rpm package

almalinux/kernel-64k-modules-core

pkg:rpm/almalinux/kernel-64k-modules-core

Vulnerabilities (802)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2022-50087		—	< 5.14.0-570.55.1.el9_6	5.14.0-570.55.1.el9_6	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails When scpi probe fails, at any point, we need to ensure that the scpi_info is not set and will remain NULL until the probe succeeds. If it
CVE-2025-38079	Hig	7.8	< 5.14.0-570.33.2.el9_6	5.14.0-570.33.2.el9_6	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is called on socket type algif_hash with MSG_MORE flag set and crypto_ahash_import fails, sk2 is freed. However, it is also freed in af_alg_relea
CVE-2025-38052		—	< 5.14.0-570.32.1.el9_6	5.14.0-570.32.1.el9_6	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG:
CVE-2025-38024		—	< 5.14.0-611.30.1.el9_7	5.14.0-611.30.1.el9_7	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x7d/0xa0 lib/dump_stack.c:120 print_address_description mm/kasan/
CVE-2025-38022		—	< 5.14.0-611.30.1.el9_7	5.14.0-611.30.1.el9_7	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120 print_address_description
CVE-2025-38015		—	< 6.12.0-211.7.1.el10_2	6.12.0-211.7.1.el10_2	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix memory leak in error handling path of idxd_alloc Memory allocated for idxd is not freed if an error occurs during idxd_alloc(). To fix it, free the allocated memory in the reverse order of
CVE-2025-37994		—	< 6.12.0-124.8.1.el10_1	6.12.0-124.8.1.el10_1	May 29, 2025	In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Fix NULL pointer access This patch ensures that the UCSI driver waits for all pending tasks in the ucsi_displayport_work workqueue to finish executing before proceeding with the p
CVE-2025-37980	Med	5.5	< 6.12.0-211.7.1.el10_2	6.12.0-211.7.1.el10_2	May 20, 2025	In the Linux kernel, the following vulnerability has been resolved: block: fix resource leak in blk_register_queue() error path When registering a queue fails after blk_mq_sysfs_register() is successful but the function later encounters an error, we need to clean up the blk_mq_
CVE-2025-37958		—	< 5.14.0-570.30.1.el9_6	5.14.0-570.30.1.el9_6	May 20, 2025	In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: fix dereferencing invalid pmd migration entry When migrating a THP, concurrent access to the PMD migration entry during a deferred split scan can lead to an invalid address access, as illustrate
CVE-2025-37943		—	< 5.14.0-570.21.1.el9_6	5.14.0-570.21.1.el9_6	May 20, 2025	In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi In certain cases, hardware might provide packets with a length greater than the maximum native Wi-Fi header length. This can lead to accessi
CVE-2025-37914		—	< 5.14.0-570.37.1.el9_6	5.14.0-570.37.1.el9_6	May 20, 2025	In the Linux kernel, the following vulnerability has been resolved: net_sched: ets: Fix double list add in class with netem as child qdisc As described in Gerrard's report [1], there are use cases where a netem child qdisc will make the parent qdisc's enqueue callback reentrant
CVE-2025-37890		—	< 5.14.0-570.32.1.el9_6	5.14.0-570.32.1.el9_6	May 16, 2025	In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfs
CVE-2024-28956	Med	5.6	< 5.14.0-570.35.1.el9_6	5.14.0-570.35.1.el9_6	May 13, 2025	Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2025-37823		—	< 5.14.0-570.39.1.el9_6	5.14.0-570.39.1.el9_6	May 8, 2025	In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too Similarly to the previous patch, we need to safe guard hfsc_dequeue() too. But for this one, we don't have a reliable reproducer.
CVE-2025-37819		—	< 5.14.0-611.30.1.el9_7	5.14.0-611.30.1.el9_7	May 8, 2025	In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() With ACPI in place, gicv2m_get_fwnode() is registered with the pci subsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtime during a
CVE-2025-37810		—	< 5.14.0-570.46.1.el9_6	5.14.0-570.46.1.el9_6	May 8, 2025	In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is read from register DWC3_GEVNTCOUNT. There is a check for the count being zero, but not for exceeding the event bu
CVE-2025-37803		—	< 5.14.0-570.41.1.el9_6	5.14.0-570.41.1.el9_6	May 8, 2025	In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix a buf size overflow issue during udmabuf creation by casting size_limit_mb to u64 when calculate pglimit.
CVE-2025-37799		—	< 5.14.0-570.25.1.el9_6	5.14.0-570.25.1.el9_6	May 3, 2025	In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp vmxnet3 driver's XDP handling is buggy for packet sizes using ring0 (that is, packet sizes between 128 - 3k bytes). We noticed MTU-related connectivi
CVE-2023-53125		—	< 5.14.0-570.46.1.el9_6	5.14.0-570.46.1.el9_6	May 2, 2025	In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb->len Packet length retrieved from skb data may be larger than the actual socket buffer length (up to 9026 bytes). In such case the cloned skb passed up the network
CVE-2025-37797		—	< 5.14.0-570.30.1.el9_6	5.14.0-570.30.1.el9_6	May 2, 2025	In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfsc

