linux package
kernel
pkg:linux/kernel
Vulnerabilities (1,755)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-68760 | — | >= 6.17.0, < 6.17.13 | 6.17.13 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential out-of-bounds read in iommu_mmio_show In iommu_mmio_write(), it validates the user-provided offset with the check: `iommu->dbg_mmio_offset > iommu->mmio_phys_end - 4`. This assumes a 4- | ||
| CVE-2025-68759 | — | >= 2.6.25, < 5.10.248 | 5.10.248 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring() In rtl8180_init_rx_ring(), memory is allocated for skb packets and DMA allocations in a loop. When an allocation fails, the previously success | ||
| CVE-2025-68758 | — | >= 5.6.0, < 5.10.248 | 5.10.248 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: backlight: led-bl: Add devlink to supplier LEDs LED Backlight is a consumer of one or multiple LED class devices, but devlink is currently unable to create correct supplier-producer links when the supplier is a | ||
| CVE-2025-68757 | — | >= 4.8.0, < 5.10.248 | 5.10.248 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: drm/vgem-fence: Fix potential deadlock on release A timer that expires a vgem fence automatically in 10 seconds is now released with timer_delete_sync() from fence->ops.release() called on last dma_fence_put(). | ||
| CVE-2025-68756 | — | >= 6.2.0, < 6.6.120 | 6.6.120 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: block: Use RCU in blk_mq_[un]quiesce_tagset() instead of set->tag_list_lock blk_mq_{add,del}_queue_tag_set() functions add and remove queues from tagset, the functions make sure that tagset and queues are marke | ||
| CVE-2025-68755 | — | >= 5.6.0, < 6.6.120 | 6.6.120 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: staging: most: remove broken i2c driver The MOST I2C driver has been completely broken for five years without anyone noticing so remove the driver from staging. Specifically, commit 723de0f9171e ("staging: mos | ||
| CVE-2025-68754 | — | >= 6.13.0, < 6.17.13 | 6.17.13 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double free caused by devm The clock obtained via devm_clk_get_enabled() is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clk_disable_unp | ||
| CVE-2025-68753 | — | >= 5.16.0, < 6.1.160 | 6.1.160 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: add bounds check in put_user loop for DSP events In the DSP event handling code, a put_user() loop copies event data. When the user buffer size is not aligned to 4 bytes, it could overwrite | ||
| CVE-2025-68752 | — | >= 6.15.0, < 6.17.13 | 6.17.13 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: iavf: Implement settime64 with -EOPNOTSUPP ptp_clock_settime() assumes every ptp_clock has implemented settime64(). Stub it with -EOPNOTSUPP to prevent a NULL dereference. The fix is similar to commit 329d050b | ||
| CVE-2025-68751 | — | >= 6.9.0, < 6.17.13 | 6.17.13 | Jan 5, 2026 | In the Linux kernel, the following vulnerability has been resolved: s390/fpu: Fix false-positive kmsan report in fpu_vstl() A false-positive kmsan report is detected when running ping command. An inline assembly instruction 'vstl' can write varied amount of bytes depending on | ||
| CVE-2023-54326 | — | >= 4.19.0, < 4.19.291 | 4.19.291 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Free IRQs before removing the device In pci_endpoint_test_remove(), freeing the IRQs after removing the device creates a small race window for IRQs to be received with the test device m | ||
| CVE-2023-54325 | — | >= 5.11.0, < 5.15.99 | 5.15.99 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix out-of-bounds read When preparing an AER-CTR request, the driver copies the key provided by the user into a data structure that is accessible by the firmware. If the target device is QAT GEN4, | ||
