VYPR

rpm package

almalinux/kernel-64k

pkg:rpm/almalinux/kernel-64k

Vulnerabilities (729)

  • CVE-2021-47606Jun 19, 2024
    affected < 5.14.0-427.31.1.el9_4fixed 5.14.0-427.31.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: net: netlink: af_netlink: Prevent empty skb by adding a check on len. Adding a check on len parameter to avoid empty skb. This prevents a division error in netem_enqueue function which is caused when skb->len=0

  • CVE-2021-47596Jun 19, 2024
    affected < 5.14.0-427.26.1.el9_4fixed 5.14.0-427.26.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg Currently, the hns3_remove function firstly uninstall client instance, and then uninstall acceletion engine device. The netdevice is freed in client ins

  • CVE-2024-38615MedJun 19, 2024
    affected < 5.14.0-427.37.1.el9_4fixed 5.14.0-427.37.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: cpufreq: exit() callback is optional The exit() callback is optional and shouldn't be called without checking a valid pointer first. Also, we must clear freq_table pointer even if the exit() callback isn't pre

  • CVE-2024-38579MedJun 19, 2024
    affected < 5.14.0-427.33.1.el9_4fixed 5.14.0-427.33.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - Fix pointer arithmetic In spu2_dump_omd() value of ptr is increased by ciph_key_len instead of hash_iv_len which could lead to going beyond the buffer boundaries. Fix this bug by changing ciph_key

  • CVE-2024-38559MedJun 19, 2024
    affected < 5.14.0-427.35.1.el9_4fixed 5.14.0-427.35.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Ensure the copied buf is NUL terminated Currently, we allocate a count-sized kernel buffer and copy count from userspace to that buffer. Later, we use kstrtouint on this buffer but we don't ensure t

  • CVE-2024-38558MedJun 19, 2024
    affected < 5.14.0-427.31.1.el9_4fixed 5.14.0-427.31.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix overwriting ct original tuple for ICMPv6 OVS_PACKET_CMD_EXECUTE has 3 main attributes: - OVS_PACKET_ATTR_KEY - Packet metadata in a netlink format. - OVS_PACKET_ATTR_PACKET - Binary pack

  • CVE-2024-38608Jun 19, 2024
    affected < 5.14.0-427.33.1.el9_4fixed 5.14.0-427.33.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix netif state handling mlx5e_suspend cleans resources only if netif_device_present() returns true. However, mlx5e_resume changes the state of netif, via mlx5e_nic_enable, only if reg_state == NETRE

  • CVE-2024-38601Jun 19, 2024
    affected < 5.14.0-427.37.1.el9_4fixed 5.14.0-427.37.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rb_get_reader_page() swaps a new reader page into the ring buffer by doing cmpxchg on old->list.prev->next to point it to the new pag

  • CVE-2024-38593Jun 19, 2024
    affected < 5.14.0-427.26.1.el9_4fixed 5.14.0-427.26.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: net: micrel: Fix receiving the timestamp in the frame for lan8841 The blamed commit started to use the ptp workqueue to get the second part of the timestamp. And when the port was set down, then this workqueue

  • CVE-2024-38586Jun 19, 2024
    affected < 5.14.0-427.26.1.el9_4fixed 5.14.0-427.26.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring b

  • CVE-2024-38580Jun 19, 2024
    affected < 5.14.0-427.28.1.el9_4fixed 5.14.0-427.28.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: epoll: be better about file lifetimes epoll can call out to vfs_poll() with a file pointer that may race with the last 'fput()'. That would make f_count go down to zero, and while the ep->mtx locking means that

  • CVE-2024-38575Jun 19, 2024
    affected < 5.14.0-427.31.1.el9_4fixed 5.14.0-427.31.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: pcie: handle randbuf allocation failure The kzalloc() in brcmf_pcie_download_fw_nvram() will return null if the physical memory has run out. As a result, if we use get_random_bytes() to generate

  • CVE-2024-38573Jun 19, 2024
    affected < 5.14.0-427.37.1.el9_4fixed 5.14.0-427.37.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: cppc_cpufreq: Fix possible null pointer dereference cppc_cpufreq_get_rate() and hisi_cppc_cpufreq_get_rate() can be called from different places with various parameters. So cpufreq_cpu_get() can return null as

  • CVE-2024-38570Jun 19, 2024
    affected < 5.14.0-427.37.1.el9_4fixed 5.14.0-427.37.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix potential glock use-after-free on unmount When a DLM lockspace is released and there ares still locks in that lockspace, DLM will unlock those locks automatically. Commit fb6791d100d1b started exploi

  • CVE-2024-38564Jun 19, 2024
    affected < 5.14.0-503.19.1.el9_5fixed 5.14.0-503.19.1.el9_5

    In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE bpf_prog_attach uses attach_type_to_prog_type to enforce proper attach type for BPF_PROG_TYPE_CGROUP_SKB. link_create uses bpf_prog_g

  • CVE-2024-38562Jun 19, 2024
    affected < 5.14.0-427.37.1.el9_4fixed 5.14.0-427.37.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: Avoid address calculations via out of bounds array indexing Before request->channels[] can be used, request->n_channels must be set. Additionally, address calculations for memory after the "chann

  • CVE-2024-38556Jun 19, 2024
    affected < 5.14.0-427.40.1.el9_4fixed 5.14.0-427.40.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Add a timeout to acquire the command queue semaphore Prevent forced completion handling on an entry that has not yet been assigned an index, causing an out of bounds access on idx = -22. Instead of wa

  • CVE-2024-38544Jun 19, 2024
    affected < 5.14.0-427.33.1.el9_4fixed 5.14.0-427.33.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt In rxe_comp_queue_pkt() an incoming response packet skb is enqueued to the resp_pkts queue and then a decision is made whether to run the completer task inline or s

  • CVE-2024-38543Jun 19, 2024
    affected < 5.14.0-427.26.1.el9_4fixed 5.14.0-427.26.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure The kcalloc() in dmirror_device_evict_chunk() will return null if the physical memory has run out. As a result, if src_pfns or dst_pfns is derefe

  • CVE-2024-38540Jun 19, 2024
    affected < 5.14.0-427.33.1.el9_4fixed 5.14.0-427.33.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq Undefined behavior is triggered when bnxt_qplib_alloc_init_hwq is called with hwq_attr->aux_depth != 0 and hwq_attr->aux_stride == 0. In that

Page 24 of 37