VYPR

rpm package

almalinux/kernel-abi-stablelists

pkg:rpm/almalinux/kernel-abi-stablelists

Vulnerabilities (1,161)

  • CVE-2024-53222Dec 27, 2024
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: zram: fix NULL pointer in comp_algorithm_show() LTP reported a NULL pointer dereference as followed: CPU: 7 UID: 0 PID: 5995 Comm: cat Kdump: loaded Not tainted 6.12.0-rc6+ #3 Hardware name: QEMU KVM Virtual

  • CVE-2024-53216Dec 27, 2024
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: nfsd: release svc_expkey/svc_export with rcu_work The last reference for `cache_head` can be reduced to zero in `c_show` and `e_show`(using `rcu_read_lock` and `rcu_read_unlock`). Consequently, `svc_export_put`

  • CVE-2024-53197KEVDec 27, 2024
    affected < 4.18.0-553.44.1.el8_10fixed 4.18.0-553.44.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usb_get_configuration for allocating

  • CVE-2024-53170Dec 27, 2024
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: block: fix uaf for flush rq while iterating tags blk_mq_clear_flush_rq_mapping() is not called during scsi probe, by checking blk_queue_init_done(). However, QUEUE_FLAG_INIT_DONE is cleared in del_gendisk by co

  • CVE-2022-21505Dec 24, 2024
    affected < 5.14.0-284.11.1.el9_2fixed 5.14.0-284.11.1.el9_2

    In the linux kernel, if IMA appraisal is used with the "ima_appraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "ima_appraise=log" from the boot param when Secure Boot is enabled, but this

  • CVE-2024-53150KEVDec 24, 2024
    affected < 4.18.0-553.50.1.el8_10fixed 4.18.0-553.50.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of each descriptor at traversing for clock descriptors. That is, when a device provid

  • CVE-2024-53147Dec 24, 2024
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: exfat: fix out-of-bounds access of directory entries In the case of the directory size is greater than or equal to the cluster size, if start_clu becomes an EOF cluster(an invalid cluster) due to file system co

  • CVE-2024-53241Dec 24, 2024
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparati

  • CVE-2024-2201MedDec 19, 2024
    affected < 5.14.0-427.42.1.el9_4fixed 5.14.0-427.42.1.el9_4

    A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.

  • CVE-2024-53141Dec 6, 2024
    affected < 4.18.0-553.52.1.el8_10fixed 4.18.0-553.52.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists, the values of ip and ip_to are slightly swapped. Therefore, the range check f

  • CVE-2024-53135Dec 4, 2024
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN Hide KVM's pt_mode module param behind CONFIG_BROKEN, i.e. disable support for virtualizing Intel PT via guest/host mode unless BROK

  • CVE-2024-53122Dec 2, 2024
    affected < 5.14.0-503.21.1.el9_5fixed 5.14.0-503.21.1.el9_5

    In the Linux kernel, the following vulnerability has been resolved: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust Additional active subflows - i.e. created by the in kernel path manager - are included into the subflow list before starting the 3whs. A racing rec

  • CVE-2024-53119Dec 2, 2024
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Fix accept_queue memory leak As the final stages of socket destruction may be delayed, it is possible that virtio_transport_recv_listen() will be called after the accept_queue has been flushed, bu

  • CVE-2024-53113Dec 2, 2024
    affected < 5.14.0-503.31.1.el9_5fixed 5.14.0-503.31.1.el9_5

    In the Linux kernel, the following vulnerability has been resolved: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof We triggered a NULL pointer dereference for ac.preferred_zoneref->zone in alloc_pages_bulk_noprof() when the task is migrated between cpusets. When c

  • CVE-2024-53104KEVDec 2, 2024
    affected < 5.14.0-503.23.2.el9_5fixed 5.14.0-503.23.2.el9_5

    In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the fra

  • CVE-2023-52922Nov 28, 2024
    affected < 5.14.0-503.31.1.el9_5fixed 5.14.0-503.31.1.el9_5

    In the Linux kernel, the following vulnerability has been resolved: can: bcm: Fix UAF in bcm_proc_show() BUG: KASAN: slab-use-after-free in bcm_proc_show+0x969/0xa80 Read of size 8 at addr ffff888155846230 by task cat/7862 CPU: 1 PID: 7862 Comm: cat Not tainted 6.5.0-rc1-00153

  • CVE-2024-53090Nov 21, 2024
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: afs: Fix lock recursion afs_wake_up_async_call() can incur lock recursion. The problem is that it is called from AF_RXRPC whilst holding the ->notify_lock, but it tries to take a ref on the afs_call struct in

  • CVE-2024-53088Nov 19, 2024
    affected < 4.18.0-553.34.1.el8_10fixed 4.18.0-553.34.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN filters becoming corrupted and leaking. Address the issue that occurs under hea

  • CVE-2024-53064Nov 19, 2024
    affected < 4.18.0-553.58.1.el8_10fixed 4.18.0-553.58.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpf_vc_core_init error path In an event where the platform running the device control plane is rebooted, reset is detected on the driver. It releases all the resources and waits for the reset to comp

  • CVE-2024-53052Nov 19, 2024
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: fix missing NOWAIT check for O_DIRECT start write When io_uring starts a write, it'll call kiocb_start_write() to bump the super block rwsem, preventing any freezes from happening while that write

Page 20 of 59