rpm package

almalinux/kernel-zfcpdump

pkg:rpm/almalinux/kernel-zfcpdump

Vulnerabilities (1,110)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2022-49985		—	< 4.18.0-553.74.1.el8_10	4.18.0-553.74.1.el8_10	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnum_range on array range checking for poke descriptors Hsin-Wei reported a KASAN splat triggered by their BPF runtime fuzzer which is based on a customized syzkaller: BUG: KASAN: slab-out-of-
CVE-2022-49977		—	< 4.18.0-553.64.1.el8_10	4.18.0-553.64.1.el8_10	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead ftrace_startup does not remove ops from ftrace_ops_list when ftrace_startup_enable fails: register_ftrace_function ftrace_star
CVE-2025-38079	Hig	7.8	< 4.18.0-553.66.1.el8_10	4.18.0-553.66.1.el8_10	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is called on socket type algif_hash with MSG_MORE flag set and crypto_ahash_import fails, sk2 is freed. However, it is also freed in af_alg_relea
CVE-2025-38052		—	< 5.14.0-570.32.1.el9_6	5.14.0-570.32.1.el9_6	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG:
CVE-2025-38051		—	< 4.18.0-553.94.1.el8_10	4.18.0-553.94.1.el8_10	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free in cifs_fill_dirent There is a race condition in the readdir concurrency process, which may access the rsp buffer after it has been released, triggering the following KASAN warni
CVE-2025-38024		—	< 4.18.0-553.100.1.el8_10	4.18.0-553.100.1.el8_10	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x7d/0xa0 lib/dump_stack.c:120 print_address_description mm/kasan/
CVE-2025-38022		—	< 4.18.0-553.100.1.el8_10	4.18.0-553.100.1.el8_10	Jun 18, 2025	In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120 print_address_description
CVE-2025-37994		—	< 6.12.0-124.8.1.el10_1	6.12.0-124.8.1.el10_1	May 29, 2025	In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Fix NULL pointer access This patch ensures that the UCSI driver waits for all pending tasks in the ucsi_displayport_work workqueue to finish executing before proceeding with the p
CVE-2025-37958		—	< 5.14.0-570.30.1.el9_6	5.14.0-570.30.1.el9_6	May 20, 2025	In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: fix dereferencing invalid pmd migration entry When migrating a THP, concurrent access to the PMD migration entry during a deferred split scan can lead to an invalid address access, as illustrate
CVE-2025-37943		—	< 5.14.0-570.21.1.el9_6	5.14.0-570.21.1.el9_6	May 20, 2025	In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi In certain cases, hardware might provide packets with a length greater than the maximum native Wi-Fi header length. This can lead to accessi
CVE-2025-37914		—	< 4.18.0-553.70.1.el8_10	4.18.0-553.70.1.el8_10	May 20, 2025	In the Linux kernel, the following vulnerability has been resolved: net_sched: ets: Fix double list add in class with netem as child qdisc As described in Gerrard's report [1], there are use cases where a netem child qdisc will make the parent qdisc's enqueue callback reentrant
CVE-2025-37890		—	< 5.14.0-570.32.1.el9_6	5.14.0-570.32.1.el9_6	May 16, 2025	In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfs
CVE-2024-28956	Med	5.6	< 5.14.0-570.35.1.el9_6	5.14.0-570.35.1.el9_6	May 13, 2025	Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2025-37823		—	< 5.14.0-570.39.1.el9_6	5.14.0-570.39.1.el9_6	May 8, 2025	In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too Similarly to the previous patch, we need to safe guard hfsc_dequeue() too. But for this one, we don't have a reliable reproducer.
CVE-2025-37819		—	< 6.12.0-124.31.1.el10_1	6.12.0-124.31.1.el10_1	May 8, 2025	In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() With ACPI in place, gicv2m_get_fwnode() is registered with the pci subsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtime during a
CVE-2025-37810		—	< 5.14.0-570.46.1.el9_6	5.14.0-570.46.1.el9_6	May 8, 2025	In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is read from register DWC3_GEVNTCOUNT. There is a check for the count being zero, but not for exceeding the event bu
CVE-2025-37803		—	< 5.14.0-570.41.1.el9_6	5.14.0-570.41.1.el9_6	May 8, 2025	In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix a buf size overflow issue during udmabuf creation by casting size_limit_mb to u64 when calculate pglimit.
CVE-2025-37799		—	< 5.14.0-570.25.1.el9_6	5.14.0-570.25.1.el9_6	May 3, 2025	In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp vmxnet3 driver's XDP handling is buggy for packet sizes using ring0 (that is, packet sizes between 128 - 3k bytes). We noticed MTU-related connectivi
CVE-2023-53125		—	< 4.18.0-553.75.1.el8_10	4.18.0-553.75.1.el8_10	May 2, 2025	In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb->len Packet length retrieved from skb data may be larger than the actual socket buffer length (up to 9026 bytes). In such case the cloned skb passed up the network
CVE-2025-37797		—	< 5.14.0-570.30.1.el9_6	5.14.0-570.30.1.el9_6	May 2, 2025	In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfsc

