VYPR

linux package

kernel

pkg:linux/kernel

Vulnerabilities (1,755)

  • CVE-2022-50815Dec 30, 2025
    affected >= 2.6.12, < 5.19.17fixed 5.19.17

    In the Linux kernel, the following vulnerability has been resolved: ext2: Add sanity checks for group and filesystem size Add sanity check that filesystem size does not exceed the underlying device size and that group size is big enough so that metadata can fit into it. This av

  • CVE-2022-50814Dec 30, 2025
    affected >= 5.5.0, < 5.10.150fixed 5.10.150

    In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr KASAN reported this Bug: [17619.659757] BUG: KASAN: global-out-of-bounds in param_get_int+0x34/0x60 [17619.673193] Read of size 4 at addr fffff01332

  • CVE-2022-50813Dec 30, 2025
    affected >= 4.7.0, < 4.9.337fixed 4.9.337

    In the Linux kernel, the following vulnerability has been resolved: drivers: mcb: fix resource leak in mcb_probe() When probe hook function failed in mcb_probe(), it doesn't put the device. Compiled test only.

  • CVE-2022-50812Dec 30, 2025
    affected >= 5.15.0, < 5.15.86fixed 5.15.86

    In the Linux kernel, the following vulnerability has been resolved: security: Restrict CONFIG_ZERO_CALL_USED_REGS to gcc or clang > 15.0.6 A bad bug in clang's implementation of -fzero-call-used-regs can result in NULL pointer dereferences (see the links above the check for mor

  • CVE-2022-50811Dec 30, 2025
    affected >= 5.13.0, < 6.0.16fixed 6.0.16

    In the Linux kernel, the following vulnerability has been resolved: erofs: fix missing unmap if z_erofs_get_extent_compressedlen() fails Otherwise, meta buffers could be leaked.

  • CVE-2022-50810Dec 30, 2025
    affected >= 4.6.0, < 4.9.337fixed 4.9.337

    In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing put_device in mport_cdev_open When kfifo_alloc fails, the refcount of chdev->dev is left incremental. We should use put_device(&chdev->dev) to decrease the ref count of chdev->dev

  • CVE-2022-50809Dec 30, 2025
    affected < 5.15.75fixed 5.15.75

    In the Linux kernel, the following vulnerability has been resolved: xhci: dbc: Fix memory leak in xhci_alloc_dbc() If DbC is already in use, then the allocated memory for the xhci_dbc struct doesn't get freed before returning NULL, which leads to a memleak.

  • CVE-2023-54162Dec 30, 2025
    affected >= 5.15.0, < 5.15.145fixed 5.15.145

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix possible memory leak in smb2_lock() argv needs to be free when setup_async_work fails or when the current process is woken up.

  • CVE-2022-50786Dec 30, 2025
    affected >= 3.16.0, < 4.19.270fixed 4.19.270

    In the Linux kernel, the following vulnerability has been resolved: media: s5p-mfc: Clear workbit to handle error condition During error on CLOSE_INSTANCE command, ctx_work_bits was not getting cleared. During consequent mfc execution NULL pointer dereferencing of this context

  • CVE-2022-50785Dec 30, 2025
    affected >= 5.16.0, < 5.19.17fixed 5.19.17

    In the Linux kernel, the following vulnerability has been resolved: fsi: occ: Prevent use after free Use get_device and put_device in the open and close functions to make sure the device doesn't get freed while a file descriptor is open. Also, lock around the freeing of the dev

  • CVE-2022-50784Dec 30, 2025
    affected >= 5.17.0, < 6.0.16fixed 6.0.16

    In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mei: fix potential NULL-ptr deref after clone If cloning the SKB fails, don't try to use it, but rather return as if we should pass it. Coverity CID: 1503456

  • CVE-2025-68750Dec 24, 2025
    affected >= 3.5.0, < 5.4.296fixed 5.4.296

    In the Linux kernel, the following vulnerability has been resolved: usb: potential integer overflow in usbg_make_tpg() The variable tpgt in usbg_make_tpg() is defined as unsigned long and is assigned to tpgt->tport_tpgt, which is defined as u16. This may cause an integer overfl

  • CVE-2025-68748Dec 24, 2025
    affected >= 6.10.0, < 6.12.63fixed 6.12.63

    In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF race between device unplug and FW event processing The function panthor_fw_unplug() will free the FW memory sections. The problem is that there could still be pending FW events which are ye

  • CVE-2025-68747Dec 24, 2025
    affected >= 6.10.0, < 6.12.63fixed 6.12.63

    In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF on kernel BO VA nodes If the MMU is down, panthor_vm_unmap_range() might return an error. We expect the page table to be updated still, and if the MMU is blocked, the rest of the GPU should

  • CVE-2025-68746Dec 24, 2025
    affected >= 5.12.0, < 5.15.198fixed 5.15.198

    In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Fix timeout handling When the CPU that the QSPI interrupt handler runs on (typically CPU 0) is excessively busy, it can lead to rare cases of the IRQ thread not running before the transfer t

  • CVE-2025-68745Dec 24, 2025
    affected >= 5.2.0, < 6.18.2fixed 6.18.2

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Clear cmds after chip reset Commit aefed3e5548f ("scsi: qla2xxx: target: Fix offline port handling and host reset handling") caused two problems: 1. Commands sent to FW, after chip reset got stu

  • CVE-2025-68744Dec 24, 2025
    affected >= 6.4.0, < 6.6.120fixed 6.6.120

    In the Linux kernel, the following vulnerability has been resolved: bpf: Free special fields when update [lru_,]percpu_hash maps As [lru_,]percpu_hash maps support BPF_KPTR_{REF,PERCPU}, missing calls to 'bpf_obj_free_fields()' in 'pcpu_copy_value()' could cause the memory refe

  • CVE-2025-68743Dec 24, 2025
    affected >= 6.15.0, < 6.17.13fixed 6.17.13

    In the Linux kernel, the following vulnerability has been resolved: mshv: Fix create memory region overlap check The current check is incorrect; it only checks if the beginning or end of a region is within an existing region. This doesn't account for userspace specifying a regi

  • CVE-2025-68742Dec 24, 2025
    affected >= 5.1.0, < 6.1.160fixed 6.1.160

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix invalid prog->stats access when update_effective_progs fails Syzkaller triggers an invalid memory access issue following fault injection in update_effective_progs. The issue can be described as follows

  • CVE-2025-68741Dec 24, 2025
    affected >= 6.6.0, < 6.6.120fixed 6.6.120

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxx_process_purls_iocb(), an item is allocated via qla27xx_copy_multiple_pkt(), which internally calls qla24xx_alloc_purex_item(). The qla24xx_alloc_pur

Page 33 of 88