rpm package

almalinux/libperf

pkg:rpm/almalinux/libperf

Vulnerabilities (669)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2025-37890		—	< 5.14.0-570.32.1.el9_6	5.14.0-570.32.1.el9_6	May 16, 2025	In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfs
CVE-2024-28956	Med	5.6	< 5.14.0-570.35.1.el9_6	5.14.0-570.35.1.el9_6	May 13, 2025	Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2025-37823		—	< 5.14.0-570.39.1.el9_6	5.14.0-570.39.1.el9_6	May 8, 2025	In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too Similarly to the previous patch, we need to safe guard hfsc_dequeue() too. But for this one, we don't have a reliable reproducer.
CVE-2025-37819		—	< 6.12.0-124.31.1.el10_1	6.12.0-124.31.1.el10_1	May 8, 2025	In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() With ACPI in place, gicv2m_get_fwnode() is registered with the pci subsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtime during a
CVE-2025-37810		—	< 5.14.0-570.46.1.el9_6	5.14.0-570.46.1.el9_6	May 8, 2025	In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is read from register DWC3_GEVNTCOUNT. There is a check for the count being zero, but not for exceeding the event bu
CVE-2025-37803		—	< 5.14.0-570.41.1.el9_6	5.14.0-570.41.1.el9_6	May 8, 2025	In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix a buf size overflow issue during udmabuf creation by casting size_limit_mb to u64 when calculate pglimit.
CVE-2025-37799		—	< 5.14.0-570.25.1.el9_6	5.14.0-570.25.1.el9_6	May 3, 2025	In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp vmxnet3 driver's XDP handling is buggy for packet sizes using ring0 (that is, packet sizes between 128 - 3k bytes). We noticed MTU-related connectivi
CVE-2023-53125		—	< 5.14.0-570.46.1.el9_6	5.14.0-570.46.1.el9_6	May 2, 2025	In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb->len Packet length retrieved from skb data may be larger than the actual socket buffer length (up to 9026 bytes). In such case the cloned skb passed up the network
CVE-2025-37797		—	< 5.14.0-570.30.1.el9_6	5.14.0-570.30.1.el9_6	May 2, 2025	In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfsc
CVE-2022-49846		—	< 5.14.0-570.25.1.el9_6	5.14.0-570.25.1.el9_6	May 1, 2025	In the Linux kernel, the following vulnerability has been resolved: udf: Fix a slab-out-of-bounds write bug in udf_find_entry() Syzbot reported a slab-out-of-bounds Write bug: loop0: detected capacity change from 0 to 2048 ======================================================
CVE-2022-49845		—	< 5.14.0-611.5.1.el9_7	5.14.0-611.5.1.el9_7	May 1, 2025	In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939_send_one(): fix missing CAN header initialization The read access to struct canxl_frame::len inside of a j1939 created skbuff revealed a missing initialization of reserved and later filled ele
CVE-2022-49788		—	< 5.14.0-570.32.1.el9_6	5.14.0-570.32.1.el9_6	May 1, 2025	In the Linux kernel, the following vulnerability has been resolved: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() `struct vmci_event_qp` allocated by qp_notify_peer() contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN
CVE-2025-37789		—	< 5.14.0-611.30.1.el9_7	5.14.0-611.30.1.el9_7	May 1, 2025	In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix nested key length validation in the set() action It's not safe to access nla_len(ovs_key) if the data is smaller than the netlink header. Check that the attribute is OK first.
CVE-2025-37750		—	< 5.14.0-570.22.1.el9_6	5.14.0-570.22.1.el9_6	May 1, 2025	In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in decryption with multichannel After commit f7025d861694 ("smb: client: allocate crypto only for primary server") and commit b0abcd65ec54 ("smb: client: fix UAF in async decryption"), the
CVE-2025-37749		—	< 6.12.0-124.8.1.el10_1	6.12.0-124.8.1.el10_1	May 1, 2025	In the Linux kernel, the following vulnerability has been resolved: net: ppp: Add bound checking for skb data on ppp_sync_txmung Ensure we have enough data in linear buffer from skb before accessing initial bytes. This prevents potential out-of-bounds accesses when processing s
CVE-2025-37738		—	< 5.14.0-570.23.1.el9_6	5.14.0-570.23.1.el9_6	May 1, 2025	In the Linux kernel, the following vulnerability has been resolved: ext4: ignore xattrs past end Once inside 'ext4_xattr_inode_dec_ref_all' we should ignore xattrs entries past the 'end' entry. This fixes the following KASAN reported issue: ===================================
CVE-2025-23150		—	< 5.14.0-570.23.1.el9_6	5.14.0-570.23.1.el9_6	May 1, 2025	In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error in do_split Syzkaller detected a use-after-free issue in ext4_insert_dentry that was caused by out-of-bounds access due to incorrect splitting in do_split. BUG: KASAN: use-after-free
CVE-2025-37785		—	< 5.14.0-570.21.1.el9_6	5.14.0-570.21.1.el9_6	Apr 18, 2025	In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem with directory which contains '.' dir entry with rec_len == block size results in out-of-bounds read (later on, when the corrupted dir
CVE-2025-22026	Med	5.5	< 5.14.0-570.55.1.el9_6	5.14.0-570.55.1.el9_6	Apr 16, 2025	In the Linux kernel, the following vulnerability has been resolved: nfsd: don't ignore the return code of svc_proc_register() Currently, nfsd_proc_stat_init() ignores the return value of svc_proc_register(). If the procfile creation fails, then the kernel will WARN when it trie
CVE-2025-22126		—	< 5.14.0-570.22.1.el9_6	5.14.0-570.22.1.el9_6	Apr 16, 2025	In the Linux kernel, the following vulnerability has been resolved: md: fix mddev uaf while iterating all_mddevs list While iterating all_mddevs list from md_notify_reboot() and md_exit(), list_for_each_entry_safe is used, and this can race with deletint the next mddev, causing