| CVE-2023-54324 | — | >= 2.6.12, < 6.1.56 | 6.1.56 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm: fix a race condition in retrieve_deps There's a race condition in the multipath target when retrieve_deps races with multipath_message calling dm_get_device and dm_put_device. retrieve_deps walks the list o | ||
| CVE-2023-54323 | — | >= 5.14.0, < 6.1.16 | 6.1.16 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: cxl/pmem: Fix nvdimm registration races A loop of the form: while true; do modprobe cxl_pci; modprobe -r cxl_pci; done ...fails with the following crash signature: BUG: kernel NULL pointer dereferenc | ||
| CVE-2023-54322 | — | >= 4.3.0, < 5.10.188 | 5.10.188 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: arm64: set __exception_irq_entry with __irq_entry as a default filter_irq_stacks() is supposed to cut entries which are related irq entries from its call stack. And in_irqentry_text() which is called by filter_ | ||
| CVE-2023-54320 | — | >= 6.3.0, < 6.3.4 | 6.3.4 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmc: Fix memory leak in amd_pmc_stb_debugfs_open_v2() Function amd_pmc_stb_debugfs_open_v2() may be called when the STB debug mechanism enabled. When amd_pmc_send_cmd() fails, the 'buf' needs | ||
| CVE-2023-54319 | — | >= 4.4.0, < 4.14.322 | 4.14.322 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: pinctrl: at91-pio4: check return value of devm_kasprintf() devm_kasprintf() returns a pointer to dynamically allocated memory. Pointer could be NULL in case allocation fails. Check pointer validity. Identified | ||
| CVE-2023-54318 | — | >= 5.8.0, < 5.10.195 | 5.10.195 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in smcr_port_add While doing smcr_port_add, there maybe linkgroup add into or delete from smc_lgr_list.list at the same time, which may result | ||
| CVE-2023-54317 | — | < 4.14.308 | 4.14.308 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: dm flakey: don't corrupt the zero page When we need to zero some range on a block device, the function __blkdev_issue_zero_pages submits a write bio with the bio vector pointing to the zero page. If we use dm-f | ||
| CVE-2023-54316 | — | >= 5.9.0, < 5.10.195 | 5.10.195 | Dec 30, 2025 | In the Linux kernel, the following vulnerability has been resolved: refscale: Fix uninitalized use of wait_queue_head_t Running the refscale test occasionally crashes the kernel with the following error: [ 8569.952896] BUG: unable to handle page fault for address: ffffffffffff |
- CVE-2025-68760Jan 5, 2026affected >= 6.17.0, < 6.17.13fixed 6.17.13
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential out-of-bounds read in iommu_mmio_show In iommu_mmio_write(), it validates the user-provided offset with the check: `iommu->dbg_mmio_offset > iommu->mmio_phys_end - 4`. This assumes a 4-
- CVE-2025-68759Jan 5, 2026affected >= 2.6.25, < 5.10.248fixed 5.10.248
In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring() In rtl8180_init_rx_ring(), memory is allocated for skb packets and DMA allocations in a loop. When an allocation fails, the previously success
- CVE-2025-68758Jan 5, 2026affected >= 5.6.0, < 5.10.248fixed 5.10.248
In the Linux kernel, the following vulnerability has been resolved: backlight: led-bl: Add devlink to supplier LEDs LED Backlight is a consumer of one or multiple LED class devices, but devlink is currently unable to create correct supplier-producer links when the supplier is a
- CVE-2025-68757Jan 5, 2026affected >= 4.8.0, < 5.10.248fixed 5.10.248
In the Linux kernel, the following vulnerability has been resolved: drm/vgem-fence: Fix potential deadlock on release A timer that expires a vgem fence automatically in 10 seconds is now released with timer_delete_sync() from fence->ops.release() called on last dma_fence_put().
