VYPR

rpm package

almalinux/kernel-rt-64k-debug-modules

pkg:rpm/almalinux/kernel-rt-64k-debug-modules

Vulnerabilities (355)

  • CVE-2025-38568Aug 19, 2025
    affected < 5.14.0-611.27.1.el9_7fixed 5.14.0-611.27.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing TCA_MQPRIO_TC_ENTRY_INDEX is validated using NLA_POLICY_MAX(NLA_U32, TC_QOPT_MAX_QUEUE), which allows the value TC_QOPT_MAX_QUEUE (16). This

  • CVE-2025-38566Aug 19, 2025
    affected < 5.14.0-570.55.1.el9_6fixed 5.14.0-570.55.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix handling of server side tls alerts Scott Mayhew discovered a security exploit in NFS over TLS in tls_alert_recv() due to its assumption it can read data from the msg iterator's kvec.. kTLS implemen

  • CVE-2025-38556Aug 19, 2025
    affected < 5.14.0-570.52.1.el9_6fixed 5.14.0-570.52.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: HID: core: Harden s32ton() against conversion to 0 bits Testing by the syzbot fuzzer showed that the HID core gets a shift-out-of-bounds exception when it tries to convert a 32-bit quantity to a 0-bit quantity.

  • CVE-2025-38550Aug 16, 2025
    affected < 5.14.0-570.44.1.el9_6fixed 5.14.0-570.44.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: Delay put pmc->idev in mld_del_delrec() pmc->idev is still used in ip6_mc_clear_src(), so as mld_clear_delrec() does, the reference should be put after ip6_mc_clear_src() return.

  • CVE-2025-38527Aug 16, 2025
    affected < 5.14.0-570.49.1.el9_6fixed 5.14.0-570.49.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifs_oplock_break A race condition can occur in cifs_oplock_break() leading to a use-after-free of the cinode structure when unmounting: cifs_oplock_break() _cifsFileIn

  • CVE-2025-38500Aug 12, 2025
    affected < 5.14.0-570.39.1.el9_6fixed 5.14.0-570.39.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collect_md xfrm interface collect_md property on xfrm interfaces can only be set on device creation, thus xfrmi_changelink() should fail when called on such in

  • CVE-2025-38499MedAug 11, 2025
    affected < 5.14.0-611.16.1.el9_7fixed 5.14.0-611.16.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns What we want is to verify there is that clone won't expose something hidden by a mount we wouldn't be able to undo. "Wouldn't be

  • CVE-2025-38498MedJul 30, 2025
    affected < 5.14.0-570.46.1.el9_6fixed 5.14.0-570.46.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts Ensure that propagation settings can only be changed for mounts located in the caller's mount namespace. This change aligns permission checking w

  • CVE-2025-38471HigJul 28, 2025
    affected < 5.14.0-570.35.1.el9_6fixed 5.14.0-570.35.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compacts skbs much more aggressively. This unearthed a bug in TLS where we may try to operate on an old skb when checking if

  • CVE-2025-38468MedJul 28, 2025
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree htb_lookup_leaf has a BUG_ON that can trigger with the following: tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb default

  • CVE-2025-38472Jul 28, 2025
    affected < 5.14.0-570.49.1.el9_6fixed 5.14.0-570.49.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry A crash in conntrack was reported while trying to unlink the conntrack entry from the hash bucket list: [exception RIP: __nf_ct_delet

  • CVE-2025-38464Jul 25, 2025
    affected < 5.14.0-570.39.1.el9_6fixed 5.14.0-570.39.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipc_conn_close(). syzbot reported a null-ptr-deref in tipc_conn_close() during netns dismantle. [0] tipc_topsrv_stop() iterates tipc_net(net)->topsrv->conn_idr and calls tipc_conn_

  • CVE-2025-38461Jul 25, 2025
    affected < 5.14.0-570.39.1.el9_6fixed 5.14.0-570.39.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport_* TOCTOU Transport assignment may race with module unload. Protect new_transport from becoming a stale pointer. This also takes care of an insecure call in vsock_use_local_transport(); add

  • CVE-2025-38459Jul 25, 2025
    affected < 5.14.0-611.30.1.el9_7fixed 5.14.0-611.30.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix infinite recursive call of clip_push(). syzbot reported the splat below. [0] This happens if we call ioctl(ATMARP_MKIP) more than once. During the first call, clip_mkip() sets clip_push() to vc

  • CVE-2025-38453Jul 25, 2025
    affected < 6.12.0-124.31.1.el10_1fixed 6.12.0-124.31.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: io_uring/msg_ring: ensure io_kiocb freeing is deferred for RCU syzbot reports that defer/local task_work adding via msg_ring can hit a request that has been freed: CPU: 1 UID: 0 PID: 19356 Comm: iou-wrk-19354

  • CVE-2025-38449Jul 25, 2025
    affected < 5.14.0-570.42.2.el9_6fixed 5.14.0-570.42.2.el9_6

    In the Linux kernel, the following vulnerability has been resolved: drm/gem: Acquire references on GEM handles for framebuffers A GEM handle can be released while the GEM buffer object is attached to a DRM framebuffer. This leads to the release of the dma-buf backing the buffer

  • CVE-2025-38417Jul 25, 2025
    affected < 5.14.0-570.37.1.el9_6fixed 5.14.0-570.37.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: ice: fix eswitch code memory leak in reset scenario Add simple eswitch mode checker in attaching VF procedure and allocate required port representor memory structures only in switchdev mode. The reset flows tri

  • CVE-2025-38415Jul 25, 2025
    affected < 5.14.0-611.30.1.el9_7fixed 5.14.0-611.30.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: Squashfs: check return result of sb_min_blocksize Syzkaller reports an "UBSAN: shift-out-of-bounds in squashfs_bio_read" bug. Syzkaller forks multiple processes which after mounting the Squashfs filesystem, is

  • CVE-2025-38412Jul 25, 2025
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks After retrieving WMI data blocks in sysfs callbacks, check for the validity of them before dereferencing their content.

  • CVE-2025-38403Jul 25, 2025
    affected < 5.14.0-611.30.1.el9_7fixed 5.14.0-611.30.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: Clear the vmci transport packet properly when initializing it In vmci_transport_packet_init memset the vmci_transport_packet before populating the fields to avoid any uninitialised data being left i

Page 6 of 18