VYPR

linux package

kernel

pkg:linux/kernel

Vulnerabilities (1,755)

  • CVE-2022-50876Dec 30, 2025
    affected >= 4.3.0, < 4.9.331fixed 4.9.331

    In the Linux kernel, the following vulnerability has been resolved: usb: musb: Fix musb_gadget.c rxstate overflow bug The usb function device call musb_gadget_queue() adds the passed request to musb_ep::req_list,If the (request->length > musb_ep->packet_sz) and (is_buffer_mappe

  • CVE-2022-50875Dec 30, 2025
    affected >= 5.0.0, < 5.4.229fixed 5.4.229

    In the Linux kernel, the following vulnerability has been resolved: of: overlay: fix null pointer dereferencing in find_dup_cset_node_entry() and find_dup_cset_prop() When kmalloc() fail to allocate memory in kasprintf(), fn_1 or fn_2 will be NULL, and strcmp() will cause null

  • CVE-2022-50874Dec 30, 2025
    affected >= 6.0.0, < 6.1.16fixed 6.1.16

    In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Fix refcount leak in erdma_mmap rdma_user_mmap_entry_get() take reference, we should release it when not need anymore, add the missing rdma_user_mmap_entry_put() in the error path to fix it.

  • CVE-2022-50873Dec 30, 2025
    affected >= 5.19.0, < 6.0.19fixed 6.0.19

    In the Linux kernel, the following vulnerability has been resolved: vdpa/vp_vdpa: fix kfree a wrong pointer in vp_vdpa_remove In vp_vdpa_remove(), the code kfree(&vp_vdpa_mgtdev->mgtdev.id_table) uses a reference of pointer as the argument of kfree, which is the wrong pointer a

  • CVE-2022-50872Dec 30, 2025
    affected >= 3.7.0, < 4.14.308fixed 4.14.308

    In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: Fix memory leak in realtime_counter_init() The "sys_clk" resource is malloced by clk_get(), it is not released when the function return.

  • CVE-2022-50871Dec 30, 2025
    affected >= 5.6.0, < 6.0.16fixed 6.0.16

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix qmi_msg_handler data structure initialization qmi_msg_handler is required to be null terminated by QMI module. There might be a case where a handler for a msg id is not present in the handlers

  • CVE-2022-50870Dec 30, 2025
    affected >= 2.6.16, < 4.14.303fixed 4.14.303

    In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid device tree lookups in rtas_os_term() rtas_os_term() is called during panic. Its behavior depends on a couple of conditions in the /rtas node of the device tree, the traversal of which entai

  • CVE-2022-50869Dec 30, 2025
    affected >= 5.15.0, < 5.15.87fixed 5.15.87

    In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix slab-out-of-bounds in r_page When PAGE_SIZE is 64K, if read_log_page is called by log_read_rst for the first time, the size of *buffer would be equal to DefaultLogPageSize(4K).But for *buffer oper

  • CVE-2022-50868Dec 30, 2025
    affected >= 2.6.18, < 4.9.337fixed 4.9.337

    In the Linux kernel, the following vulnerability has been resolved: hwrng: amd - Fix PCI device refcount leak for_each_pci_dev() is implemented by pci_get_device(). The comment of pci_get_device() says that it will increase the reference count for the returned pci_dev and also

  • CVE-2022-50867Dec 30, 2025
    affected >= 5.17.0, < 6.0.7fixed 6.0.7

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Fix kvzalloc vs state_kcalloc usage adreno_show_object() is a trap! It will re-allocate the pointer it is passed on first call, when the data is ascii85 encoded, using kvmalloc/ kvfree(). Which

  • CVE-2022-50866Dec 30, 2025
    affected >= 3.6.0, < 4.9.337fixed 4.9.337

    In the Linux kernel, the following vulnerability has been resolved: ASoC: pxa: fix null-pointer dereference in filter() kasprintf() would return NULL pointer when kmalloc() fail to allocate. Need to check the return pointer before calling strcmp().

  • CVE-2022-50865Dec 30, 2025
    affected >= 4.9.0, < 5.4.278fixed 5.4.278

    In the Linux kernel, the following vulnerability has been resolved: tcp: fix a signed-integer-overflow bug in tcp_add_backlog() The type of sk_rcvbuf and sk_sndbuf in struct sock is int, and in tcp_add_backlog(), the variable limit is caculated by adding sk_rcvbuf, sk_sndbuf an

  • CVE-2022-50864Dec 30, 2025
    affected >= 2.6.30, < 5.10.163fixed 5.10.163

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix shift-out-of-bounds due to too large exponent of block size If field s_log_block_size of superblock data is corrupted and too large, init_nilfs() and load_nilfs() still can trigger a shift-out-of-bo

  • CVE-2022-50863Dec 30, 2025
    affected >= 5.19.0, < 5.19.17fixed 5.19.17

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: free unused skb to prevent memory leak This avoid potential memory leak under power saving mode.

  • CVE-2022-50862Dec 30, 2025
    affected >= 5.16.0, < 6.0.7fixed 6.0.7

    In the Linux kernel, the following vulnerability has been resolved: bpf: prevent decl_tag from being referenced in func_proto Syzkaller was able to hit the following issue: ------------[ cut here ]------------ WARNING: CPU: 0 PID: 3609 at kernel/bpf/btf.c:1946 btf_type_id_size

  • CVE-2022-50861Dec 30, 2025
    affected >= 5.13.0, < 5.15.86fixed 5.15.86

    In the Linux kernel, the following vulnerability has been resolved: NFSD: Finish converting the NFSv2 GETACL result encoder The xdr_stream conversion inadvertently left some code that set the page_len of the send buffer. The XDR stream encoders should handle this automatically

  • CVE-2022-50860Dec 30, 2025
    affected >= 4.13.0, < 5.10.163fixed 5.10.163

    In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix memleak in alloc_ns() After changes in commit a1bd627b46d1 ("apparmor: share profile name on replacement"), the hname member of struct aa_policy is not valid slab object, but a subset of that, it

  • CVE-2022-50859Dec 30, 2025
    affected >= 5.0.0, < 5.4.220fixed 5.4.220

    In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message Commit d5c7076b772a ("smb3: add smb3.1.1 to default dialect list") extend the dialects from 3 to 4, but forget to decrease the extended length when

  • CVE-2022-50858Dec 30, 2025
    affected >= 5.0.0, < 5.4.229fixed 5.4.229

    In the Linux kernel, the following vulnerability has been resolved: mmc: alcor: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it will lead a kernel crash

  • CVE-2022-50857Dec 30, 2025
    affected >= 3.15.0, < 4.9.337fixed 4.9.337

    In the Linux kernel, the following vulnerability has been resolved: rapidio: rio: fix possible name leak in rio_register_mport() If device_register() returns error, the name allocated by dev_set_name() need be freed. It should use put_device() to give up the reference in the e

Page 30 of 88