VYPR

linux package

kernel

pkg:linux/kernel

Vulnerabilities (1,755)

  • CVE-2026-23261MedMar 18, 2026
    affected < 6.6.124fixed 6.6.124

    In the Linux kernel, the following vulnerability has been resolved: nvme-fc: release admin tagset if init fails nvme_fabrics creates an NVMe/FC controller in following path: nvmf_dev_write() -> nvmf_create_ctrl() -> nvme_fc_create_ctrl() -> nvme_fc_

  • CVE-2026-23260MedMar 18, 2026
    affected >= 6.4.0, < 6.6.124fixed 6.6.124

    In the Linux kernel, the following vulnerability has been resolved: regmap: maple: free entry on mas_store_gfp() failure regcache_maple_write() allocates a new block ('entry') to merge adjacent ranges and then stores it with mas_store_gfp(). When mas_store_gfp() fails, the new

  • CVE-2026-23259MedMar 18, 2026
    affected >= 6.10.0, < 6.18.10fixed 6.18.10

    In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: free potentially allocated iovec on cache put failure If a read/write request goes through io_req_rw_cleanup() and has an allocated iovec attached and fails to put to the rw_cache, then it may end

  • CVE-2026-23258MedMar 18, 2026
    affected >= 4.18.0, < 5.10.250fixed 5.10.250

    In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Initialize netdev pointer before queue setup In setup_nic_devices(), the netdev is allocated using alloc_etherdev_mq(). However, the pointer to this structure is stored in oct->props[i].netdev on

  • CVE-2026-23257MedMar 18, 2026
    affected >= 4.2.0, < 5.10.250fixed 5.10.250

    In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fix off-by-one error in PF setup_nic_devices() cleanup In setup_nic_devices(), the initialization loop jumps to the label setup_nic_dev_free on failure. The current cleanup loop while(i--) skip t

  • CVE-2026-23256MedMar 18, 2026
    affected >= 4.10.0, < 5.10.250fixed 5.10.250

    In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fix off-by-one error in VF setup_nic_devices() cleanup In setup_nic_devices(), the initialization loop jumps to the label setup_nic_dev_free on failure. The current cleanup loop while(i--) skip t

  • CVE-2026-23255MedMar 18, 2026
    affected >= 2.6.12, < 6.18.10fixed 6.18.10

    In the Linux kernel, the following vulnerability has been resolved: net: add proper RCU protection to /proc/net/ptype Yin Fengwei reported an RCU stall in ptype_seq_show() and provided a patch. Real issue is that ptype_seq_next() and ptype_seq_show() violate RCU rules. ptype_

  • CVE-2026-23254MedMar 18, 2026
    affected < 6.6.124fixed 6.6.124

    In the Linux kernel, the following vulnerability has been resolved: net: gro: fix outer network offset The udp GRO complete stage assumes that all the packets inserted the RX have the `encapsulation` flag zeroed. Such assumption is not true, as a few H/W NICs can set such flag

  • CVE-2026-23253HigMar 18, 2026
    affected >= 2.6.17, < 6.1.167fixed 6.1.167

    In the Linux kernel, the following vulnerability has been resolved: media: dvb-core: fix wrong reinitialization of ringbuffer on reopen dvb_dvr_open() calls dvb_ringbuffer_init() when a new reader opens the DVR device. dvb_ringbuffer_init() calls init_waitqueue_head(), which r

  • CVE-2026-23252MedMar 18, 2026
    affected >= 6.10.0, < 6.12.78fixed 6.12.78

    In the Linux kernel, the following vulnerability has been resolved: xfs: get rid of the xchk_xfile_*_descr calls The xchk_xfile_*_descr macros call kasprintf, which can fail to allocate memory if the formatted string is larger than 16 bytes (or whatever the nofail guarantees ar

  • CVE-2026-23251MedMar 18, 2026
    affected >= 6.10.0, < 6.12.75fixed 6.12.75

    In the Linux kernel, the following vulnerability has been resolved: xfs: only call xf{array,blob}_destroy if we have a valid pointer Only call the xfarray and xfblob destructor if we have a valid pointer, and be sure to null out that pointer afterwards. Note that this patch fi

  • CVE-2026-23250MedMar 18, 2026
    affected >= 6.10.0, < 6.12.75fixed 6.12.75

    In the Linux kernel, the following vulnerability has been resolved: xfs: check return value of xchk_scrub_create_subord Fix this function to return NULL instead of a mangled ENOMEM, then fix the callers to actually check for a null pointer and return ENOMEM. Most of the correct

  • CVE-2026-23249MedMar 18, 2026
    affected >= 6.8.0, < 6.12.75fixed 6.12.75

    In the Linux kernel, the following vulnerability has been resolved: xfs: check for deleted cursors when revalidating two btrees The free space and inode btree repair functions will rebuild both btrees at the same time, after which it needs to evaluate both btrees to confirm tha

  • CVE-2025-71270MedMar 18, 2026
    affected >= 6.2.0, < 6.6.124fixed 6.6.124

    In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable exception fixup for specific ADE subcode This patch allows the LoongArch BPF JIT to handle recoverable memory access errors generated by BPF_PROBE_MEM* instructions. When a BPF program perfor

  • CVE-2025-71269MedMar 18, 2026
    affected >= 4.4.0, < 6.18.10fixed 6.18.10

    In the Linux kernel, the following vulnerability has been resolved: btrfs: do not free data reservation in fallback from inline due to -ENOSPC If we fail to create an inline extent due to -ENOSPC, we will attempt to go through the normal COW path, reserve an extent, create an o

  • CVE-2025-71268MedMar 18, 2026
    affected >= 4.4.0, < 6.1.163fixed 6.1.163

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix reservation leak in some error paths when inserting inline extent If we fail to allocate a path or join a transaction, we return from __cow_file_range_inline() without freeing the reserved qgroup dat

  • CVE-2026-23248HigMar 18, 2026
    affected >= 6.14.0, < 6.18.17fixed 6.18.17

    In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix refcount bug and potential UAF in perf_mmap Syzkaller reported a refcount_t: addition on 0; use-after-free warning in perf_mmap. The issue is caused by a race condition between a failing mmap()

  • CVE-2026-23247MedMar 18, 2026
    affected >= 4.11.0, < 6.18.17fixed 6.18.17

    In the Linux kernel, the following vulnerability has been resolved: tcp: secure_seq: add back ports to TS offset This reverts 28ee1b746f49 ("secure_seq: downgrade to per-host timestamp offsets") tcp_tw_recycle went away in 2017. Zhouyan Deng reported off-path TCP source port

  • CVE-2026-23246HigMar 18, 2026
    affected >= 6.5.0, < 6.6.130fixed 6.6.130

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: bounds-check link_id in ieee80211_ml_reconfiguration link_id is taken from the ML Reconfiguration element (control & 0x000f), so it can be 0..15. link_removal_timeout[] has IEEE80211_MLD_MAX_NUM

  • CVE-2026-23245HigMar 18, 2026
    affected >= 5.8.0, < 6.1.167fixed 6.1.167

    In the Linux kernel, the following vulnerability has been resolved: net/sched: act_gate: snapshot parameters with RCU on replace The gate action can be replaced while the hrtimer callback or dump path is walking the schedule list. Convert the parameters to an RCU-protected sna

Page 8 of 88