VYPR

rpm package

almalinux/kernel-tools-libs-devel

pkg:rpm/almalinux/kernel-tools-libs-devel

Vulnerabilities (1,303)

  • CVE-2022-48754Jun 20, 2024
    affected < 4.18.0-553.22.1.el8_10fixed 4.18.0-553.22.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: phylib: fix potential use-after-free Commit bafbdd527d56 ("phylib: Add device reset GPIO support") added call to phy_device_reset(phydev) after the put_device() call in phy_detach(). The comment before the put

  • CVE-2022-48743Jun 20, 2024
    affected < 5.14.0-427.28.1.el9_4fixed 5.14.0-427.28.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: net: amd-xgbe: Fix skb data length underflow There will be BUG_ON() triggered in include/linux/skbuff.h leading to intermittent kernel panic, when the skb length underflow is detected. Fix this by dropping the

  • CVE-2024-38619MedJun 20, 2024
    affected < 5.14.0-427.35.1.el9_4fixed 5.14.0-427.35.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member "uzonesize" of struct alauda_info will remain 0 if alauda_init_media() fails, potentially causing divide errors in alauda_read_data() and a

  • CVE-2021-47609Jun 19, 2024
    affected < 4.18.0-553.22.1.el8_10fixed 4.18.0-553.22.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Fix string overflow in SCPI genpd driver Without the bound checks for scpi_pd->name, it could result in the buffer overflow when copying the SCPI device name from the corresponding device tr

  • CVE-2021-47606Jun 19, 2024
    affected < 5.14.0-427.31.1.el9_4fixed 5.14.0-427.31.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: net: netlink: af_netlink: Prevent empty skb by adding a check on len. Adding a check on len parameter to avoid empty skb. This prevents a division error in netem_enqueue function which is caused when skb->len=0

  • CVE-2021-47596Jun 19, 2024
    affected < 5.14.0-427.26.1.el9_4fixed 5.14.0-427.26.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg Currently, the hns3_remove function firstly uninstall client instance, and then uninstall acceletion engine device. The netdevice is freed in client ins

  • CVE-2021-47582Jun 19, 2024
    affected < 4.18.0-553.22.1.el8_10fixed 4.18.0-553.22.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: USB: core: Make do_proc_control() and do_proc_bulk() killable The USBDEVFS_CONTROL and USBDEVFS_BULK ioctls invoke usb_start_wait_urb(), which contains an uninterruptible wait with a user-specified timeout valu

  • CVE-2021-47579Jun 19, 2024
    affected < 4.18.0-553.16.1.el8_10fixed 4.18.0-553.16.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovl_create_real() Syzbot triggered the following warning in ovl_workdir_create() -> ovl_create_real(): if (!err && WARN_ON(!newdentry->d_inode)) { The reason is that the cgroup2 filesyste

  • CVE-2024-38615MedJun 19, 2024
    affected < 5.14.0-427.37.1.el9_4fixed 5.14.0-427.37.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: cpufreq: exit() callback is optional The exit() callback is optional and shouldn't be called without checking a valid pointer first. Also, we must clear freq_table pointer even if the exit() callback isn't pre

  • CVE-2024-38596MedJun 19, 2024
    affected < 4.18.0-553.16.1.el8_10fixed 4.18.0-553.16.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg A data-race condition has been identified in af_unix. In one data path, the write function unix_release_sock() atomically writes to sk->sk_shutdo

  • CVE-2024-38579MedJun 19, 2024
    affected < 5.14.0-427.33.1.el9_4fixed 5.14.0-427.33.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - Fix pointer arithmetic In spu2_dump_omd() value of ptr is increased by ciph_key_len instead of hash_iv_len which could lead to going beyond the buffer boundaries. Fix this bug by changing ciph_key

  • CVE-2024-38559MedJun 19, 2024
    affected < 5.14.0-427.35.1.el9_4fixed 5.14.0-427.35.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Ensure the copied buf is NUL terminated Currently, we allocate a count-sized kernel buffer and copy count from userspace to that buffer. Later, we use kstrtouint on this buffer but we don't ensure t

  • CVE-2024-38558MedJun 19, 2024
    affected < 5.14.0-427.31.1.el9_4fixed 5.14.0-427.31.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix overwriting ct original tuple for ICMPv6 OVS_PACKET_CMD_EXECUTE has 3 main attributes: - OVS_PACKET_ATTR_KEY - Packet metadata in a netlink format. - OVS_PACKET_ATTR_PACKET - Binary pack

  • CVE-2024-38608Jun 19, 2024
    affected < 5.14.0-427.33.1.el9_4fixed 5.14.0-427.33.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix netif state handling mlx5e_suspend cleans resources only if netif_device_present() returns true. However, mlx5e_resume changes the state of netif, via mlx5e_nic_enable, only if reg_state == NETRE

  • CVE-2024-38601Jun 19, 2024
    affected < 5.14.0-427.37.1.el9_4fixed 5.14.0-427.37.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rb_get_reader_page() swaps a new reader page into the ring buffer by doing cmpxchg on old->list.prev->next to point it to the new pag

  • CVE-2024-38593Jun 19, 2024
    affected < 5.14.0-427.26.1.el9_4fixed 5.14.0-427.26.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: net: micrel: Fix receiving the timestamp in the frame for lan8841 The blamed commit started to use the ptp workqueue to get the second part of the timestamp. And when the port was set down, then this workqueue

  • CVE-2024-38586Jun 19, 2024
    affected < 5.14.0-427.26.1.el9_4fixed 5.14.0-427.26.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring b

  • CVE-2024-38581Jun 19, 2024
    affected < 4.18.0-553.22.1.el8_10fixed 4.18.0-553.22.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/mes: fix use-after-free issue Delete fence fallback timer to fix the ramdom use-after-free issue. v2: move to amdgpu_mes.c

  • CVE-2024-38580Jun 19, 2024
    affected < 5.14.0-427.28.1.el9_4fixed 5.14.0-427.28.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: epoll: be better about file lifetimes epoll can call out to vfs_poll() with a file pointer that may race with the last 'fput()'. That would make f_count go down to zero, and while the ep->mtx locking means that

  • CVE-2024-38575Jun 19, 2024
    affected < 5.14.0-427.31.1.el9_4fixed 5.14.0-427.31.1.el9_4

    In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: pcie: handle randbuf allocation failure The kzalloc() in brcmf_pcie_download_fw_nvram() will return null if the physical memory has run out. As a result, if we use get_random_bytes() to generate

Page 29 of 66