VYPR

rpm package

almalinux/kernel-zfcpdump-core

pkg:rpm/almalinux/kernel-zfcpdump-core

Vulnerabilities (1,110)

  • CVE-2026-46333HigMay 15, 2026
    affected < 4.18.0-553.125.1.el8_10fixed 4.18.0-553.125.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when y

  • CVE-2026-46300impMay 13, 2026
    affected < 4.18.0-553.125.1.el8_10fixed 4.18.0-553.125.1.el8_10

    kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel

  • CVE-2026-43284HigMay 8, 2026
    affected < 4.18.0-553.124.1.el8_10fixed 4.18.0-553.124.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths th

  • CVE-2026-31431HigKEVApr 22, 2026
    affected < 5.14.0-611.54.1.el9_7fixed 5.14.0-611.54.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the so

  • CVE-2026-31419HigApr 13, 2026
    affected < 6.12.0-124.55.1.el10_1fixed 6.12.0-124.55.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-free in bond_xmit_broadcast() bond_xmit_broadcast() reuses the original skb for the last slave (determined by bond_is_last_slave()) and clones it for others. Concurrent slave enslave

  • CVE-2026-31402CriApr 3, 2026
    affected < 5.14.0-611.54.1.el9_7fixed 5.14.0-611.54.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay cache uses a fixed 112-byte inline buffer (rp_ibuf[NFSD4_REPLAY_ISIZE]) to store encoded operation responses. This size was calculated bas

  • CVE-2026-23401MedApr 1, 2026
    affected < 4.18.0-553.123.1.el8_10fixed 4.18.0-553.123.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an emulated MMIO SPTE, do so *after* dropping/zapping the existing SPTE (if it's shadow-present). While commit a54aa

  • CVE-2026-23270HigMar 18, 2026
    affected < 5.14.0-611.54.1.el9_7fixed 5.14.0-611.54.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks As Paolo said earlier [1]: "Since the blamed commit below, classify can return TC_ACT_CONSUMED while the current skb being held b

  • CVE-2025-71238Mar 4, 2026
    affected < 6.12.0-124.47.1.el10_1fixed 6.12.0-124.47.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix bsg_done() causing double free Kernel panic observed on system, [5353358.825191] BUG: unable to handle page fault for address: ff5f5e897b024000 [5353358.825194] #PF: supervisor write access

  • CVE-2026-23231HigMar 4, 2026
    affected < 6.12.0-124.47.1.el10_1fixed 6.12.0-124.47.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix use-after-free in nf_tables_addchain() nf_tables_addchain() publishes the chain to table->chains via list_add_tail_rcu() (in nft_chain_add()) before registering hooks. If nf_tables_reg

  • CVE-2026-23210MedFeb 14, 2026
    affected < 5.14.0-611.47.1.el9_7fixed 5.14.0-611.47.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: ice: Fix PTP NULL pointer dereference during VSI rebuild Fix race condition where PTP periodic work runs while VSI is being rebuilt, accessing NULL vsi->rx_rings. The sequence was: 1. ice_ptp_prepare_for_reset

  • CVE-2026-23209HigFeb 14, 2026
    affected < 4.18.0-553.115.1.el8_10fixed 4.18.0-553.115.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlan_common_newlink() valis provided a nice repro to crash the kernel: ip link add p1 type veth peer p2 ip link set address 00:00:00:00:00:20 dev p1 ip link set up dev p1 ip l

  • CVE-2026-23204HigFeb 14, 2026
    affected < 4.18.0-553.115.1.el8_10fixed 4.18.0-553.115.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_u32: use skb_header_pointer_careful() skb_header_pointer() does not fully validate negative @offset values. Use skb_header_pointer_careful() instead. GangMin Kim provided a report and a repro f

  • CVE-2026-23193HigFeb 14, 2026
    affected < 5.14.0-611.45.1.el9_7fixed 5.14.0-611.45.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() In iscsit_dec_session_usage_count(), the function calls complete() while holding the sess->session_usage_lock. Similar to the connecti

  • CVE-2026-23191HigFeb 14, 2026
    affected < 5.14.0-611.45.1.el9_7fixed 5.14.0-611.45.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of aloop driver tries to check the PCM state and stop the stream of the tied substream in the corresponding cable. Since both check and stop

  • CVE-2026-23171HigFeb 14, 2026
    affected < 5.14.0-611.45.1.el9_7fixed 5.14.0-611.45.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: bonding: fix use-after-free due to enslave fail after slave array update Fix a use-after-free which happens due to enslave failure after the new slave has been added to the array. Since the new slave can be use

  • CVE-2026-23136HigFeb 14, 2026
    affected < 5.14.0-611.54.1.el9_7fixed 5.14.0-611.54.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: libceph: reset sparse-read state in osd_fault() When a fault occurs, the connection is abandoned, reestablished, and any pending operations are retried. The OSD client tracks the progress of a sparse-read reply

  • CVE-2026-23156Feb 14, 2026
    affected < 6.12.0-124.43.1.el10_1fixed 6.12.0-124.43.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: efivarfs: fix error propagation in efivar_entry_get() efivar_entry_get() always returns success even if the underlying __efivar_entry_get() fails, masking errors. This may result in uninitialized heap memory b

  • CVE-2026-23144Feb 14, 2026
    affected < 5.14.0-611.45.1.el9_7fixed 5.14.0-611.45.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure When a context DAMON sysfs directory setup is failed after setup of attrs/ directory, subdirectories of attrs/ directory are not cleaned up. A

  • CVE-2026-23111HigFeb 13, 2026
    affected < 5.14.0-611.47.1.el9_7fixed 5.14.0-611.47.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() nft_map_catchall_activate() has an inverted element activity check compared to its non-catchall counterpart nft_mapelem_activate()

Page 1 of 56