apk package
chainguard/linux-azure-6.12
pkg:apk/chainguard/linux-azure-6.12
Vulnerabilities (234)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-31431 | Hig | 7.8 | KEV | < 6.12.83-r2 | 6.12.83-r2 | Apr 22, 2026 | In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the so |
| CVE-2026-23442 | Med | 5.5 | < 6.12.85-r0 | 6.12.85-r0 | Apr 3, 2026 | In the Linux kernel, the following vulnerability has been resolved: ipv6: add NULL checks for idev in SRv6 paths __in6_dev_get() can return NULL when the device has no IPv6 configuration (e.g. MTU < IPV6_MIN_MTU or after NETDEV_UNREGISTER). Add NULL checks for idev returned by | |
| CVE-2026-23227 | Hig | 7.8 | < 6.12.78-r0 | 6.12.78-r0 | Feb 18, 2026 | In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: use ctx->lock to protect struct vidi_context member variables related to memory alloc/free Exynos Virtual Display driver performs memory alloc/free operations without lock protection, which ea | |
| CVE-2026-23226 | Hig | 8.8 | < 6.12.80-r0 | 6.12.80-r0 | Feb 18, 2026 | In the Linux kernel, the following vulnerability has been resolved: ksmbd: add chann_lock to protect ksmbd_chann_list xarray ksmbd_chann_list xarray lacks synchronization, allowing use-after-free in multi-channel sessions (between lookup_chann_list() and ksmbd_chann_del). Adds | |
| CVE-2026-23217 | — | < 6.12.80-r0 | 6.12.80-r0 | Feb 18, 2026 | In the Linux kernel, the following vulnerability has been resolved: riscv: trace: fix snapshot deadlock with sbi ecall If sbi_ecall.c's functions are traceable, echo "__sbi_ecall:snapshot" > /sys/kernel/tracing/set_ftrace_filter may get the kernel into a deadlock. (Functions | ||
| CVE-2025-71227 | — | < 6.12.80-r0 | 6.12.80-r0 | Feb 18, 2026 | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't WARN for connections on invalid channels It's not clear (to me) how exactly syzbot managed to hit this, but it seems conceivable that e.g. regulatory changed and has disabled a channel bet | ||
| CVE-2026-23210 | Med | 4.7 | < 6.12.80-r0 | 6.12.80-r0 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: ice: Fix PTP NULL pointer dereference during VSI rebuild Fix race condition where PTP periodic work runs while VSI is being rebuilt, accessing NULL vsi->rx_rings. The sequence was: 1. ice_ptp_prepare_for_reset | |
| CVE-2026-23207 | Med | 4.7 | < 6.12.80-r0 | 6.12.80-r0 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect curr_xfer check in IRQ handler Now that all other accesses to curr_xfer are done under the lock, protect the curr_xfer NULL check in tegra_qspi_isr_thread() with the spinlock. Withou | |
| CVE-2026-23208 | — | < 6.12.80-r0 | 6.12.80-r0 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Prevent excessive number of frames In this case, the user constructed the parameters with maxpacksize 40 for rate 22050 / pps 1000, and packsize[0] 22 packsize[1] 23. The buffer size for each d | ||
| CVE-2025-71221 | — | < 6.12.80-r0 | 6.12.80-r0 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: mmp_pdma: Fix race condition in mmp_pdma_residue() Add proper locking in mmp_pdma_residue() to prevent use-after-free when accessing descriptor list and descriptor contents. The race occurs when mul | ||
| CVE-2026-23171 | Hig | 7.8 | < 6.12.80-r0 | 6.12.80-r0 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: bonding: fix use-after-free due to enslave fail after slave array update Fix a use-after-free which happens due to enslave failure after the new slave has been added to the array. Since the new slave can be use | |
| CVE-2026-23157 | — | < 6.12.80-r0 | 6.12.80-r0 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: btrfs: do not strictly require dirty metadata threshold for metadata writepages [BUG] There is an internal report that over 1000 processes are waiting at the io_schedule_timeout() of balance_dirty_pages(), caus | ||
| CVE-2026-23152 | — | < 6.12.80-r0 | 6.12.80-r0 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: correctly decode TTLM with default link map TID-To-Link Mapping (TTLM) elements do not contain any link mapping presence indicator if a default mapping is used and parsing needs to be skipped. | ||
