rpm package

almalinux/bpftool

pkg:rpm/almalinux/bpftool

Vulnerabilities (901)

CVE	Sev	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2025-22020		—		< 4.18.0-553.66.1.el8_10	4.18.0-553.66.1.el8_10	Apr 16, 2025	In the Linux kernel, the following vulnerability has been resolved: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free in rt
CVE-2025-22004		—		< 4.18.0-553.62.1.el8_10	4.18.0-553.62.1.el8_10	Apr 3, 2025	In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send() The ->send() operation frees skb so save the length before calling ->send() to avoid a use after free.
CVE-2025-21991		—		< 4.18.0-553.62.1.el8_10	4.18.0-553.62.1.el8_10	Apr 2, 2025	In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes Currently, load_microcode_amd() iterates over all NUMA nodes, retrieves their CPU masks and unconditionally accesses per-CPU data for the
CVE-2025-21928		—		< 4.18.0-553.66.1.el8_10	4.18.0-553.66.1.el8_10	Apr 1, 2025	In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() The system can experience a random crash a few minutes after the driver is removed. This issue occurs due to improper handling of memory freein
CVE-2025-21919		—		< 4.18.0-553.64.1.el8_10	4.18.0-553.64.1.el8_10	Apr 1, 2025	In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list child_cfs_rq_on_list attempts to convert a 'prev' pointer to a cfs_rq. This 'prev' pointer can originate from struct rq's leaf_cfs_rq_list, ma
CVE-2025-21905		—		< 4.18.0-553.64.1.el8_10	4.18.0-553.64.1.el8_10	Apr 1, 2025	In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is always with a NUL-termination, so reading the string may read beyond the end of the TLV. If that's the last TLV in the
CVE-2025-21764	Hig	7.8		< 4.18.0-553.58.1.el8_10	4.18.0-553.58.1.el8_10	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be called without RTNL or RCU being held. Add RCU protection to avoid possible UAF.
CVE-2025-21756	Hig	7.8		< 4.18.0-553.53.1.el8_10	4.18.0-553.53.1.el8_10	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind() and those implicitly bound through autobind during connect(). Prevents socket un
CVE-2025-21785		—		< 4.18.0-553.46.1.el8_10	4.18.0-553.46.1.el8_10	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array The loop that detects/populates cache information already has a bounds check on the array size but does not account for cache levels with separate
CVE-2025-21759		—		< 4.18.0-553.69.1.el8_10	4.18.0-553.69.1.el8_10	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6_send() igmp6_send() can be called without RTNL or RCU being held. Extend RCU protection so that we can safely fetch the net pointer and avoid a potential UAF. Note
CVE-2025-21727	Hig	7.8		< 4.18.0-553.69.1.el8_10	4.18.0-553.69.1.el8_10	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: padata: fix UAF in padata_reorder A bug was found when run ltp test: BUG: KASAN: slab-use-after-free in padata_find_next+0x29/0x1a0 Read of size 4 at addr ffff88bbfe003524 by task kworker/u113:2/3039206 CPU:
CVE-2024-57979	Hig	7.8		< 4.18.0-553.44.1.el8_10	4.18.0-553.44.1.el8_10	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: pps: Fix a use-after-free On a board running ntpd and gpsd, I'm seeing a consistent use-after-free in sys_exit() from gpsd when rebooting: pps pps1: removed ------------[ cut here ]------------ kob
CVE-2024-58002		—		< 4.18.0-553.62.1.el8_10	4.18.0-553.62.1.el8_10	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove dangling pointers When an async control is written, we copy a pointer to the file handle that started the operation. That pointer will be used when the device is done. Which could be any
CVE-2024-57980		—		< 4.18.0-553.62.1.el8_10	4.18.0-553.62.1.el8_10	Feb 27, 2025	In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix double free in error path If the uvc_status_init() function fails to allocate the int_urb, it will free the dev->status pointer but doesn't reset the pointer to NULL. This results in the kf
CVE-2022-49395		—		< 4.18.0-553.56.1.el8_10	4.18.0-553.56.1.el8_10	Feb 26, 2025	In the Linux kernel, the following vulnerability has been resolved: um: Fix out-of-bounds read in LDT setup syscall_stub_data() expects the data_count parameter to be the number of longs, not bytes. ================================================================== BUG: KASA
CVE-2022-49136		—		< 4.18.0-553.60.1.el8_10	4.18.0-553.60.1.el8_10	Feb 26, 2025	In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Fix queuing commands when HCI_UNREGISTER is set hci_cmd_sync_queue shall return an error if HCI_UNREGISTER flag has been set as that means hci_unregister_dev has been called so it will like
CVE-2022-49111		—		< 4.18.0-553.60.1.el8_10	4.18.0-553.60.1.el8_10	Feb 26, 2025	In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use after free in hci_send_acl This fixes the following trace caused by receiving HCI_EV_DISCONN_PHY_LINK_COMPLETE which does call hci_conn_del without first checking if conn->type is in fact AMP
CVE-2022-49058		—		< 4.18.0-553.62.1.el8_10	4.18.0-553.62.1.el8_10	Feb 26, 2025	In the Linux kernel, the following vulnerability has been resolved: cifs: potential buffer overflow in handling symlinks Smatch printed a warning: arch/x86/crypto/poly1305_glue.c:198 poly1305_update_arch() error: __memcpy() 'dctx->buf' too small (16 vs u32max) It's caused be
CVE-2024-57807		—		< 4.18.0-553.44.1.el8_10	4.18.0-553.44.1.el8_10	Jan 11, 2025	In the Linux kernel, the following vulnerability has been resolved: scsi: megaraid_sas: Fix for a potential deadlock This fixes a 'possible circular locking dependency detected' warning CPU0 CPU1 ---- ---- lock(&instance->reset
CVE-2024-53197		—	KEV	< 4.18.0-553.44.1.el8_10	4.18.0-553.44.1.el8_10	Dec 27, 2024	In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usb_get_configuration for allocating