CVE-2022-50087Jun 18, 2025
affected < 5.14.0-570.55.1.el9_6fixed 5.14.0-570.55.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails When scpi probe fails, at any point, we need to ensure that the scpi_info is not set and will remain NULL until the probe succeeds. If it
CVE-2025-38079HigJun 18, 2025
affected < 5.14.0-570.33.2.el9_6fixed 5.14.0-570.33.2.el9_6
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is called on socket type algif_hash with MSG_MORE flag set and crypto_ahash_import fails, sk2 is freed. However, it is also freed in af_alg_relea
CVE-2025-38052Jun 18, 2025
affected < 5.14.0-570.32.1.el9_6fixed 5.14.0-570.32.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG:
CVE-2025-38024Jun 18, 2025
affected < 5.14.0-611.30.1.el9_7fixed 5.14.0-611.30.1.el9_7
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x7d/0xa0 lib/dump_stack.c:120 print_address_description mm/kasan/
CVE-2025-38022Jun 18, 2025
affected < 5.14.0-611.30.1.el9_7fixed 5.14.0-611.30.1.el9_7
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120 print_address_description
CVE-2025-38015Jun 18, 2025
affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix memory leak in error handling path of idxd_alloc Memory allocated for idxd is not freed if an error occurs during idxd_alloc(). To fix it, free the allocated memory in the reverse order of
CVE-2025-37994May 29, 2025
affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Fix NULL pointer access This patch ensures that the UCSI driver waits for all pending tasks in the ucsi_displayport_work workqueue to finish executing before proceeding with the p
CVE-2025-37980MedMay 20, 2025
affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2
In the Linux kernel, the following vulnerability has been resolved: block: fix resource leak in blk_register_queue() error path When registering a queue fails after blk_mq_sysfs_register() is successful but the function later encounters an error, we need to clean up the blk_mq_
CVE-2025-37958May 20, 2025
affected < 5.14.0-570.30.1.el9_6fixed 5.14.0-570.30.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: fix dereferencing invalid pmd migration entry When migrating a THP, concurrent access to the PMD migration entry during a deferred split scan can lead to an invalid address access, as illustrate
CVE-2025-37943May 20, 2025
affected < 5.14.0-570.21.1.el9_6fixed 5.14.0-570.21.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi In certain cases, hardware might provide packets with a length greater than the maximum native Wi-Fi header length. This can lead to accessi
CVE-2025-37914May 20, 2025
affected < 5.14.0-570.37.1.el9_6fixed 5.14.0-570.37.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: net_sched: ets: Fix double list add in class with netem as child qdisc As described in Gerrard's report [1], there are use cases where a netem child qdisc will make the parent qdisc's enqueue callback reentrant
CVE-2025-37890May 16, 2025
affected < 5.14.0-570.32.1.el9_6fixed 5.14.0-570.32.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfs
CVE-2024-28956MedMay 13, 2025
affected < 5.14.0-570.35.1.el9_6fixed 5.14.0-570.35.1.el9_6
Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2025-37823May 8, 2025
affected < 5.14.0-570.39.1.el9_6fixed 5.14.0-570.39.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too Similarly to the previous patch, we need to safe guard hfsc_dequeue() too. But for this one, we don't have a reliable reproducer.
CVE-2025-37819May 8, 2025
affected < 5.14.0-611.30.1.el9_7fixed 5.14.0-611.30.1.el9_7
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() With ACPI in place, gicv2m_get_fwnode() is registered with the pci subsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtime during a
CVE-2025-37810May 8, 2025
affected < 5.14.0-570.46.1.el9_6fixed 5.14.0-570.46.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is read from register DWC3_GEVNTCOUNT. There is a check for the count being zero, but not for exceeding the event bu
CVE-2025-37803May 8, 2025
affected < 5.14.0-570.41.1.el9_6fixed 5.14.0-570.41.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix a buf size overflow issue during udmabuf creation by casting size_limit_mb to u64 when calculate pglimit.
CVE-2025-37799May 3, 2025
affected < 5.14.0-570.25.1.el9_6fixed 5.14.0-570.25.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp vmxnet3 driver's XDP handling is buggy for packet sizes using ring0 (that is, packet sizes between 128 - 3k bytes). We noticed MTU-related connectivi
CVE-2023-53125May 2, 2025
affected < 5.14.0-570.46.1.el9_6fixed 5.14.0-570.46.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb->len Packet length retrieved from skb data may be larger than the actual socket buffer length (up to 9026 bytes). In such case the cloned skb passed up the network
CVE-2025-37797May 2, 2025
affected < 5.14.0-570.30.1.el9_6fixed 5.14.0-570.30.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfsc

Page 12 of 41