VYPR

rpm package

almalinux/kernel-abi-stablelists

pkg:rpm/almalinux/kernel-abi-stablelists

Vulnerabilities (1,264)

  • CVE-2025-38392Jul 25, 2025
    affected < 5.14.0-570.41.1.el9_6fixed 5.14.0-570.41.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: idpf: convert control queue mutex to a spinlock With VIRTCHNL2_CAP_MACFILTER enabled, the following warning is generated on module load: [ 324.701677] BUG: sleeping function called from invalid context at ker

  • CVE-2025-38383Jul 25, 2025
    affected < 6.12.0-124.29.1.el10_1fixed 6.12.0-124.29.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix data race in show_numa_info() The following data-race was found in show_numa_info(): ================================================================== BUG: KCSAN: data-race in vmalloc_info_sho

  • CVE-2025-38369Jul 25, 2025
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using Running IDXD workloads in a container with the /dev directory mounted can trigger a call trace or even a kernel panic wh

  • CVE-2025-38352KEVJul 22, 2025
    affected < 4.18.0-553.74.1.el8_10fixed 4.18.0-553.74.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() If an exiting non-autoreaping task has already passed exit_notify() and calls handle_posix_cpu_timers() from IRQ, it can be

  • CVE-2025-38351Jul 19, 2025
    affected < 5.14.0-570.51.1.el9_6fixed 5.14.0-570.51.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush In KVM guests with Hyper-V hypercalls enabled, the hypercalls HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST and HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST_EX allow

  • CVE-2025-38350HigJul 19, 2025
    affected < 5.14.0-570.39.1.el9_6fixed 5.14.0-570.39.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: net/sched: Always pass notifications when child class becomes empty Certain classful qdiscs may invoke their classes' dequeue handler on an enqueue operation. This may unexpectedly empty the child qdisc and thu

  • CVE-2025-38349Jul 18, 2025
    affected < 5.14.0-611.26.1.el9_7fixed 5.14.0-611.26.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: eventpoll: don't decrement ep refcount while still holding the ep mutex Jann Horn points out that epoll is decrementing the ep refcount and then doing a mutex_unlock(&ep->mtx); afterwards. That's very wro

  • CVE-2025-38346Jul 10, 2025
    affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2

    In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix UAF when lookup kallsym after ftrace disabled The following issue happens with a buggy module: BUG: unable to handle page fault for address: ffffffffc05d0218 PGD 1bd66f067 P4D 1bd66f067 PUD 1bd6710

  • CVE-2025-38345Jul 10, 2025
    affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2

    In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi operand cache leak in dswstate.c ACPICA commit 987a3b5cf7175916e2a4b6ea5b8e70f830dfe732 I found an ACPI cache leak in ACPI early termination and boot continuing case. When early termination o

  • CVE-2025-38332Jul 10, 2025
    affected < 4.18.0-553.72.1.el8_10fixed 4.18.0-553.72.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy() for BIOS version The strlcat() with FORTIFY support is triggering a panic because it thinks the target buffer will overflow although the correct target buffer size is passed in. Anyway

  • CVE-2025-38292Jul 10, 2025
    affected < 5.14.0-570.33.2.el9_6fixed 5.14.0-570.33.2.el9_6

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid access to memory In ath12k_dp_rx_msdu_coalesce(), rxcb is fetched from skb and boolean is_continuation is part of rxcb. Currently, after freeing the skb, the rxcb->is_continuation acce

  • CVE-2025-38279Jul 10, 2025
    affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2

    In the Linux kernel, the following vulnerability has been resolved: bpf: Do not include stack ptr register in precision backtracking bookkeeping Yi Lai reported an issue ([1]) where the following warning appears in kernel dmesg: [ 60.643604] verifier backtracking bug [

  • CVE-2025-38275Jul 10, 2025
    affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2

    In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug The qmp_usb_iomap() helper function currently returns the raw result of devm_ioremap() for non-exclusive mappings. Since devm_ioremap() may return a NULL pointer a

  • CVE-2025-38267Jul 10, 2025
    affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2

    In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not trigger WARN_ON() due to a commit_overrun When reading a memory mapped buffer the reader page is just swapped out with the last page written in the write buffer. If the reader page is the sa

  • CVE-2025-38250HigJul 9, 2025
    affected < 4.18.0-553.70.1.el8_10fixed 4.18.0-553.70.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix use-after-free in vhci_flush() syzbot reported use-after-free in vhci_flush() without repro. [0] From the splat, a thread close()d a vhci file descriptor while its device was being use

  • CVE-2025-38264Jul 9, 2025
    affected < 6.12.0-55.25.1.el10_0fixed 6.12.0-55.25.1.el10_0

    In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: sanitize request list handling Validate the request in nvme_tcp_handle_r2t() to ensure it's not part of any list, otherwise a malicious R2T PDU might inject a loop in request list processing.

  • CVE-2025-38248Jul 9, 2025
    affected < 4.18.0-553.107.1.el8_10fixed 4.18.0-553.107.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: bridge: mcast: Fix use-after-free during router port configuration The bridge maintains a global list of ports behind which a multicast router resides. The list is consulted during forwarding to ensure multicas

  • CVE-2024-36357MedJul 8, 2025
    affected < 5.14.0-570.62.1.el9_6fixed 5.14.0-570.62.1.el9_6

    A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries.

  • CVE-2024-36350MedJul 8, 2025
    affected < 5.14.0-570.62.1.el9_6fixed 5.14.0-570.62.1.el9_6

    A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.

  • CVE-2025-38220Jul 4, 2025
    affected < 6.12.0-55.30.1.el10_0fixed 6.12.0-55.30.1.el10_0

    In the Linux kernel, the following vulnerability has been resolved: ext4: only dirty folios when data journaling regular files fstest generic/388 occasionally reproduces a crash that looks as follows: BUG: kernel NULL pointer dereference, address: 0000000000000000 ... Call Tra

Page 13 of 64