VYPR

linux package

kernel

pkg:linux/kernel

Vulnerabilities (1,755)

  • CVE-2023-54105Dec 24, 2025
    affected >= 5.10.0, < 5.10.200fixed 5.10.200

    In the Linux kernel, the following vulnerability has been resolved: can: isotp: check CAN address family in isotp_bind() Add missing check to block non-AF_CAN binds. Syzbot created some code which matched the right sockaddr struct size but used AF_XDP (0x2C) instead of AF_CAN

  • CVE-2023-54104Dec 24, 2025
    affected >= 5.9.0, < 5.10.190fixed 5.10.190

    In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op() 'op-cs' is copied in 'fun->mchip_number' which is used to access the 'mchip_offsets' and the 'rnb_gpio' arrays. These arrays have NAND_MAX_CHIPS el

  • CVE-2023-54102Dec 24, 2025
    affected >= 5.1.0, < 5.4.244fixed 5.4.244

    In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow A static code analysis tool flagged the possibility of buffer overflow when using copy_from_user() for a debugfs entry. Currently, it is possib

  • CVE-2023-54101Dec 24, 2025
    affected >= 5.17.0, < 6.1.39fixed 6.1.39

    In the Linux kernel, the following vulnerability has been resolved: driver: soc: xilinx: use _safe loop iterator to avoid a use after free The hash_for_each_possible() loop dereferences "eve_data" to get the next item on the list. However the loop frees eve_data so it leads to

  • CVE-2023-54100Dec 24, 2025
    affected >= 5.7.0, < 5.10.180fixed 5.10.180

    In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix use after free bug in qedi_remove() In qedi_probe() we call __qedi_probe() which initializes &qedi->recovery_work with qedi_recovery_handler() and &qedi->board_disable_work with qedi_board_disab

  • CVE-2023-54099Dec 24, 2025
    affected >= 5.1.0, < 5.4.253fixed 5.4.253

    In the Linux kernel, the following vulnerability has been resolved: fs: Protect reconfiguration of sb read-write from racing writes The reconfigure / remount code takes a lot of effort to protect filesystem's reconfiguration code from racing writes on remounting read-only. Howe

  • CVE-2023-54098Dec 24, 2025
    affected >= 4.16.0, < 5.10.163fixed 5.10.163

    In the Linux kernel, the following vulnerability has been resolved: drm/i915/gvt: fix gvt debugfs destroy When gvt debug fs is destroyed, need to have a sane check if drm minor's debugfs root is still available or not, otherwise in case like device remove through unbinding, drm

  • CVE-2023-54097Dec 24, 2025
    affected >= 5.2.0, < 5.4.243fixed 5.4.243

    In the Linux kernel, the following vulnerability has been resolved: regulator: stm32-pwr: fix of_iomap leak Smatch reports: drivers/regulator/stm32-pwr.c:166 stm32_pwr_regulator_probe() warn: 'base' from of_iomap() not released on lines: 151,166. In stm32_pwr_regulator_probe()

  • CVE-2023-54096Dec 24, 2025
    affected >= 5.7.0, < 5.10.190fixed 5.10.190

    In the Linux kernel, the following vulnerability has been resolved: soundwire: fix enumeration completion The soundwire subsystem uses two completion structures that allow drivers to wait for soundwire device to become enumerated on the bus and initialised by their drivers, res

  • CVE-2023-54095Dec 24, 2025
    affected >= 3.6.0, < 4.14.326fixed 4.14.326

    In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Fix notifiers being shared by PCI and VIO buses fail_iommu_setup() registers the fail_iommu_bus_notifier struct to both PCI and VIO buses. struct notifier_block is a linked list node, so this ca

  • CVE-2023-54094Dec 24, 2025
    affected >= 5.6.0, < 5.10.188fixed 5.10.188

    In the Linux kernel, the following vulnerability has been resolved: net: prevent skb corruption on frag list segmentation Ian reported several skb corruptions triggered by rx-gro-list, collecting different oops alike: [ 62.624003] BUG: kernel NULL pointer dereference, addres

  • CVE-2023-54093Dec 24, 2025
    affected >= 2.6.27, < 4.14.326fixed 4.14.326

    In the Linux kernel, the following vulnerability has been resolved: media: anysee: fix null-ptr-deref in anysee_master_xfer In anysee_master_xfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be passed. Malicious d

  • CVE-2023-54092Dec 24, 2025
    affected < 5.10.190fixed 5.10.190

    In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390_replace_asce(), the index of the new ASCE should als

  • CVE-2023-54091Dec 24, 2025
    affected >= 2.6.35, < 4.14.322fixed 4.14.322

    In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drm_client_target_cloned dmt_mode is allocated and never freed in this function. It was found with the ast driver, but most drivers using generic fbdev setup are probably affected

  • CVE-2023-54090Dec 24, 2025
    affected >= 5.16.0, < 6.1.29fixed 6.1.29

    In the Linux kernel, the following vulnerability has been resolved: ixgbe: Fix panic during XDP_TX with > 64 CPUs Commit 4fe815850bdc ("ixgbe: let the xdpdrv work with more than 64 cpus") adds support to allow XDP programs to run on systems with more than 64 CPUs by locking the

  • CVE-2023-54089Dec 24, 2025
    affected >= 6.3.0, < 6.4.16fixed 6.4.16

    In the Linux kernel, the following vulnerability has been resolved: virtio_pmem: add the missing REQ_OP_WRITE for flush bio When doing mkfs.xfs on a pmem device, the following warning was ------------[ cut here ]------------ WARNING: CPU: 2 PID: 384 at block/blk-core.c:751 s

  • CVE-2023-54088Dec 24, 2025
    affected < 6.1.17fixed 6.1.17

    In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: hold queue_lock when removing blkg->q_node When blkg is removed from q->blkg_list from blkg_free_workfn(), queue_lock has to be held, otherwise, all kinds of bugs(list corruption, hard lockup, ..) c

  • CVE-2023-54087Dec 24, 2025
    affected >= 2.6.22, < 4.14.308fixed 4.14.308

    In the Linux kernel, the following vulnerability has been resolved: ubi: Fix possible null-ptr-deref in ubi_free_volume() It willl cause null-ptr-deref in the following case: uif_init() ubi_add_volume() cdev_add() -> if it fails, call kill_volumes() device_register()

  • CVE-2023-54086Dec 24, 2025
    affected >= 5.13.0, < 5.15.113fixed 5.15.113

    In the Linux kernel, the following vulnerability has been resolved: bpf: Add preempt_count_{sub,add} into btf id deny list The recursion check in __bpf_prog_enter* and __bpf_prog_exit* leave preempt_count_{sub,add} unprotected. When attaching trampoline to them we get panic as

  • CVE-2023-54085Dec 24, 2025
    affected >= 6.2.0, < 6.2.12fixed 6.2.12

    In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer dereference on fastopen early fallback In case of early fallback to TCP, subflow_syn_recv_sock() deletes the subflow context before returning the newly allocated sock to the caller. The

Page 37 of 88