- CVE-2025-68756Jan 5, 2026affected >= 6.2.0, < 6.6.120fixed 6.6.120
In the Linux kernel, the following vulnerability has been resolved: block: Use RCU in blk_mq_[un]quiesce_tagset() instead of set->tag_list_lock blk_mq_{add,del}_queue_tag_set() functions add and remove queues from tagset, the functions make sure that tagset and queues are marke
- CVE-2025-68755Jan 5, 2026affected >= 5.6.0, < 6.6.120fixed 6.6.120
In the Linux kernel, the following vulnerability has been resolved: staging: most: remove broken i2c driver The MOST I2C driver has been completely broken for five years without anyone noticing so remove the driver from staging. Specifically, commit 723de0f9171e ("staging: mos
- CVE-2025-68754Jan 5, 2026affected >= 6.13.0, < 6.17.13fixed 6.17.13
In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double free caused by devm The clock obtained via devm_clk_get_enabled() is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clk_disable_unp
- CVE-2025-68753Jan 5, 2026affected >= 5.16.0, < 6.1.160fixed 6.1.160
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: add bounds check in put_user loop for DSP events In the DSP event handling code, a put_user() loop copies event data. When the user buffer size is not aligned to 4 bytes, it could overwrite
- CVE-2025-68752Jan 5, 2026affected >= 6.15.0, < 6.17.13fixed 6.17.13
In the Linux kernel, the following vulnerability has been resolved: iavf: Implement settime64 with -EOPNOTSUPP ptp_clock_settime() assumes every ptp_clock has implemented settime64(). Stub it with -EOPNOTSUPP to prevent a NULL dereference. The fix is similar to commit 329d050b
- CVE-2025-68751Jan 5, 2026affected >= 6.9.0, < 6.17.13fixed 6.17.13
In the Linux kernel, the following vulnerability has been resolved: s390/fpu: Fix false-positive kmsan report in fpu_vstl() A false-positive kmsan report is detected when running ping command. An inline assembly instruction 'vstl' can write varied amount of bytes depending on
- CVE-2023-54326Dec 30, 2025affected >= 4.19.0, < 4.19.291fixed 4.19.291
In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Free IRQs before removing the device In pci_endpoint_test_remove(), freeing the IRQs after removing the device creates a small race window for IRQs to be received with the test device m
- CVE-2023-54325Dec 30, 2025affected >= 5.11.0, < 5.15.99fixed 5.15.99
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix out-of-bounds read When preparing an AER-CTR request, the driver copies the key provided by the user into a data structure that is accessible by the firmware. If the target device is QAT GEN4,
- CVE-2023-54324Dec 30, 2025affected >= 2.6.12, < 6.1.56fixed 6.1.56
In the Linux kernel, the following vulnerability has been resolved: dm: fix a race condition in retrieve_deps There's a race condition in the multipath target when retrieve_deps races with multipath_message calling dm_get_device and dm_put_device. retrieve_deps walks the list o
- CVE-2023-54323Dec 30, 2025affected >= 5.14.0, < 6.1.16fixed 6.1.16
In the Linux kernel, the following vulnerability has been resolved: cxl/pmem: Fix nvdimm registration races A loop of the form: while true; do modprobe cxl_pci; modprobe -r cxl_pci; done ...fails with the following crash signature: BUG: kernel NULL pointer dereferenc
- CVE-2023-54322Dec 30, 2025affected >= 4.3.0, < 5.10.188fixed 5.10.188
In the Linux kernel, the following vulnerability has been resolved: arm64: set __exception_irq_entry with __irq_entry as a default filter_irq_stacks() is supposed to cut entries which are related irq entries from its call stack. And in_irqentry_text() which is called by filter_
- CVE-2023-54320Dec 30, 2025affected >= 6.3.0, < 6.3.4fixed 6.3.4
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmc: Fix memory leak in amd_pmc_stb_debugfs_open_v2() Function amd_pmc_stb_debugfs_open_v2() may be called when the STB debug mechanism enabled. When amd_pmc_send_cmd() fails, the 'buf' needs
- CVE-2023-54319Dec 30, 2025affected >= 4.4.0, < 4.14.322fixed 4.14.322
In the Linux kernel, the following vulnerability has been resolved: pinctrl: at91-pio4: check return value of devm_kasprintf() devm_kasprintf() returns a pointer to dynamically allocated memory. Pointer could be NULL in case allocation fails. Check pointer validity. Identified
- CVE-2023-54318Dec 30, 2025affected >= 5.8.0, < 5.10.195fixed 5.10.195
In the Linux kernel, the following vulnerability has been resolved: net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in smcr_port_add While doing smcr_port_add, there maybe linkgroup add into or delete from smc_lgr_list.list at the same time, which may result
- CVE-2023-54317Dec 30, 2025affected < 4.14.308fixed 4.14.308
In the Linux kernel, the following vulnerability has been resolved: dm flakey: don't corrupt the zero page When we need to zero some range on a block device, the function __blkdev_issue_zero_pages submits a write bio with the bio vector pointing to the zero page. If we use dm-f
- CVE-2023-54316Dec 30, 2025affected >= 5.9.0, < 5.10.195fixed 5.10.195
In the Linux kernel, the following vulnerability has been resolved: refscale: Fix uninitalized use of wait_queue_head_t Running the refscale test occasionally crashes the kernel with the following error: [ 8569.952896] BUG: unable to handle page fault for address: ffffffffffff
Page 21 of 88