rpm package

almalinux/kernel-64k-modules-core

pkg:rpm/almalinux/kernel-64k-modules-core

Vulnerabilities (790)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2025-38292		—	< 5.14.0-570.33.2.el9_6	5.14.0-570.33.2.el9_6	Jul 10, 2025	In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid access to memory In ath12k_dp_rx_msdu_coalesce(), rxcb is fetched from skb and boolean is_continuation is part of rxcb. Currently, after freeing the skb, the rxcb->is_continuation acce
CVE-2025-38279		—	< 6.12.0-211.7.1.el10_2	6.12.0-211.7.1.el10_2	Jul 10, 2025	In the Linux kernel, the following vulnerability has been resolved: bpf: Do not include stack ptr register in precision backtracking bookkeeping Yi Lai reported an issue ([1]) where the following warning appears in kernel dmesg: [ 60.643604] verifier backtracking bug [
CVE-2025-38275		—	< 6.12.0-211.7.1.el10_2	6.12.0-211.7.1.el10_2	Jul 10, 2025	In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug The qmp_usb_iomap() helper function currently returns the raw result of devm_ioremap() for non-exclusive mappings. Since devm_ioremap() may return a NULL pointer a
CVE-2025-38267		—	< 6.12.0-211.7.1.el10_2	6.12.0-211.7.1.el10_2	Jul 10, 2025	In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not trigger WARN_ON() due to a commit_overrun When reading a memory mapped buffer the reader page is just swapped out with the last page written in the write buffer. If the reader page is the sa
CVE-2025-38250	Hig	7.8	< 5.14.0-570.35.1.el9_6	5.14.0-570.35.1.el9_6	Jul 9, 2025	In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix use-after-free in vhci_flush() syzbot reported use-after-free in vhci_flush() without repro. [0] From the splat, a thread close()d a vhci file descriptor while its device was being use
CVE-2024-36357	Med	5.6	< 5.14.0-570.62.1.el9_6	5.14.0-570.62.1.el9_6	Jul 8, 2025	A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries.
CVE-2024-36350	Med	5.6	< 5.14.0-570.62.1.el9_6	5.14.0-570.62.1.el9_6	Jul 8, 2025	A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.
CVE-2025-38211		—	< 5.14.0-570.39.1.el9_6	5.14.0-570.39.1.el9_6	Jul 4, 2025	In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction The commit 59c68ac31e15 ("iw_cm: free cm_id resources on the last deref") simplified cm_id resource management by freeing cm_id once all ref
CVE-2025-38206		—	< 5.14.0-611.35.1.el9_7	5.14.0-611.35.1.el9_7	Jul 4, 2025	In the Linux kernel, the following vulnerability has been resolved: exfat: fix double free in delayed_free The double free could happen in the following path. exfat_create_upcase_table() exfat_create_upcase_table() : return error exfat_free_upcase_table() : fre
CVE-2025-38202		—	< 6.12.0-211.7.1.el10_2	6.12.0-211.7.1.el10_2	Jul 4, 2025	In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() bpf_map_lookup_percpu_elem() helper is also available for sleepable bpf program. When BPF JIT is disabled or under 32-bit host, bpf_map_look