| CVE-2025-71202 | — | < 6.12.80-r0 | 6.12.80-r0 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: iommu/sva: invalidate stale IOTLB entries for kernel address space Introduce a new IOMMU interface to flush IOTLB paging cache entries for the CPU kernel address space. This interface is invoked from the x86 a | ||
| CVE-2026-23138 | — | < 6.12.80-r0 | 6.12.80-r0 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: tracing: Add recursion protection in kernel stack trace recording A bug was reported about an infinite recursion caused by tracing the rcu events with the kernel stack trace trigger enabled. The stack trace cod | ||
| CVE-2026-23137 | — | < 6.12.80-r0 | 6.12.80-r0 | Feb 14, 2026 | In the Linux kernel, the following vulnerability has been resolved: of: unittest: Fix memory leak in unittest_data_add() In unittest_data_add(), if of_resolve_phandles() fails, the allocated unittest_data is not freed, leading to a memory leak. Fix this by using scope-based cl | ||
| CVE-2026-23066 | Hig | 7.8 | < 6.12.80-r0 | 6.12.80-r0 | Feb 4, 2026 | In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recvmsg() unconditional requeue If rxrpc_recvmsg() fails because MSG_DONTWAIT was specified but the call at the front of the recvmsg queue already has its mutex locked, it requeues the call - whether | |
| CVE-2026-23104 | — | < 6.12.80-r0 | 6.12.80-r0 | Feb 4, 2026 | In the Linux kernel, the following vulnerability has been resolved: ice: fix devlink reload call trace Commit 4da71a77fc3b ("ice: read internal temperature sensor") introduced internal temperature sensor reading via HWMON. ice_hwmon_init() was added to ice_init_feature() and ic | ||
| CVE-2026-23102 | — | < 6.12.80-r0 | 6.12.80-r0 | Feb 4, 2026 | In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Fix restoration of SVE context When SME is supported, Restoring SVE signal context can go wrong in a few ways, including placing the task into an invalid state where the kernel may read fr | ||
| CVE-2026-23070 | — | < 6.12.80-r0 | 6.12.80-r0 | Feb 4, 2026 | In the Linux kernel, the following vulnerability has been resolved: Octeontx2-af: Add proper checks for fwdata firmware populates MAC address, link modes (supported, advertised) and EEPROM data in shared firmware structure which kernel access via MAC block(CGX/RPM). Accessing |
- affected < 6.12.83-r2fixed 6.12.83-r2
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the so
- affected < 6.12.85-r0fixed 6.12.85-r0
In the Linux kernel, the following vulnerability has been resolved: ipv6: add NULL checks for idev in SRv6 paths __in6_dev_get() can return NULL when the device has no IPv6 configuration (e.g. MTU < IPV6_MIN_MTU or after NETDEV_UNREGISTER). Add NULL checks for idev returned by
- affected < 6.12.78-r0fixed 6.12.78-r0
In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: use ctx->lock to protect struct vidi_context member variables related to memory alloc/free Exynos Virtual Display driver performs memory alloc/free operations without lock protection, which ea
- affected < 6.12.80-r0fixed 6.12.80-r0
In the Linux kernel, the following vulnerability has been resolved: ksmbd: add chann_lock to protect ksmbd_chann_list xarray ksmbd_chann_list xarray lacks synchronization, allowing use-after-free in multi-channel sessions (between lookup_chann_list() and ksmbd_chann_del). Adds
- CVE-2026-23217Feb 18, 2026affected < 6.12.80-r0fixed 6.12.80-r0
In the Linux kernel, the following vulnerability has been resolved: riscv: trace: fix snapshot deadlock with sbi ecall If sbi_ecall.c's functions are traceable, echo "__sbi_ecall:snapshot" > /sys/kernel/tracing/set_ftrace_filter may get the kernel into a deadlock. (Functions
- CVE-2025-71227Feb 18, 2026affected < 6.12.80-r0fixed 6.12.80-r0
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't WARN for connections on invalid channels It's not clear (to me) how exactly syzbot managed to hit this, but it seems conceivable that e.g. regulatory changed and has disabled a channel bet
- affected < 6.12.80-r0fixed 6.12.80-r0
In the Linux kernel, the following vulnerability has been resolved: ice: Fix PTP NULL pointer dereference during VSI rebuild Fix race condition where PTP periodic work runs while VSI is being rebuilt, accessing NULL vsi->rx_rings. The sequence was: 1. ice_ptp_prepare_for_reset
