VYPR

linux package

kernel

pkg:linux/kernel

Vulnerabilities (1,755)

  • CVE-2023-53844Dec 9, 2025
    affected >= 5.14.0, < 5.15.121fixed 5.15.121

    In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Don't leak a resource on swapout move error If moving the bo to system for swapout failed, we were leaking a resource. Fix.

  • CVE-2023-53843Dec 9, 2025
    affected >= 6.1.0, < 6.1.47fixed 6.1.47

    In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: reject negative ifindex Recent changes in net-next (commit 759ab1edb56c ("net: store netdevs in an xarray")) refactored the handling of pre-assigned ifindexes and let syzbot surface a latent p

  • CVE-2023-53842Dec 9, 2025
    affected >= 5.14.0, < 5.15.123fixed 5.15.123

    In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd-mbhc-v2: fix resource leaks on component remove The MBHC resources must be released on component probe failure and removal so can not be tied to the lifetime of the component device. This is

  • CVE-2023-53841Dec 9, 2025
    affected >= 5.3.0, < 5.4.251fixed 5.4.251

    In the Linux kernel, the following vulnerability has been resolved: devlink: report devlink_port_type_warn source device devlink_port_type_warn is scheduled for port devlink and warning when the port type is not set. But from this warning it is not easy found out which device (

  • CVE-2023-53840Dec 9, 2025
    affected >= 4.12.0, < 5.15.99fixed 5.15.99

    In the Linux kernel, the following vulnerability has been resolved: usb: early: xhci-dbc: Fix a potential out-of-bound memory access If xdbc_bulk_write() fails, the values in 'buf' can be anything. So the string is not guaranteed to be NULL terminated when xdbc_trace() is calle

  • CVE-2023-53839Dec 9, 2025
    affected >= 2.6.14, < 4.14.323fixed 4.14.323

    In the Linux kernel, the following vulnerability has been resolved: dccp: fix data-race around dp->dccps_mss_cache dccp_sendmsg() reads dp->dccps_mss_cache before locking the socket. Same thing in do_dccp_getsockopt(). Add READ_ONCE()/WRITE_ONCE() annotations, and change dccp_

  • CVE-2023-53838Dec 9, 2025
    affected >= 5.19.0, < 6.1.18fixed 6.1.18

    In the Linux kernel, the following vulnerability has been resolved: f2fs: synchronize atomic write aborts To fix a race condition between atomic write aborts, I use the inode lock and make COW inode to be re-usable thoroughout the whole atomic file inode lifetime.

  • CVE-2023-53837Dec 9, 2025
    affected >= 5.14.0, < 5.15.112fixed 5.15.112

    In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix NULL-deref on snapshot tear down In case of early initialisation errors and on platforms that do not use the DPU controller, the deinitilisation code can be called with the kms pointer set to NULL.

  • CVE-2023-53836Dec 9, 2025
    affected >= 5.13.0, < 5.15.189fixed 5.15.189

    In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix skb refcnt race after locking changes There is a race where skb's from the sk_psock_backlog can be referenced after userspace side has already skb_consumed() the sk_buff and its refcnt dropped

  • CVE-2023-53834Dec 9, 2025
    affected >= 4.5.0, < 5.15.127fixed 5.15.127

    In the Linux kernel, the following vulnerability has been resolved: iio: adc: ina2xx: avoid NULL pointer dereference on OF device match The affected lines were resulting in a NULL pointer dereference on our platform because the device tree contained the following list of compat

  • CVE-2023-53833Dec 9, 2025
    affected >= 5.16.0, < 6.1.30fixed 6.1.30

    In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix NULL ptr deref by checking new_crtc_state intel_atomic_get_new_crtc_state can return NULL, unless crtc state wasn't obtained previously with intel_atomic_get_crtc_state, so we must check it for NU

  • CVE-2023-53832Dec 9, 2025
    affected >= 3.10.0, < 4.19.283fixed 4.19.283

    In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref in raid10_sync_request init_resync() inits mempool and sets conf->have_replacemnt at the beginning of sync, close_sync() frees the mempool when sync is completed. After [1] recove

  • CVE-2023-53831Dec 9, 2025
    affected >= 2.6.33, < 4.14.326fixed 4.14.326

    In the Linux kernel, the following vulnerability has been resolved: net: read sk->sk_family once in sk_mc_loop() syzbot is playing with IPV6_ADDRFORM quite a lot these days, and managed to hit the WARN_ON_ONCE(1) in sk_mc_loop() We have many more similar issues to fix. WARNIN

  • CVE-2023-53830Dec 9, 2025
    affected >= 5.14.0, < 5.15.107fixed 5.15.107

    In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix memory leak when showing current settings When retriving a item string with tlmi_setting(), the result has to be freed using kfree(). In current_value_show() however, malformed item

  • CVE-2023-53829Dec 9, 2025
    affected >= 3.8.0, < 6.1.54fixed 6.1.54

    In the Linux kernel, the following vulnerability has been resolved: f2fs: flush inode if atomic file is aborted Let's flush the inode being aborted atomic operation to avoid stale dirty inode during eviction in this call stack: f2fs_mark_inode_dirty_sync+0x22/0x40 [f2fs] f

  • CVE-2023-53828Dec 9, 2025
    affected >= 6.0.0, < 6.1.53fixed 6.1.53

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_add_adv_monitor() KSAN reports use-after-free in hci_add_adv_monitor(). While adding an adv monitor, hci_add_adv_monitor() calls -> msft_add_mon

  • CVE-2023-53827Dec 9, 2025
    affected >= 3.5.0, < 4.14.313fixed 4.14.313

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} Similar to commit d0be8347c623 ("Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put"), just use l2cap_chan_hold_unless_zero to preve

  • CVE-2023-53826Dec 9, 2025
    affected >= 2.6.22, < 4.14.308fixed 4.14.308

    In the Linux kernel, the following vulnerability has been resolved: ubi: Fix UAF wear-leveling entry in eraseblk_count_seq_show() Wear-leveling entry could be freed in error path, which may be accessed again in eraseblk_count_seq_show(), for example: __erase_worker

  • CVE-2023-53825Dec 9, 2025
    affected >= 4.6.0, < 4.14.326fixed 4.14.326

    In the Linux kernel, the following vulnerability has been resolved: kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg(). syzkaller found a memory leak in kcm_sendmsg(), and commit c821a88bd720 ("kcm: Fix memory leak in error path of kcm_sendmsg()") suppressed it by updating

  • CVE-2023-53824Dec 9, 2025
    affected >= 3.15.0, < 5.10.218fixed 5.10.218

    In the Linux kernel, the following vulnerability has been resolved: netlink: annotate lockless accesses to nlk->max_recvmsg_len syzbot reported a data-race in data-race in netlink_recvmsg() [1] Indeed, netlink_recvmsg() can be run concurrently, and netlink_dump() also needs pr

Page 60 of 88