VYPR

linux package

kernel

pkg:linux/kernel

Vulnerabilities (1,755)

  • CVE-2025-68760Jan 5, 2026
    affected >= 6.17.0, < 6.17.13fixed 6.17.13

    In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential out-of-bounds read in iommu_mmio_show In iommu_mmio_write(), it validates the user-provided offset with the check: `iommu->dbg_mmio_offset > iommu->mmio_phys_end - 4`. This assumes a 4-

  • CVE-2025-68759Jan 5, 2026
    affected >= 2.6.25, < 5.10.248fixed 5.10.248

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring() In rtl8180_init_rx_ring(), memory is allocated for skb packets and DMA allocations in a loop. When an allocation fails, the previously success

  • CVE-2025-68758Jan 5, 2026
    affected >= 5.6.0, < 5.10.248fixed 5.10.248

    In the Linux kernel, the following vulnerability has been resolved: backlight: led-bl: Add devlink to supplier LEDs LED Backlight is a consumer of one or multiple LED class devices, but devlink is currently unable to create correct supplier-producer links when the supplier is a

  • CVE-2025-68757Jan 5, 2026
    affected >= 4.8.0, < 5.10.248fixed 5.10.248

    In the Linux kernel, the following vulnerability has been resolved: drm/vgem-fence: Fix potential deadlock on release A timer that expires a vgem fence automatically in 10 seconds is now released with timer_delete_sync() from fence->ops.release() called on last dma_fence_put().

  • CVE-2025-68756Jan 5, 2026
    affected >= 6.2.0, < 6.6.120fixed 6.6.120

    In the Linux kernel, the following vulnerability has been resolved: block: Use RCU in blk_mq_[un]quiesce_tagset() instead of set->tag_list_lock blk_mq_{add,del}_queue_tag_set() functions add and remove queues from tagset, the functions make sure that tagset and queues are marke

  • CVE-2025-68755Jan 5, 2026
    affected >= 5.6.0, < 6.6.120fixed 6.6.120

    In the Linux kernel, the following vulnerability has been resolved: staging: most: remove broken i2c driver The MOST I2C driver has been completely broken for five years without anyone noticing so remove the driver from staging. Specifically, commit 723de0f9171e ("staging: mos

  • CVE-2025-68754Jan 5, 2026
    affected >= 6.13.0, < 6.17.13fixed 6.17.13

    In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double free caused by devm The clock obtained via devm_clk_get_enabled() is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clk_disable_unp

  • CVE-2025-68753Jan 5, 2026
    affected >= 5.16.0, < 6.1.160fixed 6.1.160

    In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: add bounds check in put_user loop for DSP events In the DSP event handling code, a put_user() loop copies event data. When the user buffer size is not aligned to 4 bytes, it could overwrite

  • CVE-2025-68752Jan 5, 2026
    affected >= 6.15.0, < 6.17.13fixed 6.17.13

    In the Linux kernel, the following vulnerability has been resolved: iavf: Implement settime64 with -EOPNOTSUPP ptp_clock_settime() assumes every ptp_clock has implemented settime64(). Stub it with -EOPNOTSUPP to prevent a NULL dereference. The fix is similar to commit 329d050b

  • CVE-2025-68751Jan 5, 2026
    affected >= 6.9.0, < 6.17.13fixed 6.17.13

    In the Linux kernel, the following vulnerability has been resolved: s390/fpu: Fix false-positive kmsan report in fpu_vstl() A false-positive kmsan report is detected when running ping command. An inline assembly instruction 'vstl' can write varied amount of bytes depending on

  • CVE-2023-54326Dec 30, 2025
    affected >= 4.19.0, < 4.19.291fixed 4.19.291

    In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Free IRQs before removing the device In pci_endpoint_test_remove(), freeing the IRQs after removing the device creates a small race window for IRQs to be received with the test device m

  • CVE-2023-54325Dec 30, 2025
    affected >= 5.11.0, < 5.15.99fixed 5.15.99

    In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix out-of-bounds read When preparing an AER-CTR request, the driver copies the key provided by the user into a data structure that is accessible by the firmware. If the target device is QAT GEN4,

  • CVE-2023-54324Dec 30, 2025
    affected >= 2.6.12, < 6.1.56fixed 6.1.56

    In the Linux kernel, the following vulnerability has been resolved: dm: fix a race condition in retrieve_deps There's a race condition in the multipath target when retrieve_deps races with multipath_message calling dm_get_device and dm_put_device. retrieve_deps walks the list o

  • CVE-2023-54323Dec 30, 2025
    affected >= 5.14.0, < 6.1.16fixed 6.1.16

    In the Linux kernel, the following vulnerability has been resolved: cxl/pmem: Fix nvdimm registration races A loop of the form: while true; do modprobe cxl_pci; modprobe -r cxl_pci; done ...fails with the following crash signature: BUG: kernel NULL pointer dereferenc

  • CVE-2023-54322Dec 30, 2025
    affected >= 4.3.0, < 5.10.188fixed 5.10.188

    In the Linux kernel, the following vulnerability has been resolved: arm64: set __exception_irq_entry with __irq_entry as a default filter_irq_stacks() is supposed to cut entries which are related irq entries from its call stack. And in_irqentry_text() which is called by filter_

  • CVE-2023-54320Dec 30, 2025
    affected >= 6.3.0, < 6.3.4fixed 6.3.4

    In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmc: Fix memory leak in amd_pmc_stb_debugfs_open_v2() Function amd_pmc_stb_debugfs_open_v2() may be called when the STB debug mechanism enabled. When amd_pmc_send_cmd() fails, the 'buf' needs

  • CVE-2023-54319Dec 30, 2025
    affected >= 4.4.0, < 4.14.322fixed 4.14.322

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: at91-pio4: check return value of devm_kasprintf() devm_kasprintf() returns a pointer to dynamically allocated memory. Pointer could be NULL in case allocation fails. Check pointer validity. Identified

  • CVE-2023-54318Dec 30, 2025
    affected >= 5.8.0, < 5.10.195fixed 5.10.195

    In the Linux kernel, the following vulnerability has been resolved: net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in smcr_port_add While doing smcr_port_add, there maybe linkgroup add into or delete from smc_lgr_list.list at the same time, which may result

  • CVE-2023-54317Dec 30, 2025
    affected < 4.14.308fixed 4.14.308

    In the Linux kernel, the following vulnerability has been resolved: dm flakey: don't corrupt the zero page When we need to zero some range on a block device, the function __blkdev_issue_zero_pages submits a write bio with the bio vector pointing to the zero page. If we use dm-f

  • CVE-2023-54316Dec 30, 2025
    affected >= 5.9.0, < 5.10.195fixed 5.10.195

    In the Linux kernel, the following vulnerability has been resolved: refscale: Fix uninitalized use of wait_queue_head_t Running the refscale test occasionally crashes the kernel with the following error: [ 8569.952896] BUG: unable to handle page fault for address: ffffffffffff

Page 21 of 88