VYPR

rpm package

almalinux/kernel-64k-modules-core

pkg:rpm/almalinux/kernel-64k-modules-core

Vulnerabilities (802)

  • CVE-2024-56672HigDec 27, 2024
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix UAF in blkcg_unpin_online() blkcg_unpin_online() walks up the blkcg hierarchy putting the online pin. To walk up, it uses blkcg_parent(blkcg) but it was calling that after blkcg_destroy_blkgs(bl

  • CVE-2024-56675Dec 27, 2024
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors Uprobes always use bpf_prog_run_array_uprobe() under tasks-trace-RCU protection. But it is possible to attach a non-sleepable BPF program to a uprobe

  • CVE-2024-56662Dec 27, 2024
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl Fix an issue detected by syzbot with KASAN: BUG: KASAN: vmalloc-out-of-bounds in cmd_to_func drivers/acpi/nfit/ core.c:416 [inline] BUG: KASAN: vmalloc-o

  • CVE-2024-56645Dec 27, 2024
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939_session_new(): fix skb reference counting Since j1939_session_skb_queue() does an extra skb_get() for each new skb, do the same for the initial one in j1939_session_new() to avoid refcount und

  • CVE-2024-56633Dec 27, 2024
    affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2

    In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg The current sk memory accounting logic in __SK_REDIRECT is pre-uncharging tosend bytes, which is either msg->sg.size or a smaller value apply_bytes. Po

  • CVE-2024-56603Dec 27, 2024
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: net: af_can: do not leave a dangling sk pointer in can_create() On error can_create() frees the allocated sk object, but sock_init_data() has already attached it to the provided sock object. This will leave a d

  • CVE-2024-53229Dec 27, 2024
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix the qp flush warnings in req When the qp is in error state, the status of WQEs in the queue should be set to error. Or else the following will appear. [ 920.617269] WARNING: CPU: 1 PID: 21 at dr

  • CVE-2024-53222Dec 27, 2024
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: zram: fix NULL pointer in comp_algorithm_show() LTP reported a NULL pointer dereference as followed: CPU: 7 UID: 0 PID: 5995 Comm: cat Kdump: loaded Not tainted 6.12.0-rc6+ #3 Hardware name: QEMU KVM Virtual

  • CVE-2024-53216Dec 27, 2024
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: nfsd: release svc_expkey/svc_export with rcu_work The last reference for `cache_head` can be reduced to zero in `c_show` and `e_show`(using `rcu_read_lock` and `rcu_read_unlock`). Consequently, `svc_export_put`

  • CVE-2024-53197KEVDec 27, 2024
    affected < 5.14.0-503.31.1.el9_5fixed 5.14.0-503.31.1.el9_5

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usb_get_configuration for allocating

  • CVE-2024-53170Dec 27, 2024
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: block: fix uaf for flush rq while iterating tags blk_mq_clear_flush_rq_mapping() is not called during scsi probe, by checking blk_queue_init_done(). However, QUEUE_FLAG_INIT_DONE is cleared in del_gendisk by co

  • CVE-2022-21505Dec 24, 2024
    affected < 5.14.0-284.11.1.el9_2fixed 5.14.0-284.11.1.el9_2

    In the linux kernel, if IMA appraisal is used with the "ima_appraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "ima_appraise=log" from the boot param when Secure Boot is enabled, but this

  • CVE-2024-53150KEVDec 24, 2024
    affected < 5.14.0-503.38.1.el9_5fixed 5.14.0-503.38.1.el9_5

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of each descriptor at traversing for clock descriptors. That is, when a device provid

  • CVE-2024-53147Dec 24, 2024
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: exfat: fix out-of-bounds access of directory entries In the case of the directory size is greater than or equal to the cluster size, if start_clu becomes an EOF cluster(an invalid cluster) due to file system co

  • CVE-2024-53241Dec 24, 2024
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparati

  • CVE-2024-2201MedDec 19, 2024
    affected < 5.14.0-427.42.1.el9_4fixed 5.14.0-427.42.1.el9_4

    A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.

  • CVE-2024-53135Dec 4, 2024
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN Hide KVM's pt_mode module param behind CONFIG_BROKEN, i.e. disable support for virtualizing Intel PT via guest/host mode unless BROK

  • CVE-2024-53122Dec 2, 2024
    affected < 5.14.0-503.21.1.el9_5fixed 5.14.0-503.21.1.el9_5

    In the Linux kernel, the following vulnerability has been resolved: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust Additional active subflows - i.e. created by the in kernel path manager - are included into the subflow list before starting the 3whs. A racing rec

  • CVE-2024-53119Dec 2, 2024
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Fix accept_queue memory leak As the final stages of socket destruction may be delayed, it is possible that virtio_transport_recv_listen() will be called after the accept_queue has been flushed, bu

  • CVE-2024-53113Dec 2, 2024
    affected < 5.14.0-503.31.1.el9_5fixed 5.14.0-503.31.1.el9_5

    In the Linux kernel, the following vulnerability has been resolved: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof We triggered a NULL pointer dereference for ac.preferred_zoneref->zone in alloc_pages_bulk_noprof() when the task is migrated between cpusets. When c

Page 21 of 41