VYPR

linux package

kernel

pkg:linux/kernel

Vulnerabilities (1,755)

  • CVE-2026-23321MedMar 25, 2026
    affected < 6.1.167fixed 6.1.167

    In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: in-kernel: always mark signal+subflow endp as used Syzkaller managed to find a combination of actions that was generating this warning: msk->pm.local_addr_used == 0 WARNING: net/mptcp/pm_kernel.

  • CVE-2026-23320Mar 25, 2026
    affected >= 3.11.0, < 6.18.17fixed 6.18.17

    Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

  • CVE-2026-23319HigMar 25, 2026
    affected >= 6.0.0, < 6.1.167fixed 6.1.167

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim The root cause of this bug is that when 'bpf_link_put' reduces the refcount of 'shim_link->link.link' to zero, the resource is considered released but may

  • CVE-2026-23318HigMar 25, 2026
    affected >= 5.4.0, < 6.1.167fixed 6.1.167

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Use correct version for UAC3 header validation The entry of the validators table for UAC3 AC header descriptor is defined with the wrong protocol version UAC_VERSION_2, while it should have bee

  • CVE-2026-23317HigMar 25, 2026
    affected < 6.1.167fixed 6.1.167

    In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions Before the referenced fixes these functions used a lookup function that returned a pointer. This was changed to another lookup function that r

  • CVE-2026-23316MedMar 25, 2026
    affected >= 6.11.0, < 6.12.77fixed 6.12.77

    In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix ARM64 alignment fault in multipath hash seed `struct sysctl_fib_multipath_hash_seed` contains two u32 fields (user_seed and mp_seed), making it an 8-byte structure with a 4-byte alignment require

  • CVE-2026-23315HigMar 25, 2026
    affected >= 5.10.0, < 6.1.167fixed 6.1.167

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211() Check frame length before accessing the mgmt fields in mt76_connac2_mac_write_txwi_80211 in order to avoid a possible oob access. [fix

  • CVE-2026-23314MedMar 25, 2026
    affected >= 6.18.0, < 6.18.17fixed 6.18.17

    In the Linux kernel, the following vulnerability has been resolved: regulator: bq257xx: Fix device node reference leak in bq257xx_reg_dt_parse_gpio() In bq257xx_reg_dt_parse_gpio(), if fails to get subchild, it returns without calling of_node_put(child), causing the device node

  • CVE-2026-23313MedMar 25, 2026
    affected >= 6.2.0, < 6.12.77fixed 6.12.77

    In the Linux kernel, the following vulnerability has been resolved: i40e: Fix preempt count leak in napi poll tracepoint Using get_cpu() in the tracepoint assignment causes an obvious preempt count leak because nothing invokes put_cpu() to undo it: softirq: huh, entered soft

  • CVE-2026-23312MedMar 25, 2026
    affected >= 2.6.12, < 6.1.167fixed 6.1.167

    In the Linux kernel, the following vulnerability has been resolved: net: usb: kaweth: validate USB endpoints The kaweth driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious d

  • CVE-2026-23311MedMar 25, 2026
    affected >= 6.15.0, < 6.18.17fixed 6.18.17

    In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix invalid wait context in ctx_sched_in() Lockdep found a bug in the event scheduling when a pinned event was failed and wakes up the threads in the ring buffer like below. It seems it should not g

  • CVE-2026-23310MedMar 25, 2026
    affected >= 5.15.0, < 6.6.130fixed 6.6.130

    In the Linux kernel, the following vulnerability has been resolved: bpf/bonding: reject vlan+srcmac xmit_hash_policy change when XDP is loaded bond_option_mode_set() already rejects mode changes that would make a loaded XDP program incompatible via bond_xdp_check(). However, b

  • CVE-2026-23309MedMar 25, 2026
    affected < 6.1.167fixed 6.1.167

    In the Linux kernel, the following vulnerability has been resolved: tracing: Add NULL pointer check to trigger_data_free() If trigger_data_alloc() fails and returns NULL, event_hist_trigger_parse() jumps to the out_free error path. While kfree() safely handles a NULL pointer, t

  • CVE-2026-23308MedMar 25, 2026
    affected >= 6.4.0, < 6.6.130fixed 6.6.130

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: equilibrium: fix warning trace on load The callback functions 'eqbr_irq_mask()' and 'eqbr_irq_ack()' are also called in the callback function 'eqbr_irq_mask_ack()'. This is done to avoid source code du

  • CVE-2026-23307MedMar 25, 2026
    affected >= 2.6.32, < 6.1.167fixed 6.1.167

    In the Linux kernel, the following vulnerability has been resolved: can: ems_usb: ems_usb_read_bulk_callback(): check the proper length of a message When looking at the data in a USB urb, the actual_length is the size of the buffer passed to the driver, not the transfer_buffer_

  • CVE-2026-23306HigMar 25, 2026
    affected >= 5.18.0, < 6.1.167fixed 6.1.167

    In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free in pm8001_queue_command() Commit e29c47fe8946 ("scsi: pm8001: Simplify pm8001_task_exec()") refactors pm8001_queue_command(), however it introduces a potential cause of a double

  • CVE-2026-23305HigMar 25, 2026
    affected >= 6.18.0, < 6.18.17fixed 6.18.17

    In the Linux kernel, the following vulnerability has been resolved: accel/rocket: fix unwinding in error path in rocket_probe When rocket_core_init() fails (as could be the case with EPROBE_DEFER), we need to properly unwind by decrementing the counter we just incremented and i

  • CVE-2026-23304MedMar 25, 2026
    affected >= 4.14.0, < 6.1.167fixed 6.1.167

    In the Linux kernel, the following vulnerability has been resolved: ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu() l3mdev_master_dev_rcu() can return NULL when the slave device is being un-slaved from a VRF. All other callers deal with this, but we lost the fallback to lo

  • CVE-2026-23303MedMar 25, 2026
    affected >= 3.3.0, < 6.1.167fixed 6.1.167

    In the Linux kernel, the following vulnerability has been resolved: smb: client: Don't log plaintext credentials in cifs_set_cifscreds When debug logging is enabled, cifs_set_cifscreds() logs the key payload and exposes the plaintext username and password. Remove the debug log

  • CVE-2026-23302MedMar 25, 2026
    affected >= 4.20.0, < 6.18.17fixed 6.18.17

    In the Linux kernel, the following vulnerability has been resolved: net: annotate data-races around sk->sk_{data_ready,write_space} skmsg (and probably other layers) are changing these pointers while other cpus might read them concurrently. Add corresponding READ_ONCE()/WRITE_

Page 5 of 88