VYPR

linux package

kernel

pkg:linux/kernel

Vulnerabilities (1,755)

  • CVE-2023-54146Dec 24, 2025
    affected < 5.15.87fixed 5.15.87

    In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix double-free of elf header buffer After b3e34a47f989 ("x86/kexec: fix memory leak of elf header buffer"), freeing image->elf_headers in the error path of crash_load_segments() is not needed be

  • CVE-2023-54145Dec 24, 2025
    affected >= 4.15.0, < 6.1.107fixed 6.1.107

    In the Linux kernel, the following vulnerability has been resolved: bpf: drop unnecessary user-triggerable WARN_ONCE in verifierl log It's trivial for user to trigger "verifier log line truncated" warning, as verifier has a fixed-sized buffer of 1024 bytes (as of now), and ther

  • CVE-2023-54144Dec 24, 2025
    affected >= 6.0.0, < 6.0.19fixed 6.0.19

    In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix kernel warning during topology setup This patch fixes the following kernel warning seen during driver load by correctly initializing the p2plink attr before creating the sysfs file: [ +0.00286

  • CVE-2023-54143Dec 24, 2025
    affected >= 5.18.0, < 6.1.53fixed 6.1.53

    In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix resource leaks in vdec_msg_queue_init() If we encounter any error in the vdec_msg_queue_init() then we need to set "msg_queue->wdma_addr.size = 0;". Normally, this is done inside t

  • CVE-2023-54142Dec 24, 2025
    affected < 4.14.322fixed 4.14.322

    In the Linux kernel, the following vulnerability has been resolved: gtp: Fix use-after-free in __gtp_encap_destroy(). syzkaller reported use-after-free in __gtp_encap_destroy(). [0] It shows the same process freed sk and touched it illegally. Commit e198987e7dd7 ("gtp: fix su

  • CVE-2023-54141Dec 24, 2025
    affected >= 6.3.0, < 6.3.13fixed 6.3.13

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Add missing hw_ops->get_ring_selector() for IPQ5018 During sending data after clients connected, hw_ops->get_ring_selector() will be called. But for IPQ5018, this member isn't set, and the followi

  • CVE-2023-54140Dec 24, 2025
    affected >= 3.10.0, < 4.14.326fixed 4.14.326

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse A syzbot stress test using a corrupted disk image reported that mark_buffer_dirty() called from __nilfs_mark_inode_dirty() or nilfs_palloc_

  • CVE-2023-54139Dec 24, 2025
    affected >= 5.18.0, < 6.1.28fixed 6.1.28

    In the Linux kernel, the following vulnerability has been resolved: tracing/user_events: Ensure write index cannot be negative The write index indicates which event the data is for and accesses a per-file array. The index is passed by user processes during write() calls as the

  • CVE-2023-54138Dec 24, 2025
    affected >= 5.15.0, < 5.15.112fixed 5.15.112

    In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix NULL-deref on irq uninstall In case of early initialisation errors and on platforms that do not use the DPU controller, the deinitilisation code can be called with the kms pointer set to NULL. Pat

  • CVE-2023-54137Dec 24, 2025
    affected >= 5.8.0, < 5.10.195fixed 5.10.195

    In the Linux kernel, the following vulnerability has been resolved: vfio/type1: fix cap_migration information leak Fix an information leak where an uninitialized hole in struct vfio_iommu_type1_info_cap_migration on the stack is exposed to userspace. The definition of struct v

  • CVE-2023-54136Dec 24, 2025
    affected >= 5.2.0, < 5.4.257fixed 5.4.257

    In the Linux kernel, the following vulnerability has been resolved: serial: sprd: Fix DMA buffer leak issue Release DMA buffer when _probe() returns failure to avoid memory leak.

  • CVE-2023-54135Dec 24, 2025
    affected >= 6.1.0, < 6.1.37fixed 6.1.37

    In the Linux kernel, the following vulnerability has been resolved: maple_tree: fix potential out-of-bounds access in mas_wr_end_piv() Check the write offset end bounds before using it as the offset into the pivot array. This avoids a possible out-of-bounds access on the pivot

  • CVE-2023-54134Dec 24, 2025
    affected >= 2.6.27, < 4.14.326fixed 4.14.326

    In the Linux kernel, the following vulnerability has been resolved: autofs: fix memory leak of waitqueues in autofs_catatonic_mode Syzkaller reports a memory leak: BUG: memory leak unreferenced object 0xffff88810b279e00 (size 96): comm "syz-executor399", pid 3631, jiffies 42

  • CVE-2023-54133Dec 24, 2025
    affected >= 6.2.0, < 6.4.5fixed 6.4.5

    In the Linux kernel, the following vulnerability has been resolved: nfp: clean mc addresses in application firmware when closing port When moving devices from one namespace to another, mc addresses are cleaned in software while not removed from application firmware. Thus the mc

  • CVE-2023-54132Dec 24, 2025
    affected >= 4.19.0, < 5.4.243fixed 5.4.243

    In the Linux kernel, the following vulnerability has been resolved: erofs: stop parsing non-compact HEAD index if clusterofs is invalid Syzbot generated a crafted image [1] with a non-compact HEAD index of clusterofs 33024 while valid numbers should be 0 ~ lclustersize-1, which

  • CVE-2023-54131Dec 24, 2025
    affected >= 5.11.0, < 5.15.111fixed 5.15.111

    In the Linux kernel, the following vulnerability has been resolved: wifi: rt2x00: Fix memory leak when handling surveys When removing a rt2x00 device, its associated channel surveys are not freed, causing a memory leak observable with kmemleak: unreferenced object 0xffff9620f0

  • CVE-2023-54130Dec 24, 2025
    affected >= 5.16.0, < 6.0.19fixed 6.0.19

    In the Linux kernel, the following vulnerability has been resolved: hfs/hfsplus: avoid WARN_ON() for sanity check, use proper error handling Commit 55d1cbbbb29e ("hfs/hfsplus: use WARN_ON for sanity check") fixed a build warning by turning a comment into a WARN_ON(), but it tur

  • CVE-2023-54129Dec 24, 2025
    affected >= 4.20.0, < 6.1.32fixed 6.1.32

    In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Add validation for lmac type Upon physical link change, firmware reports to the kernel about the change along with the details like speed, lmac_type_id, etc. Kernel derives lmac_type based on lmac

  • CVE-2023-54128Dec 24, 2025
    affected >= 5.12.0, < 5.15.107fixed 5.15.107

    In the Linux kernel, the following vulnerability has been resolved: fs: drop peer group ids under namespace lock When cleaning up peer group ids in the failure path we need to make sure to hold on to the namespace lock. Otherwise another thread might just turn the mount from a

  • CVE-2023-54127Dec 24, 2025
    affected >= 2.6.12, < 4.14.326fixed 4.14.326

    In the Linux kernel, the following vulnerability has been resolved: fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount() Syzkaller reported the following issue: ================================================================== BUG: KASAN: double-free in slab_f

Page 35 of 88