CVE-2025-38200		—	< 5.14.0-570.39.1.el9_6	5.14.0-570.39.1.el9_6	Jul 4, 2025	In the Linux kernel, the following vulnerability has been resolved: i40e: fix MMIO write access to an invalid page in i40e_clear_hw When the device sends a specific input, an integer underflow can occur, leading to MMIO write access to an invalid page. Prevent the integer unde
CVE-2025-38180		—	< 5.14.0-611.45.1.el9_7	5.14.0-611.45.1.el9_7	Jul 4, 2025	In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against dev_lec[] changes. It appears it had dev_put() calls without prior dev_hold(), leading to imbalance and UAF.
CVE-2025-38124	Med	5.5	< 5.14.0-570.35.1.el9_6	5.14.0-570.35.1.el9_6	Jul 3, 2025	In the Linux kernel, the following vulnerability has been resolved: net: fix udp gso skb_segment after pull from frag_list Commit a1e40ac5b5e9 ("net: gso: fix udp gso fraglist segmentation after pull from frag_list") detected invalid geometry in frag_list skbs and redirects the
CVE-2025-38172		—	< 6.12.0-124.38.1.el10_1	6.12.0-124.38.1.el10_1	Jul 3, 2025	In the Linux kernel, the following vulnerability has been resolved: erofs: avoid using multiple devices with different type For multiple devices, both primary and extra devices should be the same type. `erofs_init_device` has already guaranteed that if the primary is a file-bac
CVE-2025-38166		—	< 6.12.0-211.7.1.el10_2	6.12.0-211.7.1.el10_2	Jul 3, 2025	In the Linux kernel, the following vulnerability has been resolved: bpf: fix ktls panic with sockmap [ 2172.936997] ------------[ cut here ]------------ [ 2172.936999] kernel BUG at lib/iov_iter.c:629! ...... [ 2172.944996] PKRU: 55555554 [ 2172.945155] Call Trace: [ 2172.94529
CVE-2025-38159		—	< 5.14.0-570.35.1.el9_6	5.14.0-570.35.1.el9_6	Jul 3, 2025	In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds Set the size to 6 instead of 2, since 'para' array is passed to 'rtw_fw_bt_wifi_control(rtwdev, para[0], &para[1])', which reads 5 bytes:
CVE-2025-38141		—	< 5.14.0-611.26.1.el9_7	5.14.0-611.26.1.el9_7	Jul 3, 2025	In the Linux kernel, the following vulnerability has been resolved: dm: fix dm_blk_report_zones If dm_get_live_table() returned NULL, dm_put_live_table() was never called. Also, it is possible that md->zone_revalidate_map will change while calling this function. Only read it on
CVE-2025-38129		—	< 5.14.0-611.35.1.el9_7	5.14.0-611.35.1.el9_7	Jul 3, 2025	In the Linux kernel, the following vulnerability has been resolved: page_pool: Fix use-after-free in page_pool_recycle_in_ring syzbot reported a uaf in page_pool_recycle_in_ring: BUG: KASAN: slab-use-after-free in lock_release+0x151/0xa30 kernel/locking/lockdep.c:5862 Read of
CVE-2025-38116		—	< 6.12.0-124.8.1.el10_1	6.12.0-124.8.1.el10_1	Jul 3, 2025	In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix uaf in ath12k_core_init() When the execution of ath12k_core_hw_group_assign() or ath12k_core_hw_group_create() fails, the registered notifier chain is not unregistered properly. Its memory is
CVE-2025-38110		—	< 5.14.0-570.30.1.el9_6	5.14.0-570.30.1.el9_6	Jul 3, 2025	In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via C45 (clause 45) mdiobus, t

