject login PDUs shorter than ISER_HEADERS_LEN
- CVE-2026-53161Jun 25, 2026affected < 6.18.38-r0fixed 6.18.38-r0
kernel: misc: fastrpc: fix use-after-free of fastrpc_user in workqueue context
- CVE-2026-53159Jun 25, 2026affected < 6.18.38-r0fixed 6.18.38-r0
kernel: misc: fastrpc: fix DMA address corruption due to find_vma misuse
- affected < 6.18.38-r0fixed 6.18.38-r0
kernel: nvmem: core: fix use-after-free bugs in error paths
- affected < 6.18.38-r0fixed 6.18.38-r0
kernel: thunderbolt: Clamp XDomain response data copy to allocation size
- affected < 6.18.38-r0fixed 6.18.38-r0
kernel: drm/amdkfd: Fix buffer overflow in SDMA queue checkpoint/restore on GFX11
- affected < 6.18.38-r0fixed 6.18.38-r0
kernel: netfilter: require Ethernet MAC header before using eth_hdr()
- affected < 6.18.38-r0fixed 6.18.38-r0
kernel: netfilter: nf_log: validate MAC header was set before dumping it
- affected < 6.18.38-r0fixed 6.18.38-r0
kernel: net/rds: fix NULL deref in rds_ib_send_cqe_handler() on masked atomic completion
- affected < 6.18.38-r0fixed 6.18.38-r0
kernel: xfrm: espintcp: do not reuse an in-progress partial send
Page 5 of 6