VYPR

rpm package

almalinux/bpftool

pkg:rpm/almalinux/bpftool

Vulnerabilities (901)

  • CVE-2025-40096Oct 30, 2025
    affected < 4.18.0-553.94.1.el8_10fixed 4.18.0-553.94.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies When adding dependencies with drm_sched_job_add_dependency(), that function consumes the fence reference both on success and failure,

  • CVE-2025-40064Oct 28, 2025
    affected < 4.18.0-553.107.1.el8_10fixed 4.18.0-553.107.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in __pnet_find_base_ndev(). syzbot reported use-after-free of net_device in __pnet_find_base_ndev(), which was called during connect(). [0] smc_pnet_find_ism_resource() fetches sk_dst_g

  • CVE-2025-39993Oct 15, 2025
    affected < 4.18.0-553.92.1.el8_10fixed 4.18.0-553.92.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imon_disconnect() Syzbot reports a KASAN issue as below: BUG: KASAN: use-after-free in __create_pipe include/linux/usb.h:1945 [inline] BUG: KASAN: use-after-free in send_packet+0xa2d/0

  • CVE-2025-39971Oct 15, 2025
    affected < 4.18.0-553.85.1.el8_10fixed 4.18.0-553.85.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: i40e: fix idx validation in config queues msg Ensure idx is within range of active/initialized TCs when iterating over vf->ch[idx] in i40e_vc_config_queues_msg().

  • CVE-2025-39955Oct 9, 2025
    affected < 4.18.0-553.87.1.el8_10fixed 4.18.0-553.87.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). syzbot reported the splat below where a socket had tcp_sk(sk)->fastopen_rsk in the TCP_ESTABLISHED state. [0] syzbot reused the server-side TCP Fast Ope

  • CVE-2023-53673HigOct 7, 2025
    affected < 4.18.0-553.97.1.el8_10fixed 4.18.0-553.97.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: call disconnect callback before deleting conn In hci_cs_disconnect, we do hci_conn_del even if disconnection failed. ISO, L2CAP and SCO connections refer to the hci_conn without hci_conn_

  • CVE-2022-50543Oct 7, 2025
    affected < 4.18.0-553.89.1.el8_10fixed 4.18.0-553.89.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix mr->map double free rxe_mr_cleanup() which tries to free mr->map again will be called when rxe_mr_init_user() fails: CPU: 0 PID: 4917 Comm: rdma_flush_serv Kdump: loaded Not tainted 6.1.0-rc1-

  • CVE-2023-53552Oct 4, 2025
    affected < 4.18.0-553.94.1.el8_10fixed 4.18.0-553.94.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: drm/i915: mark requests for GuC virtual engines to avoid use-after-free References to i915_requests may be trapped by userspace inside a sync_file or dmabuf (dma-resv) and held indefinitely across different pro

  • CVE-2023-53539Oct 4, 2025
    affected < 4.18.0-553.89.1.el8_10fixed 4.18.0-553.89.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix incomplete state save in rxe_requester If a send packet is dropped by the IP layer in rxe_requester() the call to rxe_xmit_packet() can fail with err == -EAGAIN. To recover, the state of the wqe i

  • CVE-2025-39933Oct 4, 2025
    affected < 4.18.0-553.94.1.el8_10fixed 4.18.0-553.94.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: smb: client: let recv_done verify data_offset, data_length and remaining_data_length This is inspired by the related server fixes.

  • CVE-2023-53513MedOct 1, 2025
    affected < 4.18.0-553.87.1.el8_10fixed 4.18.0-553.87.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: nbd: fix incomplete validation of ioctl arg We tested and found an alarm caused by nbd_ioctl arg without verification. The UBSAN warning calltrace like below: UBSAN: Undefined behaviour in fs/buffer.c:1709:35

  • CVE-2025-39883Sep 23, 2025
    affected < 4.18.0-553.87.1.el8_10fixed 4.18.0-553.87.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory When I did memory failure tests, below panic occurs: page dumped because: VM_BUG_ON_PAGE(PagePoisoned(page)) kernel BUG at include

  • CVE-2025-39864HigSep 19, 2025
    affected < 4.18.0-553.82.1.el8_10fixed 4.18.0-553.82.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix use-after-free in cmp_bss() Following bss_free() quirk introduced in commit 776b3580178f ("cfg80211: track hidden SSID networks properly"), adjust cfg80211_update_known_bss() to free the las

  • CVE-2025-39849HigSep 19, 2025
    affected < 4.18.0-553.81.1.el8_10fixed 4.18.0-553.81.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() If the ssid->datalen is more than IEEE80211_MAX_SSID_LEN (32) it would lead to memory corruption so add some bounds checking.

  • CVE-2025-39841HigSep 19, 2025
    affected < 4.18.0-553.81.1.el8_10fixed 4.18.0-553.81.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix buffer free/clear order in deferred receive path Fix a use-after-free window by correcting the buffer release sequence in the deferred receive path. The code freed the RQ buffer first and only t

  • CVE-2023-53401Sep 18, 2025
    affected < 4.18.0-553.89.1.el8_10fixed 4.18.0-553.89.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required() KCSAN found an issue in obj_stock_flush_required(): stock->cached_objcg can be reset between the check and dereference: ==================

  • CVE-2023-53386Sep 18, 2025
    affected < 4.18.0-553.81.1.el8_10fixed 4.18.0-553.81.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix potential use-after-free when clear keys Similar to commit c5d2b6fa26b5 ("Bluetooth: Fix use-after-free in hci_remove_ltk/hci_remove_irk"). We can not access k after kfree_rcu() call.

  • CVE-2023-53373Sep 18, 2025
    affected < 4.18.0-553.80.1.el8_10fixed 4.18.0-553.80.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller

  • CVE-2022-50386Sep 18, 2025
    affected < 4.18.0-553.81.1.el8_10fixed 4.18.0-553.81.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2cap_chan_hold_unless_zero() after calling __l2cap_get_chan_blah() to prevent the following trace: Bluetooth: l2cap_core.c:static void l2cap_chan_destroy(struct

  • CVE-2022-50367Sep 17, 2025
    affected < 4.18.0-553.83.1.el8_10fixed 4.18.0-553.83.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: fs: fix UAF/GPF bug in nilfs_mdt_destroy In alloc_inode, inode_init_always() could return -ENOMEM if security_inode_alloc() fails, which causes inode->i_private uninitialized. Then nilfs_is_metadata_file_inode(

Page 3 of 46