VYPR

rpm package

opensuse/kernel-source&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed

Vulnerabilities (1,435)

  • CVE-2025-68752Jan 5, 2026
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: iavf: Implement settime64 with -EOPNOTSUPP ptp_clock_settime() assumes every ptp_clock has implemented settime64(). Stub it with -EOPNOTSUPP to prevent a NULL dereference. The fix is similar to commit 329d050b

  • CVE-2025-68751Jan 5, 2026
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: s390/fpu: Fix false-positive kmsan report in fpu_vstl() A false-positive kmsan report is detected when running ping command. An inline assembly instruction 'vstl' can write varied amount of bytes depending on

  • CVE-2025-68748Dec 24, 2025
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF race between device unplug and FW event processing The function panthor_fw_unplug() will free the FW memory sections. The problem is that there could still be pending FW events which are ye

  • CVE-2025-68747Dec 24, 2025
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF on kernel BO VA nodes If the MMU is down, panthor_vm_unmap_range() might return an error. We expect the page table to be updated still, and if the MMU is blocked, the rest of the GPU should

  • CVE-2025-68746Dec 24, 2025
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Fix timeout handling When the CPU that the QSPI interrupt handler runs on (typically CPU 0) is excessively busy, it can lead to rare cases of the IRQ thread not running before the transfer t

  • CVE-2025-68745Dec 24, 2025
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Clear cmds after chip reset Commit aefed3e5548f ("scsi: qla2xxx: target: Fix offline port handling and host reset handling") caused two problems: 1. Commands sent to FW, after chip reset got stu

  • CVE-2025-68744Dec 24, 2025
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Free special fields when update [lru_,]percpu_hash maps As [lru_,]percpu_hash maps support BPF_KPTR_{REF,PERCPU}, missing calls to 'bpf_obj_free_fields()' in 'pcpu_copy_value()' could cause the memory refe

  • CVE-2025-68743Dec 24, 2025
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: mshv: Fix create memory region overlap check The current check is incorrect; it only checks if the beginning or end of a region is within an existing region. This doesn't account for userspace specifying a regi

  • CVE-2025-68742Dec 24, 2025
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix invalid prog->stats access when update_effective_progs fails Syzkaller triggers an invalid memory access issue following fault injection in update_effective_progs. The issue can be described as follows

  • CVE-2025-68741Dec 24, 2025
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxx_process_purls_iocb(), an item is allocated via qla27xx_copy_multiple_pkt(), which internally calls qla24xx_alloc_purex_item(). The qla24xx_alloc_pur

  • CVE-2025-68740Dec 24, 2025
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: ima: Handle error code returned by ima_filter_rule_match() In ima_match_rules(), if ima_filter_rule_match() returns -ENOENT due to the rule being NULL, the function incorrectly skips the 'if (!rc)' check and se

  • CVE-2025-68739Dec 24, 2025
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: hisi: Fix potential UAF in OPP handling Ensure all required data is acquired before calling dev_pm_opp_put(opp) to maintain correct resource acquisition and release order.

  • CVE-2025-68738Dec 24, 2025
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix null pointer deref in mt7996_conf_tx() If a link does not have an assigned channel yet, mt7996_vif_link returns NULL. We still need to store the updated queue settings in that case, and

  • CVE-2025-68737Dec 24, 2025
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: arm64/pageattr: Propagate return value from __change_memory_common The rodata=on security measure requires that any code path which does vmalloc -> set_memory_ro/set_memory_rox must protect the linear map alias

  • CVE-2025-68736Dec 24, 2025
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: landlock: Fix handling of disconnected directories Disconnected files or directories can appear when they are visible and opened from a bind mount, but have been renamed or moved from the source of the bind mou

  • CVE-2025-68735Dec 24, 2025
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Prevent potential UAF in group creation This commit prevents the possibility of a use after free issue in the GROUP_CREATE ioctl function, which arose as pointer to the group is accessed in that io

  • CVE-2025-68749Dec 24, 2025
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix race condition when unbinding BOs Fix 'Memory manager not clean during takedown' warning that occurs when ivpu_gem_bo_free() removes the BO from the BOs list before it gets unmapped. Then file_p

  • CVE-2025-68733Dec 24, 2025
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: smack: fix bug: unprivileged task can create labels If an unprivileged task is allowed to relabel itself (/smack/relabel-self is not empty), it can freely create new labels by writing their names into own /proc

  • CVE-2025-68732Dec 24, 2025
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix race in syncpt alloc/free Fix race condition between host1x_syncpt_alloc() and host1x_syncpt_put() by using kref_put_mutex() instead of kref_put() + manual mutex locking. This ensures no threa

  • CVE-2025-68731Dec 24, 2025
    affected < 6.18.5-1.1fixed 6.18.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix an integer overflow in aie2_query_ctx_status_array() The unpublished smatch static checker reported a warning. drivers/accel/amdxdna/aie2_pci.c:904 aie2_query_ctx_status_array() warn: potent

Page 25 of 72