VYPR

rpm package

almalinux/kernel-rt-debug-modules-core

pkg:rpm/almalinux/kernel-rt-debug-modules-core

Vulnerabilities (831)

  • CVE-2024-26643MedMar 21, 2024
    affected < 5.14.0-427.18.1.el9_4fixed 5.14.0-427.18.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it

  • CVE-2024-26642MedMar 21, 2024
    affected < 5.14.0-427.18.1.el9_4fixed 5.14.0-427.18.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets are never used with timeout from userspace, reject this. Exception to this rule is NFT_SET_EVAL to ensure legacy meters still work.

  • CVE-2023-52620LowMar 21, 2024
    affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow timeout for anonymous sets Never used from userspace, disallow these parameters.

  • CVE-2024-26640Mar 18, 2024
    affected < 5.14.0-427.42.1.el9_4fixed 5.14.0-427.42.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity checks to rx zerocopy TCP rx zerocopy intent is to map pages initially allocated from NIC drivers, not pages owned by a fs. This patch adds to can_map_frag() these additional checks: - Page mu

  • CVE-2024-26633Mar 18, 2024
    affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() syzbot pointed out [1] that NEXTHDR_FRAGMENT handling is broken. Reading frag_off can only be done if we pulled enough bytes to skb->hea

  • CVE-2023-52610Mar 18, 2024
    affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: fix skb leak and crash on ooo frags act_ct adds skb->users before defragmentation. If frags arrive in order, the last frag's reference is reset in: inet_frag_reasm_prepare skb_morph w

  • CVE-2023-28746MedMar 14, 2024
    affected < 5.14.0-427.40.1.el9_4fixed 5.14.0-427.40.1.el9_4

    Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2024-26630Mar 13, 2024
    affected < 5.14.0-427.35.1.el9_4fixed 5.14.0-427.35.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: mm: cachestat: fix folio read-after-free in cache walk In cachestat, we access the folio from the page cache's xarray to compute its page offset, and check for its dirty and writeback flags. However, we do not

  • CVE-2024-26629MedMar 13, 2024
    affected < 5.14.0-427.35.1.el9_4fixed 5.14.0-427.35.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: nfsd: fix RELEASE_LOCKOWNER The test on so_count in nfsd4_release_lockowner() is nonsense and harmful. Revert to using check_for_locks(), changing that to not sleep. First: harmful. As is documented in the kd

  • CVE-2023-52581Mar 2, 2024
    affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix memleak when more than 255 elements expired When more than 255 elements expired we're supposed to switch to a new gc container structure. This never happens: u8 type will wrap before

  • CVE-2023-52580Mar 2, 2024
    affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: net/core: Fix ETH_P_1588 flow dissector When a PTP ethernet raw frame with a size of more than 256 bytes followed by a 0xff pattern is sent to __skb_flow_dissect, nhoff value calculation is wrong. For example:

  • CVE-2023-52578Mar 2, 2024
    affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: net: bridge: use DEV_STATS_INC() syzbot/KCSAN reported data-races in br_handle_frame_finish() [1] This function can run from multiple cpus without mutual exclusion. Adopt SMP safe DEV_STATS_INC() to update dev

  • CVE-2023-52574Mar 2, 2024
    affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: team: fix null-ptr-deref when team device type is changed Get a null-ptr-deref bug as follows with reproducer [1]. BUG: kernel NULL pointer dereference, address: 0000000000000228 ... RIP: 0010:vlan_dev_hard_he

  • CVE-2023-52529Mar 2, 2024
    affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: HID: sony: Fix a potential memory leak in sony_probe() If an error occurs after a successful usb_alloc_urb() call, usb_free_urb() should be called.

  • CVE-2023-52522Mar 2, 2024
    affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: net: fix possible store tearing in neigh_periodic_work() While looking at a related syzbot report involving neigh_periodic_work(), I found that I forgot to add an annotation when deleting an RCU protected item

  • CVE-2022-48627Mar 2, 2024
    affected < 5.14.0-427.26.1.el9_4fixed 5.14.0-427.26.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer A memory overlapping copy occurs when deleting a long line. This memory overlapping copy can cause data corruption when scr_memcpyw is optimized to m

  • CVE-2024-26615Feb 29, 2024
    affected < 5.14.0-503.16.1.el9_5fixed 5.14.0-503.16.1.el9_5

    In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmb_desc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smc_run nginx smc_run wrk -t 1

  • CVE-2023-52490Feb 29, 2024
    affected < 5.14.0-503.26.1.el9_5fixed 5.14.0-503.26.1.el9_5

    In the Linux kernel, the following vulnerability has been resolved: mm: migrate: fix getting incorrect page mapping during page migration When running stress-ng testing, we found below kernel crash after a few hours: Unable to handle kernel NULL pointer dereference at virtual

  • CVE-2023-52489Feb 29, 2024
    affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memory_section->usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that [ZONE_NORMA

  • CVE-2023-52476Feb 29, 2024
    affected < 5.14.0-427.13.1.el9_4fixed 5.14.0-427.13.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: perf/x86/lbr: Filter vsyscall addresses We found that a panic can occur when a vsyscall is made while LBR sampling is active. If the vsyscall is interrupted (NMI) for perf sampling, this call sequence can occur

Page 36 of 42