VYPR

rpm package

almalinux/kernel-modules

pkg:rpm/almalinux/kernel-modules

Vulnerabilities (1,228)

  • CVE-2025-21993Apr 2, 2025
    affected < 5.14.0-570.16.1.el9_6fixed 5.14.0-570.16.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() When performing an iSCSI boot using IPv6, iscsistart still reads the /sys/firmware/ibft/ethernetX/subnet-mask entry. Since the IPv6 pref

  • CVE-2025-21991Apr 2, 2025
    affected < 5.14.0-570.26.1.el9_6fixed 5.14.0-570.26.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes Currently, load_microcode_amd() iterates over all NUMA nodes, retrieves their CPU masks and unconditionally accesses per-CPU data for the

  • CVE-2025-21979HigApr 1, 2025
    affected < 5.14.0-570.22.1.el9_6fixed 5.14.0-570.22.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel wiphy_work before freeing wiphy A wiphy_work can be queued from the moment the wiphy is allocated and initialized (i.e. wiphy_new_nm). When a wiphy_work is queued, the rdev::wiphy_work is

  • CVE-2025-21976Apr 1, 2025
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: fbdev: hyperv_fb: Allow graceful removal of framebuffer When a Hyper-V framebuffer device is unbind, hyperv_fb driver tries to release the framebuffer forcefully. If this framebuffer is in use it produce the fo

  • CVE-2025-21969Apr 1, 2025
    affected < 5.14.0-570.22.1.el9_6fixed 5.14.0-570.22.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd After the hci sync command releases l2cap_conn, the hci receive data work queue references the released l2cap_conn when sending to the upper laye

  • CVE-2025-21966Apr 1, 2025
    affected < 5.14.0-570.17.1.el9_6fixed 5.14.0-570.17.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature Fix memory corruption due to incorrect parameter being passed to bio_init

  • CVE-2025-21964Apr 1, 2025
    affected < 5.14.0-570.18.1.el9_6fixed 5.14.0-570.18.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acregmax mount option User-provided mount parameter acregmax of type u32 is intended to have an upper limit, but before it is validated, the value is converted from s

  • CVE-2025-21963Apr 1, 2025
    affected < 5.14.0-570.22.1.el9_6fixed 5.14.0-570.22.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acdirmax mount option User-provided mount parameter acdirmax of type u32 is intended to have an upper limit, but before it is validated, the value is converted from s

  • CVE-2025-21962Apr 1, 2025
    affected < 5.14.0-570.32.1.el9_6fixed 5.14.0-570.32.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing closetimeo mount option User-provided mount parameter closetimeo of type u32 is intended to have an upper limit, but before it is validated, the value is converted fr

  • CVE-2025-21961Apr 1, 2025
    affected < 5.14.0-570.22.1.el9_6fixed 5.14.0-570.22.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: fix truesize for mb-xdp-pass case When mb-xdp is set and return is XDP_PASS, packet is converted from xdp_buff to sk_buff with xdp_update_skb_shared_info() in bnxt_xdp_build_skb(). bnxt_xdp_build_skb

  • CVE-2025-21929Apr 1, 2025
    affected < 5.14.0-570.32.1.el9_6fixed 5.14.0-570.32.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in hid_ishtp_cl_remove() During the `rmmod` operation for the `intel_ishtp_hid` driver, a use-after-free issue can occur in the hid_ishtp_cl_remove() function. The f

  • CVE-2025-21928Apr 1, 2025
    affected < 5.14.0-570.32.1.el9_6fixed 5.14.0-570.32.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() The system can experience a random crash a few minutes after the driver is removed. This issue occurs due to improper handling of memory freein

  • CVE-2025-21927Apr 1, 2025
    affected < 5.14.0-570.16.1.el9_6fixed 5.14.0-570.16.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() nvme_tcp_recv_pdu() doesn't check the validity of the header length. When header digests are enabled, a target might send a packet with an invali

  • CVE-2025-21926Apr 1, 2025
    affected < 5.14.0-570.21.1.el9_6fixed 5.14.0-570.21.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in __udp_gso_segment In __udp_gso_segment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later or

  • CVE-2025-21920Apr 1, 2025
    affected < 5.14.0-570.21.1.el9_6fixed 5.14.0-570.21.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type Currently, VLAN devices can be created on top of non-ethernet devices. Besides the fact that it doesn't make much sense, this also causes a bug which leaks the address of a

  • CVE-2025-21919Apr 1, 2025
    affected < 4.18.0-553.64.1.el8_10fixed 4.18.0-553.64.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list child_cfs_rq_on_list attempts to convert a 'prev' pointer to a cfs_rq. This 'prev' pointer can originate from struct rq's leaf_cfs_rq_list, ma

  • CVE-2025-21905Apr 1, 2025
    affected < 4.18.0-553.64.1.el8_10fixed 4.18.0-553.64.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is always with a NUL-termination, so reading the string may read beyond the end of the TLV. If that's the last TLV in the

  • CVE-2023-52933Mar 27, 2025
    affected < 5.14.0-570.24.1.el9_6fixed 5.14.0-570.24.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix handling and sanity checking of xattr_ids count A Sysbot [1] corrupted filesystem exposes two flaws in the handling and sanity checking of the xattr_ids count in the filesystem. Both of these fla

  • CVE-2025-21887Mar 27, 2025
    affected < 5.14.0-570.25.1.el9_6fixed 5.14.0-570.25.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up The issue was caused by dput(upper) being called before ovl_dentry_update_reval(), while upper->d_flags was still accessed in ovl_dentry_r

  • CVE-2025-21883Mar 27, 2025
    affected < 5.14.0-570.23.1.el9_6fixed 5.14.0-570.23.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: ice: Fix deinitializing VF in error path If ice_ena_vfs() fails after calling ice_create_vf_entries(), it frees all VFs without removing them from snapshot PF-VF mailbox list, leading to list corruption. Repro

Page 16 of 62