CVE-2025-22020Apr 16, 2025
affected < 4.18.0-553.66.1.el8_10fixed 4.18.0-553.66.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free in rt
CVE-2025-22004Apr 3, 2025
affected < 4.18.0-553.62.1.el8_10fixed 4.18.0-553.62.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send() The ->send() operation frees skb so save the length before calling ->send() to avoid a use after free.
CVE-2025-21991Apr 2, 2025
affected < 4.18.0-553.62.1.el8_10fixed 4.18.0-553.62.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes Currently, load_microcode_amd() iterates over all NUMA nodes, retrieves their CPU masks and unconditionally accesses per-CPU data for the
CVE-2025-21928Apr 1, 2025
affected < 4.18.0-553.66.1.el8_10fixed 4.18.0-553.66.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() The system can experience a random crash a few minutes after the driver is removed. This issue occurs due to improper handling of memory freein
CVE-2025-21919Apr 1, 2025
affected < 4.18.0-553.64.1.el8_10fixed 4.18.0-553.64.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list child_cfs_rq_on_list attempts to convert a 'prev' pointer to a cfs_rq. This 'prev' pointer can originate from struct rq's leaf_cfs_rq_list, ma
CVE-2025-21905Apr 1, 2025
affected < 4.18.0-553.64.1.el8_10fixed 4.18.0-553.64.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is always with a NUL-termination, so reading the string may read beyond the end of the TLV. If that's the last TLV in the
CVE-2025-21764HigFeb 27, 2025
affected < 4.18.0-553.58.1.el8_10fixed 4.18.0-553.58.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be called without RTNL or RCU being held. Add RCU protection to avoid possible UAF.
CVE-2025-21756HigFeb 27, 2025
affected < 4.18.0-553.53.1.el8_10fixed 4.18.0-553.53.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind() and those implicitly bound through autobind during connect(). Prevents socket un
CVE-2025-21785Feb 27, 2025
affected < 4.18.0-553.46.1.el8_10fixed 4.18.0-553.46.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array The loop that detects/populates cache information already has a bounds check on the array size but does not account for cache levels with separate
CVE-2025-21759Feb 27, 2025
affected < 4.18.0-553.69.1.el8_10fixed 4.18.0-553.69.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6_send() igmp6_send() can be called without RTNL or RCU being held. Extend RCU protection so that we can safely fetch the net pointer and avoid a potential UAF. Note
CVE-2025-21727HigFeb 27, 2025
affected < 4.18.0-553.69.1.el8_10fixed 4.18.0-553.69.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: padata: fix UAF in padata_reorder A bug was found when run ltp test: BUG: KASAN: slab-use-after-free in padata_find_next+0x29/0x1a0 Read of size 4 at addr ffff88bbfe003524 by task kworker/u113:2/3039206 CPU:
CVE-2024-57979HigFeb 27, 2025
affected < 4.18.0-553.44.1.el8_10fixed 4.18.0-553.44.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: pps: Fix a use-after-free On a board running ntpd and gpsd, I'm seeing a consistent use-after-free in sys_exit() from gpsd when rebooting: pps pps1: removed ------------[ cut here ]------------ kob
CVE-2024-58002Feb 27, 2025
affected < 4.18.0-553.62.1.el8_10fixed 4.18.0-553.62.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove dangling pointers When an async control is written, we copy a pointer to the file handle that started the operation. That pointer will be used when the device is done. Which could be any
CVE-2024-57980Feb 27, 2025
affected < 4.18.0-553.62.1.el8_10fixed 4.18.0-553.62.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix double free in error path If the uvc_status_init() function fails to allocate the int_urb, it will free the dev->status pointer but doesn't reset the pointer to NULL. This results in the kf
CVE-2022-49395Feb 26, 2025
affected < 4.18.0-553.56.1.el8_10fixed 4.18.0-553.56.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: um: Fix out-of-bounds read in LDT setup syscall_stub_data() expects the data_count parameter to be the number of longs, not bytes. ================================================================== BUG: KASA
CVE-2022-49136Feb 26, 2025
affected < 4.18.0-553.60.1.el8_10fixed 4.18.0-553.60.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Fix queuing commands when HCI_UNREGISTER is set hci_cmd_sync_queue shall return an error if HCI_UNREGISTER flag has been set as that means hci_unregister_dev has been called so it will like
CVE-2022-49111Feb 26, 2025
affected < 4.18.0-553.60.1.el8_10fixed 4.18.0-553.60.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use after free in hci_send_acl This fixes the following trace caused by receiving HCI_EV_DISCONN_PHY_LINK_COMPLETE which does call hci_conn_del without first checking if conn->type is in fact AMP
CVE-2022-49058Feb 26, 2025
affected < 4.18.0-553.62.1.el8_10fixed 4.18.0-553.62.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: cifs: potential buffer overflow in handling symlinks Smatch printed a warning: arch/x86/crypto/poly1305_glue.c:198 poly1305_update_arch() error: __memcpy() 'dctx->buf' too small (16 vs u32max) It's caused be
CVE-2024-57807Jan 11, 2025
affected < 4.18.0-553.44.1.el8_10fixed 4.18.0-553.44.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: scsi: megaraid_sas: Fix for a potential deadlock This fixes a 'possible circular locking dependency detected' warning CPU0 CPU1 ---- ---- lock(&instance->reset
CVE-2024-53197KEVDec 27, 2024
affected < 4.18.0-553.44.1.el8_10fixed 4.18.0-553.44.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usb_get_configuration for allocating

Page 7 of 46