VYPR

linux package

kernel

pkg:linux/kernel

Vulnerabilities (1,755)

  • CVE-2023-54170Dec 30, 2025
    affected >= 5.3.0, < 5.4.253fixed 5.4.253

    In the Linux kernel, the following vulnerability has been resolved: keys: Fix linking a duplicate key to a keyring's assoc_array When making a DNS query inside the kernel using dns_query(), the request code can in rare cases end up creating a duplicate index key in the assoc_ar

  • CVE-2023-54169Dec 30, 2025
    affected >= 5.11.0, < 5.15.121fixed 5.15.121

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix memory leak in mlx5e_ptp_open When kvzalloc_node or kvzalloc failed in mlx5e_ptp_open, the memory pointed by "c" or "cparams" is not freed, which can lead to a memory leak. Fix by freeing the arr

  • CVE-2023-54168Dec 30, 2025
    affected >= 2.6.24, < 4.19.283fixed 4.19.283

    In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx4: Prevent shift wrapping in set_user_sq_size() The ucmd->log_sq_bb_count variable is controlled by the user so this shift can wrap. Fix it by using check_shl_overflow() in the same way that it was don

  • CVE-2023-54167Dec 30, 2025
    affected >= 5.17.0, < 6.1.20fixed 6.1.20

    In the Linux kernel, the following vulnerability has been resolved: m68k: mm: Move initrd phys_to_virt handling after paging_init() When booting with an initial ramdisk on platforms where physical memory does not start at address zero (e.g. on Amiga): initrd: 0ef0602c - 0f

  • CVE-2023-54166Dec 30, 2025
    affected < 5.15.124fixed 5.15.124

    In the Linux kernel, the following vulnerability has been resolved: igc: Fix Kernel Panic during ndo_tx_timeout callback The Xeon validation group has been carrying out some loaded tests with various HW configurations, and they have seen some transmit queue time out happening d

  • CVE-2023-54165Dec 30, 2025
    affected >= 6.2.0, < 6.3.5fixed 6.3.5

    In the Linux kernel, the following vulnerability has been resolved: zsmalloc: move LRU update from zs_map_object() to zs_malloc() Under memory pressure, we sometimes observe the following crash: [ 5694.832838] ------------[ cut here ]------------ [ 5694.842093] list_del corrup

  • CVE-2023-54164Dec 30, 2025
    affected < 6.1.42fixed 6.1.42

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix iso_conn related locking and validity issues sk->sk_state indicates whether iso_pi(sk)->conn is valid. Operations that check/update sk_state and access conn should hold lock_sock, otherwise

  • CVE-2022-50889Dec 30, 2025
    affected >= 4.12.0, < 5.4.229fixed 5.4.229

    In the Linux kernel, the following vulnerability has been resolved: dm integrity: Fix UAF in dm_integrity_dtr() Dm_integrity also has the same UAF problem when dm_resume() and dm_destroy() are concurrent. Therefore, cancelling timer again in dm_integrity_dtr().

  • CVE-2022-50888Dec 30, 2025
    affected >= 5.13.0, < 5.15.86fixed 5.15.86

    In the Linux kernel, the following vulnerability has been resolved: remoteproc: qcom: q6v5: Fix potential null-ptr-deref in q6v5_wcss_init_mmio() q6v5_wcss_init_mmio() will call platform_get_resource_byname() that may fail and return NULL. devm_ioremap() will use res->start as

  • CVE-2022-50887Dec 30, 2025
    affected >= 3.3.0, < 4.9.337fixed 4.9.337

    In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix unbalanced of node refcount in regulator_dev_lookup() I got the the following report: OF: ERROR: memory leak, expected refcount 1 instead of 2, of_node_get()/of_node_put() unbalanced -

  • CVE-2022-50886Dec 30, 2025
    affected >= 3.19.0, < 4.9.337fixed 4.9.337

    In the Linux kernel, the following vulnerability has been resolved: mmc: toshsd: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash

  • CVE-2022-50885Dec 30, 2025
    affected >= 4.8.0, < 4.14.303fixed 4.14.303

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create failed There is a null-ptr-deref when mount.cifs over rdma: BUG: KASAN: null-ptr-deref in rxe_qp_do_cleanup+0x2f3/0x360 [rdma_rxe] Rea

  • CVE-2022-50884Dec 30, 2025
    affected >= 2.6.16, < 4.9.331fixed 4.9.331

    In the Linux kernel, the following vulnerability has been resolved: drm: Prevent drm_copy_field() to attempt copying a NULL pointer There are some struct drm_driver fields that are required by drivers since drm_copy_field() attempts to copy them to user-space via DRM_IOCTL_VERS

  • CVE-2022-50883Dec 30, 2025
    affected >= 5.16.0, < 6.0.16fixed 6.0.16

    In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent decl_tag from being referenced in func_proto arg Syzkaller managed to hit another decl_tag issue: btf_func_proto_check kernel/bpf/btf.c:4506 [inline] btf_check_all_types kernel/bpf/btf.c:4734

  • CVE-2022-50882Dec 30, 2025
    affected >= 5.12.0, < 5.15.75fixed 5.15.75

    In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix memory leak in uvc_gpio_parse Previously the unit buffer was allocated before checking the IRQ for privacy GPIO. In case of error, the unit buffer was leaked. Allocate the unit buffer afte

  • CVE-2022-50881Dec 30, 2025
    affected >= 5.8.0, < 5.10.173fixed 5.10.173

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect() This patch fixes a use-after-free in ath9k that occurs in ath9k_hif_usb_disconnect() when ath9k_destroy_wmi() is trying to access 'drv_priv' that ha

  • CVE-2022-50880Dec 30, 2025
    affected >= 4.8.0, < 4.9.331fixed 4.9.331

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state() When peer delete failed in a disconnect operation, use-after-free detected by KFENCE in below log. It is because for each vdev_id and ad

  • CVE-2022-50879Dec 30, 2025
    affected >= 4.17.0, < 5.4.229fixed 5.4.229

    In the Linux kernel, the following vulnerability has been resolved: objtool: Fix SEGFAULT find_insn() will return NULL in case of failure. Check insn in order to avoid a kernel Oops for NULL pointer dereference.

  • CVE-2022-50878Dec 30, 2025
    affected >= 5.10.0, < 5.10.150fixed 5.10.150

    In the Linux kernel, the following vulnerability has been resolved: gpu: lontium-lt9611: Fix NULL pointer dereference in lt9611_connector_init() A NULL check for bridge->encoder shows that it may be NULL, but it already been dereferenced on all paths leading to the check. 812 i

  • CVE-2022-50877Dec 30, 2025
    affected >= 5.12.0, < 5.15.77fixed 5.15.77

    In the Linux kernel, the following vulnerability has been resolved: net: broadcom: bcm4908_enet: update TX stats after actual transmission Queueing packets doesn't guarantee their transmission. Update TX stats after hardware confirms consuming submitted data. This also fixes a

Page 29 of 88