VYPR

linux package

kernel

pkg:linux/kernel

Vulnerabilities (1,755)

  • CVE-2022-50703Dec 24, 2025
    affected >= 4.5.0, < 4.9.331fixed 4.9.331

    In the Linux kernel, the following vulnerability has been resolved: soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe() There are two refcount leak bugs in qcom_smsm_probe(): (1) The 'local_node' is escaped out from for_each_child_of_node() as the break of iteration,

  • CVE-2022-50702Dec 24, 2025
    affected >= 5.12.0, < 5.15.87fixed 5.15.87

    In the Linux kernel, the following vulnerability has been resolved: vdpa_sim: fix possible memory leak in vdpasim_net_init() and vdpasim_blk_init() Inject fault while probing module, if device_register() fails in vdpasim_net_init() or vdpasim_blk_init(), but the refcount of kob

  • CVE-2022-50701Dec 24, 2025
    affected >= 5.16.0, < 6.1.16fixed 6.1.16

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host SDIO may need addtional 511 bytes to align bus operation. If the tailroom of this skb is not big enough, we would access invalid memory region. Fo

  • CVE-2022-50700Dec 24, 2025
    affected >= 4.18.0, < 6.0.16fixed 6.0.16

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Delay the unmapping of the buffer On WCN3990, we are seeing a rare scenario where copy engine hardware is sending a copy complete interrupt to the host driver while still processing the buffer tha

  • CVE-2022-50699Dec 24, 2025
    affected >= 5.0.0, < 5.10.152fixed 5.10.152

    In the Linux kernel, the following vulnerability has been resolved: selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context() The following warning was triggered on a hardware environment: SELinux: Converting 162 SID table entries... BUG: sleeping function

  • CVE-2022-50698Dec 24, 2025
    affected >= 5.10.0, < 5.10.150fixed 5.10.150

    In the Linux kernel, the following vulnerability has been resolved: ASoC: da7219: Fix an error handling path in da7219_register_dai_clks() If clk_hw_register() fails, the corresponding clk should not be unregistered. To handle errors from loops, clean up partial iterations bef

  • CVE-2022-50697Dec 24, 2025
    affected >= 3.9.0, < 4.9.337fixed 4.9.337

    In the Linux kernel, the following vulnerability has been resolved: mrp: introduce active flags to prevent UAF when applicant uninit The caller of del_timer_sync must prevent restarting of the timer, If we have no this synchronization, there is a small probability that the canc

  • CVE-2025-68343Dec 23, 2025
    affected >= 3.16.0, < 6.1.159fixed 6.1.159

    In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing header The driver expects to receive a struct gs_host_frame in gs_usb_receive_bulk_callback(). Use struct_group to describe the

  • CVE-2025-68342Dec 23, 2025
    affected >= 3.16.0, < 6.6.119fixed 6.6.119

    In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing data The URB received in gs_usb_receive_bulk_callback() contains a struct gs_host_frame. The length of the data after the header

  • CVE-2025-68341Dec 23, 2025
    affected >= 6.11.0, < 6.12.61fixed 6.12.61

    In the Linux kernel, the following vulnerability has been resolved: veth: reduce XDP no_direct return section to fix race As explain in commit fa349e396e48 ("veth: Fix race with AF_XDP exposing old or uninitialized descriptors") for veth there is a chance after napi_complete_do

  • CVE-2025-68339Dec 23, 2025
    affected >= 2.6.12, < 5.10.247fixed 5.10.247

    In the Linux kernel, the following vulnerability has been resolved: atm/fore200e: Fix possible data race in fore200e_open() Protect access to fore200e->available_cell_rate with rate_mtx lock in the error handling path of fore200e_open() to prevent a data race. The field fore20

  • CVE-2025-68338Dec 23, 2025
    affected >= 6.3.0, < 6.12.61fixed 6.12.61

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Don't free uninitialized ksz_irq If something goes wrong at setup, ksz_irq_free() can be called on uninitialized ksz_irq (for example when ksz_ptp_irq_setup() fails). It leads to freeing un

  • CVE-2025-68337Dec 22, 2025
    affected >= 2.6.19, < 5.10.248fixed 5.10.248

    In the Linux kernel, the following vulnerability has been resolved: jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted There's issue when file system corrupted: ------------[ cut here ]------------ kernel BUG at fs/jbd2/transaction.c:1289! Oops: i

  • CVE-2025-68336Dec 22, 2025
    affected >= 5.5.0, < 5.10.248fixed 5.10.248

    In the Linux kernel, the following vulnerability has been resolved: locking/spinlock/debug: Fix data-race in do_raw_write_lock KCSAN reports: BUG: KCSAN: data-race in do_raw_write_lock / do_raw_write_lock write (marked) to 0xffff800009cf504c of 4 bytes by task 1102 on cpu 1:

  • CVE-2025-68335Dec 22, 2025
    affected >= 3.15.0, < 5.15.198fixed 5.15.198

    In the Linux kernel, the following vulnerability has been resolved: comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel() Syzbot identified an issue [1] in pcl818_ai_cancel(), which stems from the fact that in case of early device detach via pcl818_detach(), subdevice dev->r

  • CVE-2025-68334Dec 22, 2025
    affected >= 5.14.0, < 6.6.130fixed 6.6.130

    In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Add support for Van Gogh SoC The ROG Xbox Ally (non-X) SoC features a similar architecture to the Steam Deck. While the Steam Deck supports S3 (s2idle causes a crash), this support was dro

  • CVE-2025-68332Dec 22, 2025
    affected >= 2.6.30, < 5.10.248fixed 5.10.248

    In the Linux kernel, the following vulnerability has been resolved: comedi: c6xdigio: Fix invalid PNP driver unregistration The Comedi low-level driver "c6xdigio" seems to be for a parallel port connected device. When the Comedi core calls the driver's Comedi "attach" handler

  • CVE-2025-68331Dec 22, 2025
    affected >= 5.10.0, < 5.10.247fixed 5.10.247

    In the Linux kernel, the following vulnerability has been resolved: usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer When a UAS device is unplugged during data transfer, there is a probability of a system panic occurring. The root cau

  • CVE-2025-68330Dec 22, 2025
    affected >= 4.2.0, < 5.15.197fixed 5.15.197

    In the Linux kernel, the following vulnerability has been resolved: iio: accel: bmc150: Fix irq assumption regression The code in bmc150-accel-core.c unconditionally calls bmc150_accel_set_interrupt() in the iio_buffer_setup_ops, such as on the runtime PM resume path giving a k

  • CVE-2025-68329Dec 22, 2025
    affected >= 6.10.0, < 6.12.61fixed 6.12.61

    In the Linux kernel, the following vulnerability has been resolved: tracing: Fix WARN_ON in tracing_buffers_mmap_close for split VMAs When a VMA is split (e.g., by partial munmap or MAP_FIXED), the kernel calls vm_ops->close on each portion. For trace buffer mappings, this resu

Page 49 of 88