VYPR

rpm package

almalinux/kernel-zfcpdump-modules-extra

pkg:rpm/almalinux/kernel-zfcpdump-modules-extra

Vulnerabilities (1,218)

  • CVE-2025-22097HigApr 16, 2025
    affected < 4.18.0-553.70.1.el8_10fixed 4.18.0-553.70.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkms_exit() function might access an uninitialized or freed default_config pointer and it might double free it.

  • CVE-2025-22091MedApr 16, 2025
    affected < 5.14.0-570.30.1.el9_6fixed 5.14.0-570.30.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix page_size variable overflow Change all variables storing mlx5_umem_mkc_find_best_pgsz() result to unsigned long to support values larger than 31 and avoid overflow. For example: If we try to reg

  • CVE-2025-22085HigApr 16, 2025
    affected < 5.14.0-570.30.1.el9_6fixed 5.14.0-570.30.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix use-after-free when rename device name Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG: KASAN: slab-us

  • CVE-2025-22068HigApr 16, 2025
    affected < 6.12.0-124.16.1.el10_1fixed 6.12.0-124.16.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: ublk: make sure ubq->canceling is set when queue is frozen Now ublk driver depends on `ubq->canceling` for deciding if the request can be dispatched via uring_cmd & io_uring_cmd_complete_in_task(). Once ubq->c

  • CVE-2025-22058MedApr 16, 2025
    affected < 5.14.0-570.37.1.el9_6fixed 5.14.0-570.37.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: udp: Fix memory accounting leak. Matt Dowling reported a weird UDP memory usage issue. Under normal operation, the UDP memory usage reported in /proc/net/sockstat remains close to zero. However, it occasional

  • CVE-2025-22056HigApr 16, 2025
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_tunnel: fix geneve_opt type confusion addition When handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the parsing logic should place every geneve_opt structure one by one compactly. Hence

  • CVE-2025-22055MedApr 16, 2025
    affected < 5.14.0-570.21.1.el9_6fixed 5.14.0-570.21.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: net: fix geneve_opt length integer overflow struct geneve_opt uses 5 bit length for each single option, which means every vary size option should be smaller than 128 bytes. However, all current related Netlink

  • CVE-2025-22026MedApr 16, 2025
    affected < 4.18.0-553.77.1.el8_10fixed 4.18.0-553.77.1.el8_10

    In the Linux kernel, the following vulnerability has been resolved: nfsd: don't ignore the return code of svc_proc_register() Currently, nfsd_proc_stat_init() ignores the return value of svc_proc_register(). If the procfile creation fails, then the kernel will WARN when it trie

  • CVE-2023-53034HigApr 16, 2025
    affected < 5.14.0-611.34.1.el9_7fixed 5.14.0-611.34.1.el9_7

    In the Linux kernel, the following vulnerability has been resolved: ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans There is a kernel API ntb_mw_clear_trans() would pass 0 to both addr and size. This would make xlate_pos negative. [ 23.734156] switcht

  • CVE-2025-22020HigApr 16, 2025
    affected < 5.14.0-570.32.1.el9_6fixed 5.14.0-570.32.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free in rt

  • CVE-2025-22004HigApr 3, 2025
    affected < 5.14.0-570.25.1.el9_6fixed 5.14.0-570.25.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send() The ->send() operation frees skb so save the length before calling ->send() to avoid a use after free.

  • CVE-2025-21999HigApr 3, 2025
    affected < 5.14.0-570.22.1.el9_6fixed 5.14.0-570.22.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde->proc_ops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc

  • CVE-2025-21997MedApr 3, 2025
    affected < 5.14.0-570.21.1.el9_6fixed 5.14.0-570.21.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: xsk: fix an integer overflow in xp_create_and_assign_umem() Since the i and pool->chunk_size variables are of type 'u32', their product can wrap around and then be cast to 'u64'. This can lead to two different

  • CVE-2025-21993HigApr 2, 2025
    affected < 5.14.0-570.16.1.el9_6fixed 5.14.0-570.16.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() When performing an iSCSI boot using IPv6, iscsistart still reads the /sys/firmware/ibft/ethernetX/subnet-mask entry. Since the IPv6 pref

  • CVE-2025-21991HigApr 2, 2025
    affected < 5.14.0-570.26.1.el9_6fixed 5.14.0-570.26.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes Currently, load_microcode_amd() iterates over all NUMA nodes, retrieves their CPU masks and unconditionally accesses per-CPU data for the

  • CVE-2025-21979HigApr 1, 2025
    affected < 5.14.0-570.22.1.el9_6fixed 5.14.0-570.22.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel wiphy_work before freeing wiphy A wiphy_work can be queued from the moment the wiphy is allocated and initialized (i.e. wiphy_new_nm). When a wiphy_work is queued, the rdev::wiphy_work is

  • CVE-2025-21976MedApr 1, 2025
    affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1

    In the Linux kernel, the following vulnerability has been resolved: fbdev: hyperv_fb: Allow graceful removal of framebuffer When a Hyper-V framebuffer device is unbind, hyperv_fb driver tries to release the framebuffer forcefully. If this framebuffer is in use it produce the fo

  • CVE-2025-21969HigApr 1, 2025
    affected < 5.14.0-570.22.1.el9_6fixed 5.14.0-570.22.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd After the hci sync command releases l2cap_conn, the hci receive data work queue references the released l2cap_conn when sending to the upper laye

  • CVE-2025-21966HigApr 1, 2025
    affected < 5.14.0-570.17.1.el9_6fixed 5.14.0-570.17.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature Fix memory corruption due to incorrect parameter being passed to bio_init

  • CVE-2025-21964MedApr 1, 2025
    affected < 5.14.0-570.18.1.el9_6fixed 5.14.0-570.18.1.el9_6

    In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acregmax mount option User-provided mount parameter acregmax of type u32 is intended to have an upper limit, but before it is validated, the value is converted from s

Page 17 of 61