VYPR

rpm package

almalinux/kernel-modules-extra-matched

pkg:rpm/almalinux/kernel-modules-extra-matched

Vulnerabilities (270)

  • CVE-2025-38403Jul 25, 2025
    affected < 6.12.0-124.35.1.el10_1fixed 6.12.0-124.35.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: Clear the vmci transport packet properly when initializing it In vmci_transport_packet_init memset the vmci_transport_packet before populating the fields to avoid any uninitialised data being left i

  • CVE-2025-38383Jul 25, 2025
    affected < 6.12.0-124.29.1.el10_1fixed 6.12.0-124.29.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix data race in show_numa_info() The following data-race was found in show_numa_info(): ================================================================== BUG: KCSAN: data-race in vmalloc_info_sho

  • CVE-2025-38369Jul 25, 2025
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using Running IDXD workloads in a container with the /dev directory mounted can trigger a call trace or even a kernel panic wh

  • CVE-2025-38349Jul 18, 2025
    affected < 6.12.0-124.31.1.el10_1fixed 6.12.0-124.31.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: eventpoll: don't decrement ep refcount while still holding the ep mutex Jann Horn points out that epoll is decrementing the ep refcount and then doing a mutex_unlock(&ep->mtx); afterwards. That's very wro

  • CVE-2025-38346Jul 10, 2025
    affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2

    In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix UAF when lookup kallsym after ftrace disabled The following issue happens with a buggy module: BUG: unable to handle page fault for address: ffffffffc05d0218 PGD 1bd66f067 P4D 1bd66f067 PUD 1bd6710

  • CVE-2025-38345Jul 10, 2025
    affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2

    In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi operand cache leak in dswstate.c ACPICA commit 987a3b5cf7175916e2a4b6ea5b8e70f830dfe732 I found an ACPI cache leak in ACPI early termination and boot continuing case. When early termination o

  • CVE-2025-38279Jul 10, 2025
    affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2

    In the Linux kernel, the following vulnerability has been resolved: bpf: Do not include stack ptr register in precision backtracking bookkeeping Yi Lai reported an issue ([1]) where the following warning appears in kernel dmesg: [ 60.643604] verifier backtracking bug [

  • CVE-2025-38275Jul 10, 2025
    affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2

    In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug The qmp_usb_iomap() helper function currently returns the raw result of devm_ioremap() for non-exclusive mappings. Since devm_ioremap() may return a NULL pointer a

  • CVE-2025-38267Jul 10, 2025
    affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2

    In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not trigger WARN_ON() due to a commit_overrun When reading a memory mapped buffer the reader page is just swapped out with the last page written in the write buffer. If the reader page is the sa

  • CVE-2024-36357MedJul 8, 2025
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries.

  • CVE-2024-36350MedJul 8, 2025
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.

  • CVE-2025-38206Jul 4, 2025
    affected < 6.12.0-124.39.1.el10_1fixed 6.12.0-124.39.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: exfat: fix double free in delayed_free The double free could happen in the following path. exfat_create_upcase_table() exfat_create_upcase_table() : return error exfat_free_upcase_table() : fre

  • CVE-2025-38202Jul 4, 2025
    affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2

    In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() bpf_map_lookup_percpu_elem() helper is also available for sleepable bpf program. When BPF JIT is disabled or under 32-bit host, bpf_map_look

  • CVE-2025-38172Jul 3, 2025
    affected < 6.12.0-124.38.1.el10_1fixed 6.12.0-124.38.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: erofs: avoid using multiple devices with different type For multiple devices, both primary and extra devices should be the same type. `erofs_init_device` has already guaranteed that if the primary is a file-bac

  • CVE-2025-38166Jul 3, 2025
    affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2

    In the Linux kernel, the following vulnerability has been resolved: bpf: fix ktls panic with sockmap [ 2172.936997] ------------[ cut here ]------------ [ 2172.936999] kernel BUG at lib/iov_iter.c:629! ...... [ 2172.944996] PKRU: 55555554 [ 2172.945155] Call Trace: [ 2172.94529

  • CVE-2025-38141Jul 3, 2025
    affected < 6.12.0-124.43.1.el10_1fixed 6.12.0-124.43.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: dm: fix dm_blk_report_zones If dm_get_live_table() returned NULL, dm_put_live_table() was never called. Also, it is possible that md->zone_revalidate_map will change while calling this function. Only read it on

  • CVE-2025-38116Jul 3, 2025
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix uaf in ath12k_core_init() When the execution of ath12k_core_hw_group_assign() or ath12k_core_hw_group_create() fails, the registered notifier chain is not unregistered properly. Its memory is

  • CVE-2025-38109Jul 3, 2025
    affected < 6.12.0-124.49.1.el10_1fixed 6.12.0-124.49.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix ECVF vports unload on shutdown flow Fix shutdown flow UAF when a virtual function is created on the embedded chip (ECVF) of a BlueField device. In such case the vport acl ingress table is not prop

  • CVE-2025-38106Jul 3, 2025
    affected < 6.12.0-124.43.1.el10_1fixed 6.12.0-124.43.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: io_uring: fix use-after-free of sq->thread in __io_uring_show_fdinfo() syzbot reports: BUG: KASAN: slab-use-after-free in getrusage+0x1109/0x1a60 Read of size 8 at addr ffff88810de2d2c8 by task a.out/304 CPU:

  • CVE-2025-38097Jul 3, 2025
    affected < 6.12.0-211.7.1.el10_2fixed 6.12.0-211.7.1.el10_2

    In the Linux kernel, the following vulnerability has been resolved: espintcp: remove encap socket caching to avoid reference leak The current scheme for caching the encap socket can lead to reference leaks when we try to delete the netns. The reference chain is: xfrm_state ->

Page 9 of 14