VYPR

linux package

kernel

pkg:linux/kernel

Vulnerabilities (1,755)

  • CVE-2023-53996Dec 24, 2025
    affected >= 5.16.0, < 6.1.53fixed 6.1.53

    In the Linux kernel, the following vulnerability has been resolved: x86/sev: Make enc_dec_hypercall() accept a size instead of npages enc_dec_hypercall() accepted a page count instead of a size, which forced its callers to round up. As a result, non-page aligned vaddrs caused p

  • CVE-2023-53995Dec 24, 2025
    affected >= 2.6.15, < 5.4.257fixed 5.4.257

    In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix one memleak in __inet_del_ifa() I got the below warning when do fuzzing test: unregister_netdevice: waiting for bond0 to become free. Usage count = 2 It can be repoduced via: ip link add bond0

  • CVE-2023-53994Dec 24, 2025
    affected >= 5.4.0, < 5.4.251fixed 5.4.251

    In the Linux kernel, the following vulnerability has been resolved: ionic: remove WARN_ON to prevent panic_on_warn Remove unnecessary early code development check and the WARN_ON that it uses. The irq alloc and free paths have long been cleaned up and this check shouldn't have

  • CVE-2023-53993Dec 24, 2025
    affected >= 6.0.0, < 6.1.24fixed 6.1.24

    In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix memory leak with CONFIG_DEBUG_OBJECTS=y After a pci_doe_task completes, its work_struct needs to be destroyed to avoid a memory leak with CONFIG_DEBUG_OBJECTS=y.

  • CVE-2023-53992Dec 24, 2025
    affected >= 3.19.0, < 6.1.55fixed 6.1.55

    In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: ocb: don't leave if not joined If there's no OCB state, don't ask the driver/mac80211 to leave, since that's just confusing. Since set/clear the chandef state, that's a simple check.

  • CVE-2023-53991Dec 24, 2025
    affected >= 5.7.0, < 5.10.173fixed 5.10.173

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Disallow unallocated resources to be returned In the event that the topology requests resources that have not been created by the system (because they are typically not represented in dpu_mdss_cfg

  • CVE-2023-53990Dec 24, 2025
    affected < 5.15.111fixed 5.15.111

    In the Linux kernel, the following vulnerability has been resolved: SMB3: Add missing locks to protect deferred close file list cifs_del_deferred_close function has a critical section which modifies the deferred close file list. We must acquire deferred_lock before calling cifs

  • CVE-2023-53989Dec 24, 2025
    affected >= 5.4.0, < 5.4.251fixed 5.4.251

    In the Linux kernel, the following vulnerability has been resolved: arm64: mm: fix VA-range sanity check Both create_mapping_noalloc() and update_mapping_prot() sanity-check their 'virt' parameter, but the check itself doesn't make much sense. The condition used today appears t

  • CVE-2023-53988Dec 24, 2025
    affected >= 5.15.0, < 5.15.111fixed 5.15.111

    In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix slab-out-of-bounds read in hdr_delete_de() Here is a BUG report from syzbot: BUG: KASAN: slab-out-of-bounds in hdr_delete_de+0xe0/0x150 fs/ntfs3/index.c:806 Read of size 16842960 at addr ffff8880

  • CVE-2023-53987Dec 24, 2025
    affected >= 6.0.0, < 6.1.24fixed 6.1.24

    In the Linux kernel, the following vulnerability has been resolved: ping: Fix potentail NULL deref for /proc/net/icmp. After commit dbca1596bbb0 ("ping: convert to RCU lookups, get rid of rwlock"), we use RCU for ping sockets, but we should use spinlock for /proc/net/icmp to av

  • CVE-2023-53986Dec 24, 2025
    affected >= 4.19.0, < 5.4.240fixed 5.4.240

    In the Linux kernel, the following vulnerability has been resolved: mips: bmips: BCM6358: disable RAC flush for TP1 RAC flush causes kernel panics on BCM6358 with EHCI/OHCI when booting from TP1: [ 3.881739] usb 1-1: new high-speed USB device number 2 using ehci-platform [

  • CVE-2023-53867Dec 24, 2025
    affected >= 2.6.34, < 6.1.28fixed 6.1.28

    In the Linux kernel, the following vulnerability has been resolved: ceph: fix potential use-after-free bug when trimming caps When trimming the caps and just after the 'session->s_cap_lock' is released in ceph_iterate_session_caps() the cap maybe removed by another thread, and

  • CVE-2022-50711Dec 24, 2025
    affected >= 5.19.0, < 6.0.6fixed 6.0.6

    In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: fix possible memory leak in mtk_probe() If mtk_wed_add_hw() has been called, mtk_wed_exit() needs be called in error path or removing module to free the memory allocated in mtk_wed_a

  • CVE-2022-50710Dec 24, 2025
    affected >= 5.14.0, < 5.15.75fixed 5.15.75

    In the Linux kernel, the following vulnerability has been resolved: ice: set tx_tstamps when creating new Tx rings via ethtool When the user changes the number of queues via ethtool, the driver allocates new rings. This allocation did not initialize tx_tstamps. This results in

  • CVE-2022-50709Dec 24, 2025
    affected >= 2.6.35, < 4.14.296fixed 4.14.296

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() syzbot is reporting uninit value at ath9k_htc_rx_msg() [1], for ioctl(USB_RAW_IOCTL_EP_WRITE) can call ath9k_hif_usb_rx_stream() with pkt_len = 0 but

  • CVE-2022-50708Dec 24, 2025
    affected >= 3.16.0, < 5.19.17fixed 5.19.17

    In the Linux kernel, the following vulnerability has been resolved: HSI: ssi_protocol: fix potential resource leak in ssip_pn_open() ssip_pn_open() claims the HSI client's port with hsi_claim_port(). When hsi_register_port_event() gets some error and returns a negetive value, t

  • CVE-2022-50707Dec 24, 2025
    affected >= 5.19.0, < 6.0.19fixed 6.0.19

    In the Linux kernel, the following vulnerability has been resolved: virtio-crypto: fix memory leak in virtio_crypto_alg_skcipher_close_session() 'vc_ctrl_req' is alloced in virtio_crypto_alg_skcipher_close_session(), and should be freed in the invalid ctrl_status->status error

  • CVE-2022-50706Dec 24, 2025
    affected < 5.4.220fixed 5.4.220

    In the Linux kernel, the following vulnerability has been resolved: net/ieee802154: don't warn zero-sized raw_sendmsg() syzbot is hitting skb_assert_len() warning at __dev_queue_xmit() [1], for PF_IEEE802154 socket's zero-sized raw_sendmsg() request is hitting __dev_queue_xmit(

  • CVE-2022-50705Dec 24, 2025
    affected < 5.15.90fixed 5.15.90

    In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: defer fsnotify calls to task context We can't call these off the kiocb completion as that might be off soft/hard irq context. Defer the calls to when we process the task_work for this request. That

  • CVE-2022-50704Dec 24, 2025
    affected >= 4.20.0, < 6.0.16fixed 6.0.16

    In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free during usb config switch In the process of switching USB config from rndis to other config, if the hardware does not support the ->pullup callback, or the hardware encounters a l

Page 48 of 88