VYPR

linux package

kernel

pkg:linux/kernel

Vulnerabilities (1,755)

  • CVE-2022-50560Oct 22, 2025
    affected >= 4.10.0, < 5.10.150fixed 5.10.150

    In the Linux kernel, the following vulnerability has been resolved: drm/meson: explicitly remove aggregate driver at module unload time Because component_master_del wasn't being called when unloading the meson_drm module, the aggregate device would linger forever in the global

  • CVE-2022-50559Oct 22, 2025
    affected >= 5.11.0, < 5.15.75fixed 5.15.75

    In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: fix memleak on platform_device_add() fails No error handling is performed when platform_device_add() fails. Add error processing before return, and modified the return value.

  • CVE-2022-50558Oct 22, 2025
    affected >= 6.0.0, < 6.0.16fixed 6.0.16

    In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Use the new num_config_regs property in regmap_add_irq_chip_fwnode Commit faa87ce9196d ("regmap-irq: Introduce config registers for irq types") added the num_config_regs, then commit 9edd4f5aee84 ("

  • CVE-2022-50557Oct 22, 2025
    affected >= 5.17.0, < 6.0.16fixed 6.0.16

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: thunderbay: fix possible memory leak in thunderbay_build_functions() The thunderbay_add_functions() will free memory of thunderbay_funcs when everything is ok, but thunderbay_funcs will not be freed wh

  • CVE-2022-50556Oct 22, 2025
    affected >= 4.0.0, < 5.10.173fixed 5.10.173

    In the Linux kernel, the following vulnerability has been resolved: drm: Fix potential null-ptr-deref due to drmm_mode_config_init() drmm_mode_config_init() will call drm_mode_create_standard_properties() and won't check the ret value. When drm_mode_create_standard_properties()

  • CVE-2025-40017Oct 20, 2025
    affected >= 6.15.0, < 6.16.11fixed 6.16.11

    In the Linux kernel, the following vulnerability has been resolved: media: iris: Fix memory leak by freeing untracked persist buffer One internal buffer which is allocated only once per session was not being freed during session close because it was not being tracked as part of

  • CVE-2025-40016Oct 20, 2025
    affected >= 5.7.0, < 6.6.110fixed 6.6.110

    In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID Per UVC 1.1+ specification 3.7.2, units and terminals must have a non-zero unique ID. ``` Each Unit and Terminal within the video function i

  • CVE-2025-40015Oct 20, 2025
    affected >= 6.15.0, < 6.16.11fixed 6.16.11

    In the Linux kernel, the following vulnerability has been resolved: media: stm32-csi: Fix dereference before NULL check In 'stm32_csi_start', 'csidev->s_subdev' is dereferenced directly while assigning a value to the 'src_pad'. However the same value is being checked against NU

  • CVE-2025-40013Oct 20, 2025
    affected >= 5.16.0, < 6.1.156fixed 6.1.156

    In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: audioreach: fix potential null pointer dereference It is possible that the topology parsing function audioreach_widget_load_module_common() could return NULL or an error pointer. Add missing NULL ch

  • CVE-2025-40012Oct 20, 2025
    affected >= 6.10.0, < 6.12.50fixed 6.12.50

    In the Linux kernel, the following vulnerability has been resolved: net/smc: fix warning in smc_rx_splice() when calling get_page() smc_lo_register_dmb() allocates DMB buffers with kzalloc(), which are later passed to get_page() in smc_rx_splice(). Since kmalloc memory is not p

  • CVE-2025-40011Oct 20, 2025
    affected >= 3.3.0, < 5.4.300fixed 5.4.300

    In the Linux kernel, the following vulnerability has been resolved: drm/gma500: Fix null dereference in hdmi teardown pci_set_drvdata sets the value of pdev->driver_data to NULL, after which the driver_data obtained from the same dev is dereferenced in oaktrail_hdmi_i2c_exit, a

  • CVE-2025-40010Oct 20, 2025
    affected >= 6.0.0, < 6.1.155fixed 6.1.155

    In the Linux kernel, the following vulnerability has been resolved: afs: Fix potential null pointer dereference in afs_put_server afs_put_server() accessed server->debug_id before the NULL check, which could lead to a null pointer dereference. Move the debug_id assignment, ensu

  • CVE-2025-40009Oct 20, 2025
    affected >= 6.7.0, < 6.12.50fixed 6.12.50

    In the Linux kernel, the following vulnerability has been resolved: fs/proc/task_mmu: check p->vec_buf for NULL When the PAGEMAP_SCAN ioctl is invoked with vec_len = 0 reaches pagemap_scan_backout_range(), kernel panics with null-ptr-deref: [ 44.936808] Oops: general protect

  • CVE-2025-40008Oct 20, 2025
    affected < 6.1.155fixed 6.1.155

    In the Linux kernel, the following vulnerability has been resolved: kmsan: fix out-of-bounds access to shadow memory Running sha224_kunit on a KMSAN-enabled kernel results in a crash in kmsan_internal_set_shadow_origin(): BUG: unable to handle page fault for address: ffffb

  • CVE-2025-40007Oct 20, 2025
    affected >= 6.16.0, < 6.16.10fixed 6.16.10

    In the Linux kernel, the following vulnerability has been resolved: netfs: fix reference leak Commit 20d72b00ca81 ("netfs: Fix the request's work item to not require a ref") modified netfs_alloc_request() to initialize the reference counter to 2 instead of 1. The rationale was

  • CVE-2025-40006Oct 20, 2025
    affected >= 4.5.0, < 5.4.300fixed 5.4.300

    In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix folio is still mapped when deleted Migration may be raced with fallocating hole. remove_inode_single_folio will unmap the folio if the folio is still mapped. However, it's called without folio

  • CVE-2025-40004Oct 20, 2025
    affected >= 6.12.0, < 6.12.53fixed 6.12.53

    In the Linux kernel, the following vulnerability has been resolved: net/9p: Fix buffer overflow in USB transport layer A buffer overflow vulnerability exists in the USB 9pfs transport layer where inconsistent size validation between packet header parsing and actual data copying

  • CVE-2025-40003Oct 18, 2025
    affected >= 4.18.0, < 6.12.54fixed 6.12.54

    In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: Fix use-after-free caused by cyclic delayed work The origin code calls cancel_delayed_work() in ocelot_stats_deinit() to cancel the cyclic delayed work item ocelot->stats_work. However, cance

  • CVE-2025-40002Oct 18, 2025
    affected >= 6.14.0, < 6.17.3fixed 6.17.3

    In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix use-after-free in tb_dp_dprx_work The original code relies on cancel_delayed_work() in tb_dp_dprx_stop(), which does not ensure that the delayed work item tunnel->dprx_work has fully completed

  • CVE-2025-40001Oct 18, 2025
    affected >= 2.6.31, < 5.4.301fixed 5.4.301

    In the Linux kernel, the following vulnerability has been resolved: scsi: mvsas: Fix use-after-free bugs in mvs_work_queue During the detaching of Marvell's SAS/SATA controller, the original code calls cancel_delayed_work() in mvs_free() to cancel the delayed work item mwq->wor