VYPR

linux package

kernel

pkg:linux/kernel

Vulnerabilities (1,755)

  • CVE-2025-40263Dec 4, 2025
    affected >= 5.19.0, < 6.1.159fixed 6.1.159

    In the Linux kernel, the following vulnerability has been resolved: Input: cros_ec_keyb - fix an invalid memory access If cros_ec_keyb_register_matrix() isn't called (due to `buttons_switches_only`) in cros_ec_keyb_probe(), `ckdev->idev` remains NULL. An invalid memory access

  • CVE-2025-40262Dec 4, 2025
    affected >= 5.8.0, < 5.10.247fixed 5.10.247

    In the Linux kernel, the following vulnerability has been resolved: Input: imx_sc_key - fix memory corruption on unload This is supposed to be "priv" but we accidentally pass "&priv" which is an address in the stack and so it will lead to memory corruption when the imx_sc_key_a

  • CVE-2025-40261Dec 4, 2025
    affected < 5.10.247fixed 5.10.247

    In the Linux kernel, the following vulnerability has been resolved: nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() nvme_fc_delete_assocation() waits for pending I/O to complete before returning, and an error can cause ->ioerr_work to be queued after ca

  • CVE-2025-40260Dec 4, 2025
    affected >= 6.16.0, < 6.17.10fixed 6.17.10

    In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix scx_enable() crash on helper kthread creation failure A crash was observed when the sched_ext selftests runner was terminated with Ctrl+\ while test 15 was running: NIP [c00000000028fa58] scx_en

  • CVE-2025-40259Dec 4, 2025
    affected >= 4.12.0, < 5.4.302fixed 5.4.302

    In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Do not sleep in atomic context sg_finish_rem_req() calls blk_rq_unmap_user(). The latter function may sleep. Hence, call sg_finish_rem_req() with interrupts enabled instead of disabled.

  • CVE-2025-40258Dec 4, 2025
    affected >= 5.7.0, < 5.10.247fixed 5.10.247

    In the Linux kernel, the following vulnerability has been resolved: mptcp: fix race condition in mptcp_schedule_work() syzbot reported use-after-free in mptcp_schedule_work() [1] Issue here is that mptcp_schedule_work() schedules a work, then gets a refcount on sk->sk_refcnt i

  • CVE-2025-40257Dec 4, 2025
    affected >= 5.10.0, < 5.10.247fixed 5.10.247

    In the Linux kernel, the following vulnerability has been resolved: mptcp: fix a race in mptcp_pm_del_add_timer() mptcp_pm_del_add_timer() can call sk_stop_timer_sync(sk, &entry->add_timer) while another might have free entry already, as reported by syzbot. Add RCU protection

  • CVE-2025-40256Dec 4, 2025
    affected >= 6.16.0, < 6.17.10fixed 6.17.10

    In the Linux kernel, the following vulnerability has been resolved: xfrm: also call xfrm_state_delete_tunnel at destroy time for states that were never added In commit b441cf3f8c4b ("xfrm: delete x->tunnel as we delete x"), I missed the case where state creation fails between f

  • CVE-2025-40255Dec 4, 2025
    affected >= 6.14.0, < 6.17.10fixed 6.17.10

    In the Linux kernel, the following vulnerability has been resolved: net: core: prevent NULL deref in generic_hwtstamp_ioctl_lower() The ethtool tsconfig Netlink path can trigger a null pointer dereference. A call chain such as: tsconfig_prepare_data() -> dev_get_hwtstamp_p

  • CVE-2025-40254Dec 4, 2025
    affected >= 4.15.0, < 5.4.302fixed 5.4.302

    In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields The validation of the set(nsh(...)) action is completely wrong. It runs through the nsh_key_put_from_nlattr() function that is the same func

  • CVE-2025-40253Dec 4, 2025
    affected < 5.4.302fixed 5.4.302

    In the Linux kernel, the following vulnerability has been resolved: s390/ctcm: Fix double-kfree The function 'mpc_rcvd_sweep_req(mpcginfo)' is called conditionally from function 'ctcmpc_unpack_skb'. It frees passed mpcginfo. After that a call to function 'kfree' in function 'ct

  • CVE-2025-40252Dec 4, 2025
    affected >= 4.6.0, < 5.15.197fixed 5.15.197

    In the Linux kernel, the following vulnerability has been resolved: net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end() The loops in 'qede_tpa_cont()' and 'qede_tpa_end()', iterate over 'cqe->len_list[]' using only a zero-length terminator a

  • CVE-2025-40250Dec 4, 2025
    affected >= 6.4.0, < 6.6.118fixed 6.6.118

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Clean up only new IRQ glue on request_irq() failure The mlx5_irq_alloc() function can inadvertently free the entire rmap and end up in a crash[1] when the other threads tries to access this, when requ

  • CVE-2025-40249Dec 4, 2025
    affected >= 6.13.0, < 6.17.10fixed 6.17.10

    In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: make sure the cdev fd is still active before emitting events With the final call to fput() on a file descriptor, the release action may be deferred and scheduled on a work queue. The reference count

  • CVE-2025-40248Dec 4, 2025
    affected >= 3.9.0, < 5.4.302fixed 5.4.302

    In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout on connect() if already established During connect(), acting on a signal/timeout by disconnecting an already established socket leads to several issues: 1. connect() invoking vsock

  • CVE-2025-40247Dec 4, 2025
    affected >= 3.12.0, < 6.17.10fixed 6.17.10

    In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix pgtable prealloc error path The following splat was reported: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000010 Mem abort info: ESR = 0x00000000960

  • CVE-2025-40246Dec 4, 2025
    affected >= 6.10.0, < 6.12.60fixed 6.12.60

    In the Linux kernel, the following vulnerability has been resolved: xfs: fix out of bounds memory read error in symlink repair xfs/286 produced this report on my test fleet: ================================================================== BUG: KFENCE: out-of-bounds read in

  • CVE-2025-40245Dec 4, 2025
    affected >= 5.12.0, < 5.15.196fixed 5.15.196

    In the Linux kernel, the following vulnerability has been resolved: nios2: ensure that memblock.current_limit is set when setting pfn limits On nios2, with CONFIG_FLATMEM set, the kernel relies on memblock_get_current_limit() to determine the limits of mem_map, in particular fo

  • CVE-2025-40244Dec 4, 2025
    affected >= 2.6.12, < 5.4.301fixed 5.4.301

    In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() The syzbot reported issue in __hfsplus_ext_cache_extent(): [ 70.194323][ T9350] BUG: KMSAN: uninit-value in __hfsplus_ext_cache_extent+0x

  • CVE-2025-40243Dec 4, 2025
    affected >= 2.6.12, < 5.4.301fixed 5.4.301

    In the Linux kernel, the following vulnerability has been resolved: hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits() The syzbot reported issue in hfs_find_set_zero_bits(): ===================================================== BUG: KMSAN: uninit-value in hfs_find_s

Page 71 of 88