VYPR

rpm package

almalinux/kernel-rt-kvm

pkg:rpm/almalinux/kernel-rt-kvm

Vulnerabilities (523)

  • CVE-2021-47385May 21, 2024
    affected < 4.18.0-553.22.1.rt7.363.el8_10fixed 4.18.0-553.22.1.rt7.363.el8_10

    In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field If driver read val value sufficient for (val & 0x08) && (!(val & 0x80)) && ((val & 0x7) == ((val >> 4) & 0x7)) from device t

  • CVE-2021-47384May 21, 2024
    affected < 4.18.0-553.22.1.rt7.363.el8_10fixed 4.18.0-553.22.1.rt7.363.el8_10

    In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field If driver read tmp value sufficient for (tmp & 0x08) && (!(tmp & 0x80)) && ((tmp & 0x7) == ((tmp >> 4) & 0x7)) from device th

  • CVE-2021-47383May 21, 2024
    affected < 4.18.0-553.22.1.rt7.363.el8_10fixed 4.18.0-553.22.1.rt7.363.el8_10

    In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit This issue happens when a userspace program does an ioctl FBIOPUT_VSCREENINFO passing the fb_var_screeninfo struct containing only the fields xres, yres, and bi

  • CVE-2021-47356May 21, 2024
    affected < 4.18.0-553.8.1.rt7.349.el8_10fixed 4.18.0-553.8.1.rt7.349.el8_10

    In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible use-after-free in HFC_cleanup() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may stil

  • CVE-2021-47353May 21, 2024
    affected < 4.18.0-553.8.1.rt7.349.el8_10fixed 4.18.0-553.8.1.rt7.349.el8_10

    In the Linux kernel, the following vulnerability has been resolved: udf: Fix NULL pointer dereference in udf_symlink function In function udf_symlink, epos.bh is assigned with the value returned by udf_tgetblk. The function udf_tgetblk is defined in udf/misc.c and returns the v

  • CVE-2021-47352May 21, 2024
    affected < 4.18.0-553.22.1.rt7.363.el8_10fixed 4.18.0-553.22.1.rt7.363.el8_10

    In the Linux kernel, the following vulnerability has been resolved: virtio-net: Add validation for used length This adds validation for used length (might come from an untrusted device) to avoid data corruption or loss.

  • CVE-2021-47338May 21, 2024
    affected < 4.18.0-553.22.1.rt7.363.el8_10fixed 4.18.0-553.22.1.rt7.363.el8_10

    In the Linux kernel, the following vulnerability has been resolved: fbmem: Do not delete the mode that is still in use The execution of fb_delete_videomode() is not based on the result of the previous fbcon_mode_deleted(). As a result, the mode is directly deleted, regardless o

  • CVE-2021-47321May 21, 2024
    affected < 4.18.0-553.22.1.rt7.363.el8_10fixed 4.18.0-553.22.1.rt7.363.el8_10

    In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free by calling del_timer_sync() This driver's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer ha

  • CVE-2021-47311May 21, 2024
    affected < 4.18.0-553.8.1.rt7.349.el8_10fixed 4.18.0-553.8.1.rt7.349.el8_10

    In the Linux kernel, the following vulnerability has been resolved: net: qcom/emac: fix UAF in emac_remove adpt is netdev private data and it cannot be used after free_netdev() call. Using adpt after free_netdev() can cause UAF bug. Fix it by moving free_netdev() at the end of

  • CVE-2021-47310May 21, 2024
    affected < 4.18.0-553.8.1.rt7.349.el8_10fixed 4.18.0-553.8.1.rt7.349.el8_10

    In the Linux kernel, the following vulnerability has been resolved: net: ti: fix UAF in tlan_remove_one priv is netdev private data and it cannot be used after free_netdev() call. Using priv after free_netdev() can cause UAF bug. Fix it by moving free_netdev() at the end of the

  • CVE-2021-47289May 21, 2024
    affected < 4.18.0-553.22.1.rt7.363.el8_10fixed 4.18.0-553.22.1.rt7.363.el8_10

    In the Linux kernel, the following vulnerability has been resolved: ACPI: fix NULL pointer dereference Commit 71f642833284 ("ACPI: utils: Fix reference counting in for_each_acpi_dev_match()") started doing "acpi_dev_put()" on a pointer that was possibly NULL. That fails misera

  • CVE-2021-47287May 21, 2024
    affected < 4.18.0-553.22.1.rt7.363.el8_10fixed 4.18.0-553.22.1.rt7.363.el8_10

    In the Linux kernel, the following vulnerability has been resolved: driver core: auxiliary bus: Fix memory leak when driver_register() fail If driver_register() returns with error we need to free the memory allocated for auxdrv->driver.name before returning from __auxiliary_dri

  • CVE-2021-47284May 21, 2024
    affected < 4.18.0-553.16.1.rt7.357.el8_10fixed 4.18.0-553.16.1.rt7.357.el8_10

    In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: netjet: Fix crash in nj_probe: 'nj_setup' in netjet.c might fail with -EIO and in this case 'card->irq' is initialized and is bigger than zero. A subsequent call to 'nj_release' will free the irq t

  • CVE-2021-47257May 21, 2024
    affected < 4.18.0-553.16.1.rt7.357.el8_10fixed 4.18.0-553.16.1.rt7.357.el8_10

    In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: fix null deref in parse dev addr Fix a logic error that could result in a null deref if the user sets the mode incorrectly for the given addr type.

  • CVE-2021-47236May 21, 2024
    affected < 4.18.0-553.8.1.rt7.349.el8_10fixed 4.18.0-553.8.1.rt7.349.el8_10

    In the Linux kernel, the following vulnerability has been resolved: net: cdc_eem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eem_tx_fixup(), if skb_copy_expand() failed, it return NULL, usbnet_start_xmit() will have no chance to free original skb. fix it

  • CVE-2024-36007MedMay 20, 2024
    affected < 4.18.0-553.8.1.rt7.349.el8_10fixed 4.18.0-553.8.1.rt7.349.el8_10

    In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix warning during rehash As previously explained, the rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks (all the filters with

  • CVE-2024-36006MedMay 20, 2024
    affected < 4.18.0-553.16.1.rt7.357.el8_10fixed 4.18.0-553.16.1.rt7.357.el8_10

    In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage Both the function that migrates all the chunks within a region and the function that migrates all the entries within a chunk call list_first_entry() on the

  • CVE-2024-36005MedMay 20, 2024
    affected < 4.18.0-553.16.1.rt7.357.el8_10fixed 4.18.0-553.16.1.rt7.357.el8_10

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: honor table dormant flag from netdev release event path Check for table dormant flag otherwise netdev release event path tries to unregister an already unregistered hook. [524854.857999]

  • CVE-2024-36004MedMay 20, 2024
    affected < 4.18.0-553.8.1.rt7.349.el8_10fixed 4.18.0-553.8.1.rt7.349.el8_10

    In the Linux kernel, the following vulnerability has been resolved: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue Issue reported by customer during SRIOV testing, call trace: When both i40e and the i40iw driver are loaded, a warning in check_flush_dependency is being trigg

  • CVE-2024-35960CriMay 20, 2024
    affected < 4.18.0-553.8.1.rt7.349.el8_10fixed 4.18.0-553.8.1.rt7.349.el8_10

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Properly link new fs rules into the tree Previously, add_rule_fg would only add newly created rules from the handle into the tree when they had a refcount of 1. On the other hand, create_flow_handle t

Page 13 of 27