VYPR

rpm package

almalinux/kernel-doc

pkg:rpm/almalinux/kernel-doc

Vulnerabilities (1,216)

  • CVE-2025-38202Jul 4, 2025
    affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2

    In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() bpf_map_lookup_percpu_elem() helper is also available for sleepable bpf program. When BPF JIT is disabled or under 32-bit host, bpf_map_look

  • CVE-2025-38200Jul 4, 2025
    affected < 4.18.0-553.71.1.el8_10fixed 4.18.0-553.71.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: i40e: fix MMIO write access to an invalid page in i40e_clear_hw When the device sends a specific input, an integer underflow can occur, leading to MMIO write access to an invalid page. Prevent the integer unde

  • CVE-2025-38180Jul 4, 2025
    affected < 4.18.0-553.115.1.el8_10fixed 4.18.0-553.115.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against dev_lec[] changes. It appears it had dev_put() calls without prior dev_hold(), leading to imbalance and UAF.

  • CVE-2025-38124MedJul 3, 2025
    affected < 5.14.0-570.35.1.el9_6fixed 5.14.0-570.35.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: net: fix udp gso skb_segment after pull from frag_list Commit a1e40ac5b5e9 ("net: gso: fix udp gso fraglist segmentation after pull from frag_list") detected invalid geometry in frag_list skbs and redirects the

  • CVE-2025-38172Jul 3, 2025
    affected < 6.12.0-124.38.1.el10_1fixed 6.12.0-124.38.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: erofs: avoid using multiple devices with different type For multiple devices, both primary and extra devices should be the same type. `erofs_init_device` has already guaranteed that if the primary is a file-bac

  • CVE-2025-38166Jul 3, 2025
    affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2

    In the Linux kernel, the following vulnerability has been resolved: bpf: fix ktls panic with sockmap [ 2172.936997] ------------[ cut here ]------------ [ 2172.936999] kernel BUG at lib/iov_iter.c:629! ...... [ 2172.944996] PKRU: 55555554 [ 2172.945155] Call Trace: [ 2172.94529

  • CVE-2025-38159Jul 3, 2025
    affected < 4.18.0-553.69.1.el8_10fixed 4.18.0-553.69.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds Set the size to 6 instead of 2, since 'para' array is passed to 'rtw_fw_bt_wifi_control(rtwdev, para[0], &para[1])', which reads 5 bytes:

  • CVE-2025-38141Jul 3, 2025
    affected < 5.14.0-611.26.1.el9_7fixed 5.14.0-611.26.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: dm: fix dm_blk_report_zones If dm_get_live_table() returned NULL, dm_put_live_table() was never called. Also, it is possible that md->zone_revalidate_map will change while calling this function. Only read it on

  • CVE-2025-38129Jul 3, 2025
    affected < 5.14.0-611.35.1.el9_7fixed 5.14.0-611.35.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: page_pool: Fix use-after-free in page_pool_recycle_in_ring syzbot reported a uaf in page_pool_recycle_in_ring: BUG: KASAN: slab-use-after-free in lock_release+0x151/0xa30 kernel/locking/lockdep.c:5862 Read of

  • CVE-2025-38116Jul 3, 2025
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix uaf in ath12k_core_init() When the execution of ath12k_core_hw_group_assign() or ath12k_core_hw_group_create() fails, the registered notifier chain is not unregistered properly. Its memory is

  • CVE-2025-38110Jul 3, 2025
    affected < 6.12.0-55.24.1.el10_0fixed 6.12.0-55.24.1.el10_0

    In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via C45 (clause 45) mdiobus, t

  • CVE-2025-38109Jul 3, 2025
    affected < 5.14.0-611.47.1.el9_7fixed 5.14.0-611.47.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix ECVF vports unload on shutdown flow Fix shutdown flow UAF when a virtual function is created on the embedded chip (ECVF) of a BlueField device. In such case the vport acl ingress table is not prop

  • CVE-2025-38106Jul 3, 2025
    affected < 5.14.0-611.38.1.el9_7fixed 5.14.0-611.38.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: io_uring: fix use-after-free of sq->thread in __io_uring_show_fdinfo() syzbot reports: BUG: KASAN: slab-use-after-free in getrusage+0x1109/0x1a60 Read of size 8 at addr ffff88810de2d2c8 by task a.out/304 CPU:

  • CVE-2025-38097Jul 3, 2025
    affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2

    In the Linux kernel, the following vulnerability has been resolved: espintcp: remove encap socket caching to avoid reference leak The current scheme for caching the encap socket can lead to reference leaks when we try to delete the netns. The reference chain is: xfrm_state ->

  • CVE-2025-38089Jun 30, 2025
    affected < 5.14.0-570.28.1.el9_6fixed 5.14.0-570.28.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error tianshuo han reported a remotely-triggerable crash if the client sends a kernel RPC server a specially crafted packet. If decoding the RPC rep

  • CVE-2025-38088Jun 30, 2025
    affected < 6.12.0-55.24.1.el10_0fixed 6.12.0-55.24.1.el10_0

    In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap memtrace mmap issue has an out of bounds issue. This patch fixes the by checking that the requested mapping region size should stay within the

  • CVE-2025-38087Jun 30, 2025
    affected < 6.12.0-55.25.1.el10_0fixed 6.12.0-55.25.1.el10_0

    In the Linux kernel, the following vulnerability has been resolved: net/sched: fix use-after-free in taprio_dev_notifier Since taprio’s taprio_dev_notifier() isn’t protected by an RCU read-side critical section, a race with advance_sched() can lead to a use-after-free. Adding

  • CVE-2025-38086Jun 28, 2025
    affected < 4.18.0-553.63.1.el8_10fixed 4.18.0-553.63.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: net: ch9200: fix uninitialised access during mii_nway_restart In mii_nway_restart() the code attempts to call mii->mdio_read which is ch9200_mdio_read(). ch9200_mdio_read() utilises a local buffer called "buff"

  • CVE-2025-38085Jun 28, 2025
    affected < 4.18.0-553.69.1.el8_10fixed 4.18.0-553.69.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race huge_pmd_unshare() drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table us

  • CVE-2025-38084Jun 28, 2025
    affected < 5.14.0-570.35.1.el9_6fixed 5.14.0-570.35.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: unshare page tables during VMA split, not before Currently, __split_vma() triggers hugetlb page table unsharing through vm_ops->may_split(). This happens before the VMA lock and rmap locks are take

Page 12 of 61