VYPR

rpm package

opensuse/kernel-source&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed

Vulnerabilities (1,435)

  • CVE-2025-40066Oct 28, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Check phy before init msta_link in mt7996_mac_sta_add_links() In order to avoid a possible NULL pointer dereference in mt7996_mac_sta_init_link routine, move the phy pointer check before run

  • CVE-2025-40065Oct 28, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: Write hgatp register with valid mode bits According to the RISC-V Privileged Architecture Spec, when MODE=Bare is selected,software must write zero to the remaining fields of hgatp. We have detect

  • CVE-2025-40064Oct 28, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in __pnet_find_base_ndev(). syzbot reported use-after-free of net_device in __pnet_find_base_ndev(), which was called during connect(). [0] smc_pnet_find_ism_resource() fetches sk_dst_g

  • CVE-2025-40063Oct 28, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: comp - Use same definition of context alloc and free ops In commit 42d9f6c77479 ("crypto: acomp - Move scomp stream allocation code into acomp"), the crypto_acomp_streams struct was made to rely on havi

  • CVE-2025-40062Oct 28, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs When the initialization of qm->debug.acc_diff_reg fails, the probe process does not exit. However, after qm->debug.qm_diff_regs is freed, it is not set

  • CVE-2025-40061Oct 28, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix race in do_task() when draining When do_task() exhausts its iteration budget (!ret), it sets the state to TASK_STATE_IDLE to reschedule, without a secondary check on the current task->state. This

  • CVE-2025-40060Oct 28, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: coresight: trbe: Return NULL pointer for allocation failures When the TRBE driver fails to allocate a buffer, it currently returns the error code "-ENOMEM". However, the caller etm_setup_aux() only checks for a

  • CVE-2025-40059Oct 28, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: coresight: Fix incorrect handling for return value of devm_kzalloc The return value of devm_kzalloc could be an null pointer, use "!desc.pdata" to fix incorrect handling return value of devm_kzalloc.

  • CVE-2025-40058Oct 28, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Disallow dirty tracking if incoherent page walk Dirty page tracking relies on the IOMMU atomically updating the dirty bit in the paging-structure entry. For this operation to succeed, the paging- st

  • CVE-2025-40057Oct 28, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: ptp: Add a upper bound on max_vclocks syzbot reported WARNING in max_vclocks_store. This occurs when the argument max is too large for kcalloc to handle. Extend the guard to guard against values that are too

  • CVE-2025-40056Oct 28, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: vhost: vringh: Fix copy_to_iter return value check The return value of copy_to_iter can't be negative, check whether the copied length is equal to the requested length instead of checking for negative values.

  • CVE-2025-40055Oct 28, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix double free in user_cluster_connect() user_cluster_disconnect() frees "conn->cc_private" which is "lc" but then the error handling frees "lc" a second time. Set "lc" to NULL on this path to avoid a

  • CVE-2025-40054Oct 28, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix UAF issue in f2fs_merge_page_bio() As JY reported in bugzilla [1], Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 pc : [0xffffffe51d249484] f2fs_is_cp_guaranteed

  • CVE-2025-40053Oct 28, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: net: dlink: handle copy_thresh allocation failure The driver did not handle failure of `netdev_alloc_skb_ip_align()`. If the allocation failed, dereferencing `skb->protocol` could lead to a NULL pointer derefer

  • CVE-2025-40052Oct 28, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this with the cifs_sg_set_buf() helper that converts vm

  • CVE-2025-40051Oct 28, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: vhost: vringh: Modify the return value check The return value of copy_from_iter and copy_to_iter can't be negative, check whether the copied lengths are equal.

  • CVE-2025-40050Oct 28, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: bpf: Skip scalar adjustment for BPF_NEG if dst is a pointer In check_alu_op(), the verifier currently calls check_reg_arg() and adjust_scalar_min_max_vals() unconditionally for BPF_NEG operations. However, if t

  • CVE-2025-40049Oct 28, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix uninit-value in squashfs_get_parent Syzkaller reports a "KMSAN: uninit-value in squashfs_get_parent" bug. This is caused by open_by_handle_at() being called with a file handle containing an inval

  • CVE-2025-40048Oct 28, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Let userspace take care of interrupt mask Remove the logic to set interrupt mask by default in uio_hv_generic driver as the interrupt mask value is supposed to be controlled completely by the us

  • CVE-2025-40047Oct 28, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: io_uring/waitid: always prune wait queue entry in io_waitid_wait() For a successful return, always remove our entry from the wait queue entry list. Previously this was skipped if a cancelation was in progress,

Page 31 of 72