VYPR

rpm package

almalinux/kernel-rt-kvm

pkg:rpm/almalinux/kernel-rt-kvm

Vulnerabilities (523)

  • CVE-2025-21887Mar 27, 2025
    affected < 5.14.0-570.25.1.el9_6fixed 5.14.0-570.25.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up The issue was caused by dput(upper) being called before ovl_dentry_update_reval(), while upper->d_flags was still accessed in ovl_dentry_r

  • CVE-2025-21883Mar 27, 2025
    affected < 5.14.0-570.23.1.el9_6fixed 5.14.0-570.23.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: ice: Fix deinitializing VF in error path If ice_ena_vfs() fails after calling ice_create_vf_entries(), it frees all VFs without removing them from snapshot PF-VF mailbox list, leading to list corruption. Repro

  • CVE-2025-21867Mar 27, 2025
    affected < 5.14.0-570.35.1.el9_6fixed 5.14.0-570.35.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() KMSAN reported a use-after-free issue in eth_skb_pkt_type()[1]. The cause of the issue was that eth_skb_pkt_type() accessed skb's data that didn't c

  • CVE-2024-58069Mar 6, 2025
    affected < 5.14.0-570.16.1.el9_6fixed 5.14.0-570.16.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read The nvmem interface supports variable buffer sizes, while the regmap interface operates with fixed-size storage. If an nvmem client uses a buffer si

  • CVE-2025-21764HigFeb 27, 2025
    affected < 5.14.0-570.19.1.el9_6fixed 5.14.0-570.19.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be called without RTNL or RCU being held. Add RCU protection to avoid possible UAF.

  • CVE-2025-21756HigFeb 27, 2025
    affected < 5.14.0-570.17.1.el9_6fixed 5.14.0-570.17.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind() and those implicitly bound through autobind during connect(). Prevents socket un

  • CVE-2024-58005MedFeb 27, 2025
    affected < 5.14.0-570.16.1.el9_6fixed 5.14.0-570.16.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: tpm: Change to kvalloc() in eventlog/acpi.c The following failure was reported on HPE ProLiant D320: [ 10.693310][ T1] tpm_tis STM0925:00: 2.0 TPM (device-id 0x3, rev-id 0) [ 10.848132][ T1] --------

  • CVE-2025-21759Feb 27, 2025
    affected < 5.14.0-570.25.1.el9_6fixed 5.14.0-570.25.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6_send() igmp6_send() can be called without RTNL or RCU being held. Extend RCU protection so that we can safely fetch the net pointer and avoid a potential UAF. Note

  • CVE-2025-21727HigFeb 27, 2025
    affected < 5.14.0-570.32.1.el9_6fixed 5.14.0-570.32.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: padata: fix UAF in padata_reorder A bug was found when run ltp test: BUG: KASAN: slab-use-after-free in padata_find_next+0x29/0x1a0 Read of size 4 at addr ffff88bbfe003524 by task kworker/u113:2/3039206 CPU:

  • CVE-2024-58007Feb 27, 2025
    affected < 5.14.0-570.16.1.el9_6fixed 5.14.0-570.16.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: soc: qcom: socinfo: Avoid out of bounds read of serial number On MSM8916 devices, the serial number exposed in sysfs is constant and does not change across individual devices. It's always: db410c:/sys/device

  • CVE-2024-58002Feb 27, 2025
    affected < 5.14.0-570.28.1.el9_6fixed 5.14.0-570.28.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove dangling pointers When an async control is written, we copy a pointer to the file handle that started the operation. That pointer will be used when the device is done. Which could be any

  • CVE-2024-57980Feb 27, 2025
    affected < 5.14.0-570.30.1.el9_6fixed 5.14.0-570.30.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix double free in error path If the uvc_status_init() function fails to allocate the int_urb, it will free the dev->status pointer but doesn't reset the pointer to NULL. This results in the kf

  • CVE-2024-53197KEVDec 27, 2024
    affected < 5.14.0-503.31.1.el9_5fixed 5.14.0-503.31.1.el9_5

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usb_get_configuration for allocating

  • CVE-2022-21505Dec 24, 2024
    affected < 5.14.0-284.11.1.rt14.296.el9_2fixed 5.14.0-284.11.1.rt14.296.el9_2

    In the linux kernel, if IMA appraisal is used with the "ima_appraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "ima_appraise=log" from the boot param when Secure Boot is enabled, but this

  • CVE-2024-53150KEVDec 24, 2024
    affected < 5.14.0-503.38.1.el9_5fixed 5.14.0-503.38.1.el9_5

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of each descriptor at traversing for clock descriptors. That is, when a device provid

  • CVE-2024-53113Dec 2, 2024
    affected < 5.14.0-503.31.1.el9_5fixed 5.14.0-503.31.1.el9_5

    In the Linux kernel, the following vulnerability has been resolved: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof We triggered a NULL pointer dereference for ac.preferred_zoneref->zone in alloc_pages_bulk_noprof() when the task is migrated between cpusets. When c

  • CVE-2023-52922Nov 28, 2024
    affected < 5.14.0-503.31.1.el9_5fixed 5.14.0-503.31.1.el9_5

    In the Linux kernel, the following vulnerability has been resolved: can: bcm: Fix UAF in bcm_proc_show() BUG: KASAN: slab-use-after-free in bcm_proc_show+0x969/0xa80 Read of size 8 at addr ffff888155846230 by task cat/7862 CPU: 1 PID: 7862 Comm: cat Not tainted 6.5.0-rc1-00153

  • CVE-2024-50302MedKEVNov 19, 2024
    affected < 5.14.0-503.31.1.el9_5fixed 5.14.0-503.31.1.el9_5

    In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak k

  • CVE-2024-50301HigNov 19, 2024
    affected < 5.14.0-570.51.1.el9_6fixed 5.14.0-570.51.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: security/keys: fix slab-out-of-bounds in key_task_permission KASAN reports an out of bounds read: BUG: KASAN: slab-out-of-bounds in __kuid_val include/linux/uidgid.h:36 BUG: KASAN: slab-out-of-bounds in uid_eq

  • CVE-2024-50264Nov 19, 2024
    affected < 5.14.0-503.31.1.el9_5fixed 5.14.0-503.31.1.el9_5

    In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans During loopback communication, a dangling pointer can be created in vsk->trans, potentially leading to a Use-After-Free condition. T

Page 6 of 27