VYPR

rpm package

almalinux/kernel-64k-debug-modules-core

pkg:rpm/almalinux/kernel-64k-debug-modules-core

Vulnerabilities (831)

  • CVE-2025-40047Oct 28, 2025
    affected < 6.12.0-124.20.1.el10_1fixed 6.12.0-124.20.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: io_uring/waitid: always prune wait queue entry in io_waitid_wait() For a successful return, always remove our entry from the wait queue entry list. Previously this was skipped if a cancelation was in progress,

  • CVE-2025-40034Oct 28, 2025
    affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2

    In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Avoid NULL pointer dereference in aer_ratelimit() When platform firmware supplies error information to the OS, e.g., via the ACPI APEI GHES mechanism, it may identify an error source device that doesn'

  • CVE-2025-39984Oct 15, 2025
    affected < 6.12.0-124.21.1.el10_1fixed 6.12.0-124.21.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: net: tun: Update napi->skb after XDP process The syzbot report a UAF issue: BUG: KASAN: slab-use-after-free in skb_reset_mac_header include/linux/skbuff.h:3150 [inline] BUG: KASAN: slab-use-after-free in n

  • CVE-2025-39983Oct 15, 2025
    affected < 6.12.0-124.20.1.el10_1fixed 6.12.0-124.20.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Fix UAF in hci_conn_tx_dequeue This fixes the following UAF caused by not properly locking hdev when processing HCI_EV_NUM_COMP_PKTS: BUG: KASAN: slab-use-after-free in hci_conn_tx_dequeu

  • CVE-2025-39982Oct 15, 2025
    affected < 6.12.0-124.20.1.el10_1fixed 6.12.0-124.20.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync This fixes the following UFA in hci_acl_create_conn_sync where a connection still pending is command submission (conn->state == BT_OPEN) maybe freed, al

  • CVE-2025-39981Oct 15, 2025
    affected < 5.14.0-611.11.1.el9_7fixed 5.14.0-611.11.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix possible UAFs This attemps to fix possible UAFs caused by struct mgmt_pending being freed while still being processed like in the following trace, in order to fix mgmt_pending_valid is intr

  • CVE-2025-39979Oct 15, 2025
    affected < 5.14.0-611.13.1.el9_7fixed 5.14.0-611.13.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, fix UAF in flow counter release Fix a kernel trace [1] caused by releasing an HWS action of a local flow counter in mlx5_cmd_hws_delete_fte(), where the HWS action refcount and mutex were not init

  • CVE-2025-39971Oct 15, 2025
    affected < 6.12.0-124.16.1.el10_1fixed 6.12.0-124.16.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: i40e: fix idx validation in config queues msg Ensure idx is within range of active/initialized TCs when iterating over vf->ch[idx] in i40e_vc_config_queues_msg().

  • CVE-2025-39966Oct 15, 2025
    affected < 5.14.0-611.16.1.el9_7fixed 5.14.0-611.16.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix race during abort for file descriptors fput() doesn't actually call file_operations release() synchronously, it puts the file on a work queue and it will be released eventually. This is normally f

  • CVE-2025-39955Oct 9, 2025
    affected < 5.14.0-611.11.1.el9_7fixed 5.14.0-611.11.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). syzbot reported the splat below where a socket had tcp_sk(sk)->fastopen_rsk in the TCP_ESTABLISHED state. [0] syzbot reused the server-side TCP Fast Ope

  • CVE-2025-39933Oct 4, 2025
    affected < 5.14.0-611.24.1.el9_7fixed 5.14.0-611.24.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: smb: client: let recv_done verify data_offset, data_length and remaining_data_length This is inspired by the related server fixes.

  • CVE-2023-53494Oct 1, 2025
    affected < 5.14.0-570.60.1.el9_6fixed 5.14.0-570.60.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: crypto: xts - Handle EBUSY correctly As it is xts only handles the special return value of EINPROGRESS, which means that in all other cases it will free data related to the request. However, as the caller of x

  • CVE-2025-39925Oct 1, 2025
    affected < 5.14.0-611.13.1.el9_7fixed 5.14.0-611.13.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: can: j1939: implement NETDEV_UNREGISTER notification handler syzbot is reporting unregister_netdevice: waiting for vcan0 to become free. Usage count = 2 problem, for j1939 protocol did not have NETDEV_UNREG

  • CVE-2025-39918Oct 1, 2025
    affected < 5.14.0-611.11.1.el9_7fixed 5.14.0-611.11.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: fix linked list corruption Never leave scheduled wcid entries on the temporary on-stack list

  • CVE-2025-39905Oct 1, 2025
    affected < 6.12.0-124.27.1.el10_1fixed 6.12.0-124.27.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: net: phylink: add lock for serializing concurrent pl->phydev writes with resolver Currently phylink_resolve() protects itself against concurrent phylink_bringup_phy() or phylink_disconnect_phy() calls which mod

  • CVE-2025-39883Sep 23, 2025
    affected < 5.14.0-611.20.1.el9_7fixed 5.14.0-611.20.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory When I did memory failure tests, below panic occurs: page dumped because: VM_BUG_ON_PAGE(PagePoisoned(page)) kernel BUG at include

  • CVE-2025-39866HigSep 19, 2025
    affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2

    In the Linux kernel, the following vulnerability has been resolved: fs: writeback: fix use-after-free in __mark_inode_dirty() An use-after-free issue occurred when __mark_inode_dirty() get the bdi_writeback that was in the progress of switching. CPU: 1 PID: 562 Comm: systemd-r

  • CVE-2025-39864HigSep 19, 2025
    affected < 5.14.0-611.11.1.el9_7fixed 5.14.0-611.11.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix use-after-free in cmp_bss() Following bss_free() quirk introduced in commit 776b3580178f ("cfg80211: track hidden SSID networks properly"), adjust cfg80211_update_known_bss() to free the las

  • CVE-2025-39849HigSep 19, 2025
    affected < 5.14.0-570.55.1.el9_6fixed 5.14.0-570.55.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() If the ssid->datalen is more than IEEE80211_MAX_SSID_LEN (32) it would lead to memory corruption so add some bounds checking.

  • CVE-2025-39843MedSep 19, 2025
    affected < 6.12.0-124.27.1.el10_1fixed 6.12.0-124.27.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: mm: slub: avoid wake up kswapd in set_track_prepare set_track_prepare() can incur lock recursion. The issue is that it is called from hrtimer_start_range_ns holding the per_cpu(hrtimer_bases)[n].lock, but when

Page 8 of 42