VYPR

linux package

kernel

pkg:linux/kernel

Vulnerabilities (1,755)

  • CVE-2023-53785Dec 9, 2025
    affected >= 5.12.0, < 6.1.55fixed 6.1.55

    In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: don't assume adequate headroom for SDIO headers mt7921_usb_sdio_tx_prepare_skb() calls mt7921_usb_sdio_write_txwi() and mt7921_skb_add_usb_sdio_hdr(), both of which blindly assume that adequate he

  • CVE-2023-53784Dec 9, 2025
    affected >= 6.4.0, < 6.4.5fixed 6.4.5

    In the Linux kernel, the following vulnerability has been resolved: drm: bridge: dw_hdmi: fix connector access for scdc Commit 5d844091f237 ("drm/scdc-helper: Pimp SCDC debugs") changed the scdc interface to pick up an i2c adapter from a connector instead. However, in the case

  • CVE-2023-53783Dec 9, 2025
    affected >= 5.4.0, < 5.4.235fixed 5.4.235

    In the Linux kernel, the following vulnerability has been resolved: blk-iocost: fix divide by 0 error in calc_lcoefs() echo max of u64 to cost.model can cause divide by 0 error. # echo 8:0 rbps=18446744073709551615 > /sys/fs/cgroup/io.cost.model divide error: 0000 [#1] PR

  • CVE-2023-53782Dec 9, 2025
    affected >= 4.9.0, < 4.14.326fixed 4.14.326

    In the Linux kernel, the following vulnerability has been resolved: dccp: Fix out of bounds access in DCCP error handler There was a previous attempt to fix an out-of-bounds access in the DCCP error handlers, but that fix assumed that the error handlers only want to access the

  • CVE-2023-53781Dec 9, 2025
    affected >= 4.11.0, < 6.2.12fixed 6.2.12

    In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in tcp_write_timer_handler(). With Eric's ref tracker, syzbot finally found a repro for use-after-free in tcp_write_timer_handler() by kernel TCP sockets. [0] If SMC creates a kernel so

  • CVE-2023-53780Dec 9, 2025
    affected >= 4.15.0, < 6.1.16fixed 6.1.16

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix FCLK pstate change underflow [Why] Currently we set FCLK p-state change watermark calculated based on dummy p-state latency when UCLK p-state is not supported [How] Calculate FCLK p-state

  • CVE-2023-53778Dec 9, 2025
    affected >= 6.4.0, < 6.4.12fixed 6.4.12

    In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in map_user_pages() The encode_dma() function has some validation on in_trans->size but it would be more clear to move those checks to find_and_map_user_pages().

  • CVE-2023-53777Dec 9, 2025
    affected >= 6.0.0, < 6.1.39fixed 6.1.39

    In the Linux kernel, the following vulnerability has been resolved: erofs: kill hooked chains to avoid loops on deduplicated compressed images After heavily stressing EROFS with several images which include a hand-crafted image of repeated patterns for more than 46 days, I foun

  • CVE-2022-50656Dec 9, 2025
    affected >= 3.3.0, < 4.9.337fixed 4.9.337

    In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Clear nfc_target before being used Fix a slab-out-of-bounds read that occurs in nla_put() called from nfc_genl_send_target() when target->sensb_res_len, which is duplicated from an nfc_target in pn5

  • CVE-2022-50655Dec 9, 2025
    affected >= 4.20.0, < 5.4.229fixed 5.4.229

    In the Linux kernel, the following vulnerability has been resolved: ppp: associate skb with a device at tx Syzkaller triggered flow dissector warning with the following: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(

  • CVE-2022-50654Dec 9, 2025
    affected >= 6.0.0, < 6.0.19fixed 6.0.19

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix panic due to wrong pageattr of im->image In the scenario where livepatch and kretfunc coexist, the pageattr of im->image is rox after arch_prepare_bpf_trampoline in bpf_trampoline_update, and then modi

  • CVE-2022-50653Dec 9, 2025
    affected >= 2.6.27, < 4.19.270fixed 4.19.270

    In the Linux kernel, the following vulnerability has been resolved: mmc: atmel-mci: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmc_alloc_host() is leaked. 2. I

  • CVE-2022-50652Dec 9, 2025
    affected < 4.9.337fixed 4.9.337

    In the Linux kernel, the following vulnerability has been resolved: uio: uio_dmem_genirq: Fix missing unlock in irq configuration Commit b74351287d4b ("uio: fix a sleep-in-atomic-context bug in uio_dmem_genirq_irqcontrol()") started calling disable_irq() without holding the spi

  • CVE-2022-50651Dec 9, 2025
    affected >= 5.13.0, < 5.15.77fixed 5.15.77

    In the Linux kernel, the following vulnerability has been resolved: ethtool: eeprom: fix null-deref on genl_info in dump The similar fix as commit 46cdedf2a0fa ("ethtool: pse-pd: fix null-deref on genl_info in dump") is also needed for ethtool eeprom.

  • CVE-2022-50650Dec 9, 2025
    affected >= 5.13.0, < 5.15.75fixed 5.15.75

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix reference state management for synchronous callbacks Currently, verifier verifies callback functions (sync and async) as if they will be executed once, (i.e. it explores execution state as if the funct

  • CVE-2022-50649Dec 9, 2025
    affected >= 4.19.0, < 4.19.262fixed 4.19.262

    In the Linux kernel, the following vulnerability has been resolved: power: supply: adp5061: fix out-of-bounds read in adp5061_get_chg_type() ADP5061_CHG_STATUS_1_CHG_STATUS is masked with 0x07, which means a length of 8, but adp5061_chg_type array size is 4, may end up reading

  • CVE-2022-50648Dec 9, 2025
    affected >= 6.0.0, < 6.0.3fixed 6.0.3

    In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix recursive locking direct_mutex in ftrace_modify_direct_caller Naveen reported recursive locking of direct_mutex with sample ftrace-direct-modify.ko: [ 74.762406] WARNING: possible recursive locki

  • CVE-2022-50647Dec 9, 2025
    affected >= 4.15.0, < 5.4.220fixed 5.4.220

    In the Linux kernel, the following vulnerability has been resolved: RISC-V: Make port I/O string accessors actually work Fix port I/O string accessors such as `insb', `outsb', etc. which use the physical PCI port I/O address rather than the corresponding memory mapping to get a

  • CVE-2022-50646Dec 9, 2025
    affected >= 4.16.0, < 4.19.270fixed 4.19.270

    In the Linux kernel, the following vulnerability has been resolved: scsi: hpsa: Fix possible memory leak in hpsa_init_one() The hpda_alloc_ctlr_info() allocates h and its field reply_map. However, in hpsa_init_one(), if alloc_percpu() failed, the hpsa_init_one() jumps to clean1

  • CVE-2022-50645Dec 9, 2025
    affected >= 5.1.0, < 5.4.229fixed 5.4.229

    In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper() As the comment of pci_get_domain_bus_and_slot() says, it returns a PCI device with refcount incremented, so it doesn't need to call an extra pci_dev_get()

Page 64 of 88