VYPR

rpm package

almalinux/kernel-debug-modules

pkg:rpm/almalinux/kernel-debug-modules

Vulnerabilities (1,256)

  • CVE-2024-57998Feb 27, 2025
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: OPP: add index check to assert to avoid buffer overflow in _read_freq() Pass the freq index to the assert function to make sure we do not read a freq out of the opp->rates[] table when called from the indexed v

  • CVE-2024-57995Feb 27, 2025
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev() In ath12k_mac_assign_vif_to_vdev(), if arvif is created on a different radio, it gets deleted from that radio through a call to ath12

  • CVE-2024-57993Feb 27, 2025
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check syzbot has found a type mismatch between a USB pipe and the transfer endpoint, which is triggered by the hid-thrustmaster driver

  • CVE-2024-57990Feb 27, 2025
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: fix off by one in mt7925_load_clc() This comparison should be >= instead of > to prevent an out of bounds read and write.

  • CVE-2024-57989Feb 27, 2025
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: fix NULL deref check in mt7925_change_vif_links In mt7925_change_vif_links() devm_kzalloc() may return NULL but this returned value is not checked.

  • CVE-2024-57988Feb 27, 2025
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btbcm: Fix NULL deref in btbcm_get_board_name() devm_kstrdup() can return a NULL pointer on failure,but this returned value in btbcm_get_board_name() is not checked. Add NULL check in btbcm_get_board

  • CVE-2024-57987Feb 27, 2025
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: check for NULL in btrtl_setup_realtek() If insert an USB dongle which chip is not maintained in ic_id_table, it will hit the NULL point accessed. Add a null point check to avoid the Kernel Oop

  • CVE-2024-57984Feb 27, 2025
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: i3c: dw: Fix use-after-free in dw_i3c_master driver due to race condition In dw_i3c_common_probe, &master->hj_work is bound with dw_i3c_hj_work. And dw_i3c_master_irq_handler can call dw_i3c_master_irq_handle_i

  • CVE-2024-57980Feb 27, 2025
    affected < 4.18.0-553.62.1.el8_10fixed 4.18.0-553.62.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix double free in error path If the uvc_status_init() function fails to allocate the int_urb, it will free the dev->status pointer but doesn't reset the pointer to NULL. This results in the kf

  • CVE-2022-49672Feb 26, 2025
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: net: tun: unlink NAPI from device on destruction Syzbot found a race between tun file and device destruction. NAPIs live in struct tun_file which can get destroyed before the netdev so we have to del them expli

  • CVE-2022-49670Feb 26, 2025
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: linux/dim: Fix divide by 0 in RDMA DIM Fix a divide 0 error in rdma_dim_stats_compare() when prev->cpe_ratio == 0. CallTrace: Hardware name: H3C R4900 G3/RS33M2C9S, BIOS 2.00.37P21 03/12/2020 task: ffff880

  • CVE-2022-49657Feb 26, 2025
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: usbnet: fix memory leak in error case usbnet_write_cmd_async() mixed up which buffers need to be freed in which error case. v2: add Fixes tag v3: fix uninitialized buf pointer

  • CVE-2022-49648Feb 26, 2025
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Fix memory leak problem This reverts commit 46bbe5c671e06f070428b9be142cc4ee5cedebac. As commit 46bbe5c671e0 ("tracing: fix double free") said, the "double free" problem reported by clang s

  • CVE-2022-49643Feb 26, 2025
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: ima: Fix a potential integer overflow in ima_appraise_measurement When the ima-modsig is enabled, the rc passed to evm_verifyxattr() may be negative, which may cause the integer overflow problem.

  • CVE-2022-49627Feb 26, 2025
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: ima: Fix potential memory leak in ima_init_crypto() On failure to allocate the SHA1 tfm, IMA fails to initialize and exits without freeing the ima_algo_array. Add the missing kfree() for ima_algo_array to avoid

  • CVE-2022-49623Feb 26, 2025
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: powerpc/xive/spapr: correct bitmap allocation size kasan detects access beyond the end of the xibm->bitmap allocation: BUG: KASAN: slab-out-of-bounds in _find_first_zero_bit+0x40/0x140 Read of size 8 at addr c

  • CVE-2022-49443Feb 26, 2025
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: list: fix a data-race around ep->rdllist ep_poll() first calls ep_events_available() with no lock held and checks if ep->rdllist is empty by list_empty_careful(), which reads rdllist->prev. Thus all accesses t

  • CVE-2022-49437Feb 26, 2025
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: powerpc/xive: Fix refcount leak in xive_spapr_init of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid ref

  • CVE-2022-49432Feb 26, 2025
    affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: powerpc/xics: fix refcount leak in icp_opal_init() The of_find_compatible_node() function returns a node pointer with refcount incremented, use of_node_put() on it when done.

  • CVE-2022-49395Feb 26, 2025
    affected < 4.18.0-553.56.1.el8_10fixed 4.18.0-553.56.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: um: Fix out-of-bounds read in LDT setup syscall_stub_data() expects the data_count parameter to be the number of longs, not bytes. ================================================================== BUG: KASA

Page 22 of 63