CVE-2022-49985Jun 18, 2025
affected < 4.18.0-553.74.1.el8_10fixed 4.18.0-553.74.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnum_range on array range checking for poke descriptors Hsin-Wei reported a KASAN splat triggered by their BPF runtime fuzzer which is based on a customized syzkaller: BUG: KASAN: slab-out-of-
CVE-2022-49977Jun 18, 2025
affected < 4.18.0-553.64.1.el8_10fixed 4.18.0-553.64.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead ftrace_startup does not remove ops from ftrace_ops_list when ftrace_startup_enable fails: register_ftrace_function ftrace_star
CVE-2025-38079HigJun 18, 2025
affected < 4.18.0-553.66.1.el8_10fixed 4.18.0-553.66.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is called on socket type algif_hash with MSG_MORE flag set and crypto_ahash_import fails, sk2 is freed. However, it is also freed in af_alg_relea
CVE-2025-38052Jun 18, 2025
affected < 5.14.0-570.32.1.el9_6fixed 5.14.0-570.32.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done Syzbot reported a slab-use-after-free with the following call trace: ================================================================== BUG:
CVE-2025-38051Jun 18, 2025
affected < 4.18.0-553.94.1.el8_10fixed 4.18.0-553.94.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free in cifs_fill_dirent There is a race condition in the readdir concurrency process, which may access the rsp buffer after it has been released, triggering the following KASAN warni
CVE-2025-38024Jun 18, 2025
affected < 4.18.0-553.100.1.el8_10fixed 4.18.0-553.100.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x7d/0xa0 lib/dump_stack.c:120 print_address_description mm/kasan/
CVE-2025-38022Jun 18, 2025
affected < 4.18.0-553.100.1.el8_10fixed 4.18.0-553.100.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120 print_address_description
CVE-2025-37994May 29, 2025
affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Fix NULL pointer access This patch ensures that the UCSI driver waits for all pending tasks in the ucsi_displayport_work workqueue to finish executing before proceeding with the p
CVE-2025-37958May 20, 2025
affected < 5.14.0-570.30.1.el9_6fixed 5.14.0-570.30.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: fix dereferencing invalid pmd migration entry When migrating a THP, concurrent access to the PMD migration entry during a deferred split scan can lead to an invalid address access, as illustrate
CVE-2025-37943May 20, 2025
affected < 5.14.0-570.21.1.el9_6fixed 5.14.0-570.21.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi In certain cases, hardware might provide packets with a length greater than the maximum native Wi-Fi header length. This can lead to accessi
CVE-2025-37914May 20, 2025
affected < 4.18.0-553.70.1.el8_10fixed 4.18.0-553.70.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: net_sched: ets: Fix double list add in class with netem as child qdisc As described in Gerrard's report [1], there are use cases where a netem child qdisc will make the parent qdisc's enqueue callback reentrant
CVE-2025-37890May 16, 2025
affected < 5.14.0-570.32.1.el9_6fixed 5.14.0-570.32.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfs
CVE-2024-28956MedMay 13, 2025
affected < 5.14.0-570.35.1.el9_6fixed 5.14.0-570.35.1.el9_6
Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2025-37823May 8, 2025
affected < 5.14.0-570.39.1.el9_6fixed 5.14.0-570.39.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too Similarly to the previous patch, we need to safe guard hfsc_dequeue() too. But for this one, we don't have a reliable reproducer.
CVE-2025-37819May 8, 2025
affected < 6.12.0-124.31.1.el10_1fixed 6.12.0-124.31.1.el10_1
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() With ACPI in place, gicv2m_get_fwnode() is registered with the pci subsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtime during a
CVE-2025-37810May 8, 2025
affected < 5.14.0-570.46.1.el9_6fixed 5.14.0-570.46.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is read from register DWC3_GEVNTCOUNT. There is a check for the count being zero, but not for exceeding the event bu
CVE-2025-37803May 8, 2025
affected < 5.14.0-570.41.1.el9_6fixed 5.14.0-570.41.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix a buf size overflow issue during udmabuf creation by casting size_limit_mb to u64 when calculate pglimit.
CVE-2025-37799May 3, 2025
affected < 5.14.0-570.25.1.el9_6fixed 5.14.0-570.25.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp vmxnet3 driver's XDP handling is buggy for packet sizes using ring0 (that is, packet sizes between 128 - 3k bytes). We noticed MTU-related connectivi
CVE-2023-53125May 2, 2025
affected < 4.18.0-553.75.1.el8_10fixed 4.18.0-553.75.1.el8_10
In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb->len Packet length retrieved from skb data may be larger than the actual socket buffer length (up to 9026 bytes). In such case the cloned skb passed up the network
CVE-2025-37797May 2, 2025
affected < 5.14.0-570.30.1.el9_6fixed 5.14.0-570.30.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfsc

Page 10 of 56