- affected < 6.12.80-r0fixed 6.12.80-r0
In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect curr_xfer check in IRQ handler Now that all other accesses to curr_xfer are done under the lock, protect the curr_xfer NULL check in tegra_qspi_isr_thread() with the spinlock. Withou
- CVE-2026-23208Feb 14, 2026affected < 6.12.80-r0fixed 6.12.80-r0
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Prevent excessive number of frames In this case, the user constructed the parameters with maxpacksize 40 for rate 22050 / pps 1000, and packsize[0] 22 packsize[1] 23. The buffer size for each d
- CVE-2025-71221Feb 14, 2026affected < 6.12.80-r0fixed 6.12.80-r0
In the Linux kernel, the following vulnerability has been resolved: dmaengine: mmp_pdma: Fix race condition in mmp_pdma_residue() Add proper locking in mmp_pdma_residue() to prevent use-after-free when accessing descriptor list and descriptor contents. The race occurs when mul
- affected < 6.12.80-r0fixed 6.12.80-r0
In the Linux kernel, the following vulnerability has been resolved: bonding: fix use-after-free due to enslave fail after slave array update Fix a use-after-free which happens due to enslave failure after the new slave has been added to the array. Since the new slave can be use
- CVE-2026-23157Feb 14, 2026affected < 6.12.80-r0fixed 6.12.80-r0
In the Linux kernel, the following vulnerability has been resolved: btrfs: do not strictly require dirty metadata threshold for metadata writepages [BUG] There is an internal report that over 1000 processes are waiting at the io_schedule_timeout() of balance_dirty_pages(), caus
- CVE-2026-23152Feb 14, 2026affected < 6.12.80-r0fixed 6.12.80-r0
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: correctly decode TTLM with default link map TID-To-Link Mapping (TTLM) elements do not contain any link mapping presence indicator if a default mapping is used and parsing needs to be skipped.
- CVE-2025-71202Feb 14, 2026affected < 6.12.80-r0fixed 6.12.80-r0
In the Linux kernel, the following vulnerability has been resolved: iommu/sva: invalidate stale IOTLB entries for kernel address space Introduce a new IOMMU interface to flush IOTLB paging cache entries for the CPU kernel address space. This interface is invoked from the x86 a
- CVE-2026-23138Feb 14, 2026affected < 6.12.80-r0fixed 6.12.80-r0
In the Linux kernel, the following vulnerability has been resolved: tracing: Add recursion protection in kernel stack trace recording A bug was reported about an infinite recursion caused by tracing the rcu events with the kernel stack trace trigger enabled. The stack trace cod
- CVE-2026-23137Feb 14, 2026affected < 6.12.80-r0fixed 6.12.80-r0
In the Linux kernel, the following vulnerability has been resolved: of: unittest: Fix memory leak in unittest_data_add() In unittest_data_add(), if of_resolve_phandles() fails, the allocated unittest_data is not freed, leading to a memory leak. Fix this by using scope-based cl
- affected < 6.12.80-r0fixed 6.12.80-r0
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recvmsg() unconditional requeue If rxrpc_recvmsg() fails because MSG_DONTWAIT was specified but the call at the front of the recvmsg queue already has its mutex locked, it requeues the call - whether
- CVE-2026-23104Feb 4, 2026affected < 6.12.80-r0fixed 6.12.80-r0
In the Linux kernel, the following vulnerability has been resolved: ice: fix devlink reload call trace Commit 4da71a77fc3b ("ice: read internal temperature sensor") introduced internal temperature sensor reading via HWMON. ice_hwmon_init() was added to ice_init_feature() and ic
- CVE-2026-23102Feb 4, 2026affected < 6.12.80-r0fixed 6.12.80-r0
In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Fix restoration of SVE context When SME is supported, Restoring SVE signal context can go wrong in a few ways, including placing the task into an invalid state where the kernel may read fr
- CVE-2026-23070Feb 4, 2026affected < 6.12.80-r0fixed 6.12.80-r0
In the Linux kernel, the following vulnerability has been resolved: Octeontx2-af: Add proper checks for fwdata firmware populates MAC address, link modes (supported, advertised) and EEPROM data in shared firmware structure which kernel access via MAC block(CGX/RPM). Accessing
Page 2 of 12