VYPR

linux package

kernel

pkg:linux/kernel

Vulnerabilities (1,755)

  • CVE-2022-50722Dec 24, 2025
    affected >= 5.14.0, < 5.15.76fixed 5.15.76

    In the Linux kernel, the following vulnerability has been resolved: media: ipu3-imgu: Fix NULL pointer dereference in active selection access What the IMGU driver did was that it first acquired the pointers to active and try V4L2 subdev state, and only then figured out which on

  • CVE-2022-50721Dec 24, 2025
    affected >= 5.11.0, < 5.19.17fixed 5.19.17

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom-adm: fix wrong calling convention for prep_slave_sg The calling convention for pre_slave_sg is to return NULL on error and provide an error log to the system. Qcom-adm instead provide error poin

  • CVE-2022-50720Dec 24, 2025
    affected >= 3.3.0, < 5.19.17fixed 5.19.17

    In the Linux kernel, the following vulnerability has been resolved: x86/apic: Don't disable x2APIC if locked The APIC supports two modes, legacy APIC (or xAPIC), and Extended APIC (or x2APIC). X2APIC mode is mostly compatible with legacy APIC, but it disables the memory-mapped

  • CVE-2022-50719Dec 24, 2025
    affected >= 3.15.0, < 4.9.337fixed 4.9.337

    In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: fix stack overflow in line6_midi_transmit Correctly calculate available space including the size of the chunk buffer. This fixes a buffer overflow when multiple MIDI sysex messages are sent to a PO

  • CVE-2022-50718Dec 24, 2025
    affected >= 5.8.0, < 5.10.163fixed 5.10.163

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix pci device refcount leak As comment of pci_get_domain_bus_and_slot() says, it returns a pci device with refcount increment, when finish using it, the caller must decrement the reference count by

  • CVE-2022-50717Dec 24, 2025
    affected >= 5.0.0, < 5.4.220fixed 5.4.220

    In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds check on Transfer Tag ttag is used as an index to get cmd in nvmet_tcp_handle_h2c_data_pdu(), add a bounds check to avoid out-of-bounds access.

  • CVE-2022-50716Dec 24, 2025
    affected >= 3.8.0, < 4.9.337fixed 4.9.337

    In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out syzkaller reported use-after-free with the stack trace like below [1]: [ 38.960489][ C3] ========================================================

  • CVE-2022-50715Dec 24, 2025
    affected < 4.9.337fixed 4.9.337

    In the Linux kernel, the following vulnerability has been resolved: md/raid1: stop mdx_raid1 thread when raid1 array run failed fail run raid1 array when we assemble array with the inactive disk only, but the mdx_raid1 thread were not stop, Even if the associated resources have

  • CVE-2022-50714Dec 24, 2025
    affected >= 5.18.0, < 5.19.17fixed 5.19.17

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix rmmod crash in driver reload test In insmod/rmmod stress test, the following crash dump shows up immediately. The problem is caused by missing mt76_dev in mt7921_pci_remove(). We should

  • CVE-2022-50713Dec 24, 2025
    affected >= 5.17.0, < 6.0.16fixed 6.0.16

    In the Linux kernel, the following vulnerability has been resolved: clk: visconti: Fix memory leak in visconti_register_pll() @pll->rate_table has allocated memory by kmemdup(), if clk_hw_register() fails, it should be freed, otherwise it will cause memory leak issue, this patc

  • CVE-2022-50712Dec 24, 2025
    affected >= 6.0.0, < 6.0.16fixed 6.0.16

    In the Linux kernel, the following vulnerability has been resolved: devlink: hold region lock when flushing snapshots Netdevsim triggers a splat on reload, when it destroys regions with snapshots pending: WARNING: CPU: 1 PID: 787 at net/core/devlink.c:6291 devlink_region_sna

  • CVE-2025-68734Dec 24, 2025
    affected >= 2.6.29, < 5.4.302fixed 5.4.302

    In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: hfcsusb: fix memory leak in hfcsusb_probe() In hfcsusb_probe(), the memory allocated for ctrl_urb gets leaked when setup_instance() fails with an error code. Fix that by freeing the urb before free

  • CVE-2025-68733Dec 24, 2025
    affected >= 4.4.0, < 5.10.248fixed 5.10.248

    In the Linux kernel, the following vulnerability has been resolved: smack: fix bug: unprivileged task can create labels If an unprivileged task is allowed to relabel itself (/smack/relabel-self is not empty), it can freely create new labels by writing their names into own /proc

  • CVE-2025-68732Dec 24, 2025
    affected >= 5.13.0, < 5.15.198fixed 5.15.198

    In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix race in syncpt alloc/free Fix race condition between host1x_syncpt_alloc() and host1x_syncpt_put() by using kref_put_mutex() instead of kref_put() + manual mutex locking. This ensures no threa

  • CVE-2025-68731Dec 24, 2025
    affected >= 6.18.0, < 6.18.2fixed 6.18.2

    In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix an integer overflow in aie2_query_ctx_status_array() The unpublished smatch static checker reported a warning. drivers/accel/amdxdna/aie2_pci.c:904 aie2_query_ctx_status_array() warn: potent

  • CVE-2025-68730Dec 24, 2025
    affected >= 6.8.0, < 6.17.13fixed 6.17.13

    In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix page fault in ivpu_bo_unbind_all_bos_from_context() Don't add BO to the vdev->bo_list in ivpu_gem_create_object(). When failure happens inside drm_gem_shmem_create(), the BO is not fully created

  • CVE-2025-68729Dec 24, 2025
    affected >= 6.3.0, < 6.17.13fixed 6.17.13

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix MSDU buffer types handling in RX error path Currently, packets received on the REO exception ring from unassociated peers are of MSDU buffer type, while the driver expects link descriptor type

  • CVE-2025-68728Dec 24, 2025
    affected >= 5.15.0, < 5.15.198fixed 5.15.198

    In the Linux kernel, the following vulnerability has been resolved: ntfs3: fix uninit memory after failed mi_read in mi_format_new Fix a KMSAN un-init bug found by syzkaller. ntfs_get_bh() expects a buffer from sb_getblk(), that buffer may not be uptodate. We do not bring the

  • CVE-2025-68727Dec 24, 2025
    affected >= 5.15.0, < 5.15.198fixed 5.15.198

    In the Linux kernel, the following vulnerability has been resolved: ntfs3: Fix uninit buffer allocated by __getname() Fix uninit errors caused after buffer allocation given to 'de'; by initializing the buffer with zeroes. The fix was found by using KMSAN.

  • CVE-2025-68726Dec 24, 2025
    affected >= 6.16.0, < 6.17.13fixed 6.17.13

    In the Linux kernel, the following vulnerability has been resolved: crypto: aead - Fix reqsize handling Commit afddce13ce81d ("crypto: api - Add reqsize to crypto_alg") introduced cra_reqsize field in crypto_alg struct to replace type specific reqsize fields. It looks like this

Page 43 of 88