VYPR

linux package

kernel

pkg:linux/kernel

Vulnerabilities (1,755)

  • CVE-2023-54190Dec 30, 2025
    affected >= 5.6.0, < 5.10.173fixed 5.10.173

    In the Linux kernel, the following vulnerability has been resolved: leds: led-core: Fix refcount leak in of_led_get() class_find_device_by_of_node() calls class_find_device(), it will take the reference, use the put_device() to drop the reference when not need anymore.

  • CVE-2023-54189Dec 30, 2025
    affected < 5.4.251fixed 5.4.251

    In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Add check for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to avoid NULL pointer dereference.

  • CVE-2023-54188Dec 30, 2025
    affected >= 6.0.0, < 6.1.25fixed 6.1.25

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: apple-admac: Fix 'current_tx' not getting freed In terminate_all we should queue up all submitted descriptors to be freed. We do that for the content of the 'issued' and 'submitted' lists, but the 'c

  • CVE-2023-54187Dec 30, 2025
    affected >= 3.19.0, < 5.4.243fixed 5.4.243

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix potential corruption when moving a directory F2FS has the same issue in ext4_rename causing crash revealed by xfstests/generic/707. See also commit 0813299c586b ("ext4: Fix possible corruption when m

  • CVE-2023-54186Dec 30, 2025
    affected >= 4.19.0, < 4.19.284fixed 4.19.284

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: fix pin_assignment_show This patch fixes negative indexing of buf array in pin_assignment_show when get_current_pin_assignments returns 0 i.e. no compatible pin assignments are

  • CVE-2023-54185Dec 30, 2025
    affected >= 2.6.29, < 6.1.45fixed 6.1.45

    In the Linux kernel, the following vulnerability has been resolved: btrfs: remove BUG_ON()'s in add_new_free_space() At add_new_free_space() we have these BUG_ON()'s that are there to deal with any failure to add free space to the in memory free space cache. Such failures are m

  • CVE-2023-54184Dec 30, 2025
    affected >= 3.12.0, < 5.4.244fixed 5.4.244

    In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsit: Free cmds before session free Commands from recovery entries are freed after session has been closed. That leads to use-after-free at command free or NPE with such call trace: Time2Retain

  • CVE-2023-54183Dec 30, 2025
    affected >= 4.13.0, < 4.19.295fixed 4.19.295

    In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: Fix a potential resource leak in v4l2_fwnode_parse_link() If fwnode_graph_get_remote_endpoint() fails, 'fwnode' is known to be NULL, so fwnode_handle_put() is a no-op. Release the reference t

  • CVE-2023-54182Dec 30, 2025
    affected >= 5.2.0, < 5.15.113fixed 5.15.113

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to check readonly condition correctly With below case, it can mount multi-device image w/ rw option, however one of secondary device is set as ro, later update will cause panic, so let's introduce f2f

  • CVE-2023-54181Dec 30, 2025
    affected >= 5.8.0, < 6.1.53fixed 6.1.53

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix issue in verifying allow_ptr_leaks After we converted the capabilities of our networking-bpf program from cap_sys_admin to cap_net_admin+cap_bpf, our networking-bpf program failed to start. Because it

  • CVE-2023-54180Dec 30, 2025
    affected >= 3.8.0, < 6.0.19fixed 6.0.19

    In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace [BUG] There is a bug report that a BUG_ON() in btrfs_repair_io_failure() (originally repair_io_failure() in v6.0 kernel) got triggered when replacing a un

  • CVE-2023-54179Dec 30, 2025
    affected >= 2.6.12, < 4.19.291fixed 4.19.291

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Array index may go out of bound Klocwork reports array 'vha->host_str' of size 16 may use index value(s) 16..19. Use snprintf() instead of sprintf().

  • CVE-2023-54178Dec 30, 2025
    affected >= 4.14.0, < 4.14.326fixed 4.14.326

    In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix null pointer dereferencing in of_unittest_find_node_by_name() when kmalloc() fail to allocate memory in kasprintf(), name or full_name will be NULL, strcmp() will cause null pointer dereferenc

  • CVE-2023-54177Dec 30, 2025
    affected >= 3.15.0, < 4.14.324fixed 4.14.324

    In the Linux kernel, the following vulnerability has been resolved: quota: fix warning in dqgrab() There's issue as follows when do fault injection: WARNING: CPU: 1 PID: 14870 at include/linux/quotaops.h:51 dquot_disable+0x13b7/0x18c0 Modules linked in: CPU: 1 PID: 14870 Comm:

  • CVE-2023-54176Dec 30, 2025
    affected >= 5.11.0, < 5.15.108fixed 5.15.108

    In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcp_worker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: connect() // incoming reset + fastclose // th

  • CVE-2023-54175Dec 30, 2025
    affected >= 5.16.0, < 6.1.28fixed 6.1.28

    In the Linux kernel, the following vulnerability has been resolved: i2c: xiic: xiic_xfer(): Fix runtime PM leak on error path The xiic_xfer() function gets a runtime PM reference when the function is entered. This reference is released when the function is exited. There is curr

  • CVE-2023-54174Dec 30, 2025
    affected >= 6.2.0, < 6.2.3fixed 6.2.3

    In the Linux kernel, the following vulnerability has been resolved: vfio: Fix NULL pointer dereference caused by uninitialized group->iommufd group->iommufd is not initialized for the iommufd_ctx_put() [20018.331541] BUG: kernel NULL pointer dereference, address: 0000000000000

  • CVE-2023-54173Dec 30, 2025
    affected >= 5.7.0, < 5.10.190fixed 5.10.190

    In the Linux kernel, the following vulnerability has been resolved: bpf: Disable preemption in bpf_event_output We received report [1] of kernel crash, which is caused by using nesting protection without disabled preemption. The bpf_event_output can be called by programs execu

  • CVE-2023-54172Dec 30, 2025
    affected >= 5.18.0, < 6.1.45fixed 6.1.45

    In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction On hardware that supports Indirect Branch Tracking (IBT), Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, curre

  • CVE-2023-54171Dec 30, 2025
    affected >= 5.7.0, < 5.10.188fixed 5.10.188

    In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak of iter->temp when reading trace_pipe kmemleak reports: unreferenced object 0xffff88814d14e200 (size 256): comm "cat", pid 336, jiffies 4294871818 (age 779.490s) hex dump (fir

Page 28 of 88