VYPR

rpm package

almalinux/kernel-rt-kvm

pkg:rpm/almalinux/kernel-rt-kvm

Vulnerabilities (523)

  • CVE-2023-53125May 2, 2025
    affected < 5.14.0-570.46.1.el9_6fixed 5.14.0-570.46.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb->len Packet length retrieved from skb data may be larger than the actual socket buffer length (up to 9026 bytes). In such case the cloned skb passed up the network

  • CVE-2025-37797May 2, 2025
    affected < 5.14.0-570.30.1.el9_6fixed 5.14.0-570.30.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfsc

  • CVE-2022-49846May 1, 2025
    affected < 5.14.0-570.25.1.el9_6fixed 5.14.0-570.25.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: udf: Fix a slab-out-of-bounds write bug in udf_find_entry() Syzbot reported a slab-out-of-bounds Write bug: loop0: detected capacity change from 0 to 2048 ======================================================

  • CVE-2022-49788May 1, 2025
    affected < 5.14.0-570.32.1.el9_6fixed 5.14.0-570.32.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() `struct vmci_event_qp` allocated by qp_notify_peer() contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN

  • CVE-2025-37750May 1, 2025
    affected < 5.14.0-570.22.1.el9_6fixed 5.14.0-570.22.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in decryption with multichannel After commit f7025d861694 ("smb: client: allocate crypto only for primary server") and commit b0abcd65ec54 ("smb: client: fix UAF in async decryption"), the

  • CVE-2025-37749May 1, 2025
    affected < 5.14.0-570.17.1.el9_6fixed 5.14.0-570.17.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: net: ppp: Add bound checking for skb data on ppp_sync_txmung Ensure we have enough data in linear buffer from skb before accessing initial bytes. This prevents potential out-of-bounds accesses when processing s

  • CVE-2025-37738May 1, 2025
    affected < 5.14.0-570.23.1.el9_6fixed 5.14.0-570.23.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: ext4: ignore xattrs past end Once inside 'ext4_xattr_inode_dec_ref_all' we should ignore xattrs entries past the 'end' entry. This fixes the following KASAN reported issue: ===================================

  • CVE-2025-23150May 1, 2025
    affected < 5.14.0-570.23.1.el9_6fixed 5.14.0-570.23.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error in do_split Syzkaller detected a use-after-free issue in ext4_insert_dentry that was caused by out-of-bounds access due to incorrect splitting in do_split. BUG: KASAN: use-after-free

  • CVE-2025-37785Apr 18, 2025
    affected < 5.14.0-570.21.1.el9_6fixed 5.14.0-570.21.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem with directory which contains '.' dir entry with rec_len == block size results in out-of-bounds read (later on, when the corrupted dir

  • CVE-2025-22026MedApr 16, 2025
    affected < 5.14.0-570.55.1.el9_6fixed 5.14.0-570.55.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: nfsd: don't ignore the return code of svc_proc_register() Currently, nfsd_proc_stat_init() ignores the return value of svc_proc_register(). If the procfile creation fails, then the kernel will WARN when it trie

  • CVE-2025-22126Apr 16, 2025
    affected < 5.14.0-570.22.1.el9_6fixed 5.14.0-570.22.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: md: fix mddev uaf while iterating all_mddevs list While iterating all_mddevs list from md_notify_reboot() and md_exit(), list_for_each_entry_safe is used, and this can race with deletint the next mddev, causing

  • CVE-2025-22121Apr 16, 2025
    affected < 5.14.0-570.30.1.el9_6fixed 5.14.0-570.30.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() There's issue as follows: BUG: KASAN: use-after-free in ext4_xattr_inode_dec_ref_all+0x6ff/0x790 Read of size 4 at addr ffff88807b003000 by task syz

  • CVE-2025-22113Apr 16, 2025
    affected < 5.14.0-570.30.1.el9_6fixed 5.14.0-570.30.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: ext4: avoid journaling sb update on error if journal is destroying Presently we always BUG_ON if trying to start a transaction on a journal marked with JBD2_UNMOUNT, since this should never happen. However, whi

  • CVE-2025-22104Apr 16, 2025
    affected < 5.14.0-570.23.1.el9_6fixed 5.14.0-570.23.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Use kernel helpers for hex dumps Previously, when the driver was printing hex dumps, the buffer was cast to an 8 byte long and printed using string formatters. If the buffer size was not a multiple of

  • CVE-2025-22097Apr 16, 2025
    affected < 5.14.0-570.42.2.el9_6fixed 5.14.0-570.42.2.el9_6

    In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkms_exit() function might access an uninitialized or freed default_config pointer and it might double free it.

  • CVE-2025-22091Apr 16, 2025
    affected < 5.14.0-570.30.1.el9_6fixed 5.14.0-570.30.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix page_size variable overflow Change all variables storing mlx5_umem_mkc_find_best_pgsz() result to unsigned long to support values larger than 31 and avoid overflow. For example: If we try to reg

  • CVE-2025-22085Apr 16, 2025
    affected < 5.14.0-570.30.1.el9_6fixed 5.14.0-570.30.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix use-after-free when rename device name Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG: KASAN: slab-us

  • CVE-2025-22058Apr 16, 2025
    affected < 5.14.0-570.37.1.el9_6fixed 5.14.0-570.37.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: udp: Fix memory accounting leak. Matt Dowling reported a weird UDP memory usage issue. Under normal operation, the UDP memory usage reported in /proc/net/sockstat remains close to zero. However, it occasional

  • CVE-2025-22055Apr 16, 2025
    affected < 5.14.0-570.21.1.el9_6fixed 5.14.0-570.21.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: net: fix geneve_opt length integer overflow struct geneve_opt uses 5 bit length for each single option, which means every vary size option should be smaller than 128 bytes. However, all current related Netlink

  • CVE-2025-22020Apr 16, 2025
    affected < 5.14.0-570.32.1.el9_6fixed 5.14.0-570.32.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free in rt

Page 4 of 27