CVE-2025-38292Jul 10, 2025
affected < 5.14.0-570.33.2.el9_6fixed 5.14.0-570.33.2.el9_6
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid access to memory In ath12k_dp_rx_msdu_coalesce(), rxcb is fetched from skb and boolean is_continuation is part of rxcb. Currently, after freeing the skb, the rxcb->is_continuation acce
CVE-2025-38279Jul 10, 2025
affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2
In the Linux kernel, the following vulnerability has been resolved: bpf: Do not include stack ptr register in precision backtracking bookkeeping Yi Lai reported an issue ([1]) where the following warning appears in kernel dmesg: [ 60.643604] verifier backtracking bug [
CVE-2025-38275Jul 10, 2025
affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2
In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug The qmp_usb_iomap() helper function currently returns the raw result of devm_ioremap() for non-exclusive mappings. Since devm_ioremap() may return a NULL pointer a
CVE-2025-38267Jul 10, 2025
affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not trigger WARN_ON() due to a commit_overrun When reading a memory mapped buffer the reader page is just swapped out with the last page written in the write buffer. If the reader page is the sa
CVE-2025-38250HigJul 9, 2025
affected < 5.14.0-570.35.1.el9_6fixed 5.14.0-570.35.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix use-after-free in vhci_flush() syzbot reported use-after-free in vhci_flush() without repro. [0] From the splat, a thread close()d a vhci file descriptor while its device was being use
CVE-2024-36357MedJul 8, 2025
affected < 5.14.0-570.62.1.el9_6fixed 5.14.0-570.62.1.el9_6
A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries.
CVE-2024-36350MedJul 8, 2025
affected < 5.14.0-570.62.1.el9_6fixed 5.14.0-570.62.1.el9_6
A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.
CVE-2025-38211Jul 4, 2025
affected < 5.14.0-570.39.1.el9_6fixed 5.14.0-570.39.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction The commit 59c68ac31e15 ("iw_cm: free cm_id resources on the last deref") simplified cm_id resource management by freeing cm_id once all ref
CVE-2025-38206Jul 4, 2025
affected < 5.14.0-611.35.1.el9_7fixed 5.14.0-611.35.1.el9_7
In the Linux kernel, the following vulnerability has been resolved: exfat: fix double free in delayed_free The double free could happen in the following path. exfat_create_upcase_table() exfat_create_upcase_table() : return error exfat_free_upcase_table() : fre
CVE-2025-38202Jul 4, 2025
affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2
In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() bpf_map_lookup_percpu_elem() helper is also available for sleepable bpf program. When BPF JIT is disabled or under 32-bit host, bpf_map_look
CVE-2025-38200Jul 4, 2025
affected < 5.14.0-570.39.1.el9_6fixed 5.14.0-570.39.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: i40e: fix MMIO write access to an invalid page in i40e_clear_hw When the device sends a specific input, an integer underflow can occur, leading to MMIO write access to an invalid page. Prevent the integer unde
CVE-2025-38180Jul 4, 2025
affected < 5.14.0-611.45.1.el9_7fixed 5.14.0-611.45.1.el9_7
In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against dev_lec[] changes. It appears it had dev_put() calls without prior dev_hold(), leading to imbalance and UAF.
CVE-2025-38124MedJul 3, 2025
affected < 5.14.0-570.35.1.el9_6fixed 5.14.0-570.35.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: net: fix udp gso skb_segment after pull from frag_list Commit a1e40ac5b5e9 ("net: gso: fix udp gso fraglist segmentation after pull from frag_list") detected invalid geometry in frag_list skbs and redirects the
CVE-2025-38172Jul 3, 2025
affected < 6.12.0-124.38.1.el10_1fixed 6.12.0-124.38.1.el10_1
In the Linux kernel, the following vulnerability has been resolved: erofs: avoid using multiple devices with different type For multiple devices, both primary and extra devices should be the same type. `erofs_init_device` has already guaranteed that if the primary is a file-bac
CVE-2025-38166Jul 3, 2025
affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2
In the Linux kernel, the following vulnerability has been resolved: bpf: fix ktls panic with sockmap [ 2172.936997] ------------[ cut here ]------------ [ 2172.936999] kernel BUG at lib/iov_iter.c:629! ...... [ 2172.944996] PKRU: 55555554 [ 2172.945155] Call Trace: [ 2172.94529
CVE-2025-38159Jul 3, 2025
affected < 5.14.0-570.35.1.el9_6fixed 5.14.0-570.35.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds Set the size to 6 instead of 2, since 'para' array is passed to 'rtw_fw_bt_wifi_control(rtwdev, para[0], &para[1])', which reads 5 bytes:
CVE-2025-38141Jul 3, 2025
affected < 5.14.0-611.26.1.el9_7fixed 5.14.0-611.26.1.el9_7
In the Linux kernel, the following vulnerability has been resolved: dm: fix dm_blk_report_zones If dm_get_live_table() returned NULL, dm_put_live_table() was never called. Also, it is possible that md->zone_revalidate_map will change while calling this function. Only read it on
CVE-2025-38129Jul 3, 2025
affected < 5.14.0-611.35.1.el9_7fixed 5.14.0-611.35.1.el9_7
In the Linux kernel, the following vulnerability has been resolved: page_pool: Fix use-after-free in page_pool_recycle_in_ring syzbot reported a uaf in page_pool_recycle_in_ring: BUG: KASAN: slab-use-after-free in lock_release+0x151/0xa30 kernel/locking/lockdep.c:5862 Read of
CVE-2025-38116Jul 3, 2025
affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix uaf in ath12k_core_init() When the execution of ath12k_core_hw_group_assign() or ath12k_core_hw_group_create() fails, the registered notifier chain is not unregistered properly. Its memory is
CVE-2025-38110Jul 3, 2025
affected < 5.14.0-570.30.1.el9_6fixed 5.14.0-570.30.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via C45 (clause 45) mdiobus, t

Page 10 of 40