CVE-2025-37890May 16, 2025
affected < 5.14.0-570.32.1.el9_6fixed 5.14.0-570.32.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfs
CVE-2024-28956MedMay 13, 2025
affected < 5.14.0-570.35.1.el9_6fixed 5.14.0-570.35.1.el9_6
Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2025-37823May 8, 2025
affected < 5.14.0-570.39.1.el9_6fixed 5.14.0-570.39.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too Similarly to the previous patch, we need to safe guard hfsc_dequeue() too. But for this one, we don't have a reliable reproducer.
CVE-2025-37819May 8, 2025
affected < 6.12.0-124.31.1.el10_1fixed 6.12.0-124.31.1.el10_1
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() With ACPI in place, gicv2m_get_fwnode() is registered with the pci subsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtime during a
CVE-2025-37810May 8, 2025
affected < 5.14.0-570.46.1.el9_6fixed 5.14.0-570.46.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is read from register DWC3_GEVNTCOUNT. There is a check for the count being zero, but not for exceeding the event bu
CVE-2025-37803May 8, 2025
affected < 5.14.0-570.41.1.el9_6fixed 5.14.0-570.41.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix a buf size overflow issue during udmabuf creation by casting size_limit_mb to u64 when calculate pglimit.
CVE-2025-37799May 3, 2025
affected < 5.14.0-570.25.1.el9_6fixed 5.14.0-570.25.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp vmxnet3 driver's XDP handling is buggy for packet sizes using ring0 (that is, packet sizes between 128 - 3k bytes). We noticed MTU-related connectivi
CVE-2023-53125May 2, 2025
affected < 5.14.0-570.46.1.el9_6fixed 5.14.0-570.46.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb->len Packet length retrieved from skb data may be larger than the actual socket buffer length (up to 9026 bytes). In such case the cloned skb passed up the network
CVE-2025-37797May 2, 2025
affected < 5.14.0-570.30.1.el9_6fixed 5.14.0-570.30.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfsc
CVE-2022-49846May 1, 2025
affected < 5.14.0-570.25.1.el9_6fixed 5.14.0-570.25.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: udf: Fix a slab-out-of-bounds write bug in udf_find_entry() Syzbot reported a slab-out-of-bounds Write bug: loop0: detected capacity change from 0 to 2048 ======================================================
CVE-2022-49845May 1, 2025
affected < 5.14.0-611.5.1.el9_7fixed 5.14.0-611.5.1.el9_7
In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939_send_one(): fix missing CAN header initialization The read access to struct canxl_frame::len inside of a j1939 created skbuff revealed a missing initialization of reserved and later filled ele
CVE-2022-49788May 1, 2025
affected < 5.14.0-570.32.1.el9_6fixed 5.14.0-570.32.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() `struct vmci_event_qp` allocated by qp_notify_peer() contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN
CVE-2025-37789May 1, 2025
affected < 5.14.0-611.30.1.el9_7fixed 5.14.0-611.30.1.el9_7
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix nested key length validation in the set() action It's not safe to access nla_len(ovs_key) if the data is smaller than the netlink header. Check that the attribute is OK first.
CVE-2025-37750May 1, 2025
affected < 5.14.0-570.22.1.el9_6fixed 5.14.0-570.22.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in decryption with multichannel After commit f7025d861694 ("smb: client: allocate crypto only for primary server") and commit b0abcd65ec54 ("smb: client: fix UAF in async decryption"), the
CVE-2025-37749May 1, 2025
affected < 6.12.0-124.8.1.el10_1fixed 6.12.0-124.8.1.el10_1
In the Linux kernel, the following vulnerability has been resolved: net: ppp: Add bound checking for skb data on ppp_sync_txmung Ensure we have enough data in linear buffer from skb before accessing initial bytes. This prevents potential out-of-bounds accesses when processing s
CVE-2025-37738May 1, 2025
affected < 5.14.0-570.23.1.el9_6fixed 5.14.0-570.23.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: ext4: ignore xattrs past end Once inside 'ext4_xattr_inode_dec_ref_all' we should ignore xattrs entries past the 'end' entry. This fixes the following KASAN reported issue: ===================================
CVE-2025-23150May 1, 2025
affected < 5.14.0-570.23.1.el9_6fixed 5.14.0-570.23.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error in do_split Syzkaller detected a use-after-free issue in ext4_insert_dentry that was caused by out-of-bounds access due to incorrect splitting in do_split. BUG: KASAN: use-after-free
CVE-2025-37785Apr 18, 2025
affected < 5.14.0-570.21.1.el9_6fixed 5.14.0-570.21.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem with directory which contains '.' dir entry with rec_len == block size results in out-of-bounds read (later on, when the corrupted dir
CVE-2025-22026MedApr 16, 2025
affected < 5.14.0-570.55.1.el9_6fixed 5.14.0-570.55.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: nfsd: don't ignore the return code of svc_proc_register() Currently, nfsd_proc_stat_init() ignores the return value of svc_proc_register(). If the procfile creation fails, then the kernel will WARN when it trie
CVE-2025-22126Apr 16, 2025
affected < 5.14.0-570.22.1.el9_6fixed 5.14.0-570.22.1.el9_6
In the Linux kernel, the following vulnerability has been resolved: md: fix mddev uaf while iterating all_mddevs list While iterating all_mddevs list from md_notify_reboot() and md_exit(), list_for_each_entry_safe is used, and this can race with deletint the next mddev, causing

Page 9 of 34