VYPR

rpm package

opensuse/kernel-source&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed

Vulnerabilities (1,435)

  • CVE-2025-40027Oct 28, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: net/9p: fix double req put in p9_fd_cancelled Syzkaller reports a KASAN issue as below: general protection fault, probably for non-canonical address 0xfbd59c0000000021: 0000 [#1] PREEMPT SMP KASAN NOPTI KASAN:

  • CVE-2025-40026Oct 28, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O When completing emulation of instruction that generated a userspace exit for I/O, don't recheck L1 intercepts as KVM has already finished th

  • CVE-2025-40025Oct 28, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node footer for non inode dnode As syzbot reported below: ------------[ cut here ]------------ kernel BUG at fs/f2fs/file.c:1243! Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI

  • CVE-2025-40019Oct 24, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essiv_aead_crypt so that it's also checked for decryption and in-place encryption.

  • CVE-2025-40018Oct 24, 2025
    affected < 6.17.7-1.1fixed 6.17.7-1.1

    In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-fr

  • CVE-2025-40017Oct 20, 2025
    affected < 6.17.5-1.1fixed 6.17.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: media: iris: Fix memory leak by freeing untracked persist buffer One internal buffer which is allocated only once per session was not being freed during session close because it was not being tracked as part of

  • CVE-2025-40016Oct 20, 2025
    affected < 6.17.5-1.1fixed 6.17.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID Per UVC 1.1+ specification 3.7.2, units and terminals must have a non-zero unique ID. ``` Each Unit and Terminal within the video function i

  • CVE-2025-40015Oct 20, 2025
    affected < 6.17.5-1.1fixed 6.17.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: media: stm32-csi: Fix dereference before NULL check In 'stm32_csi_start', 'csidev->s_subdev' is dereferenced directly while assigning a value to the 'src_pad'. However the same value is being checked against NU

  • CVE-2025-40013Oct 20, 2025
    affected < 6.17.5-1.1fixed 6.17.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: audioreach: fix potential null pointer dereference It is possible that the topology parsing function audioreach_widget_load_module_common() could return NULL or an error pointer. Add missing NULL ch

  • CVE-2025-40004Oct 20, 2025
    affected < 6.17.5-1.1fixed 6.17.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: net/9p: Fix buffer overflow in USB transport layer A buffer overflow vulnerability exists in the USB 9pfs transport layer where inconsistent size validation between packet header parsing and actual data copying

  • CVE-2025-40003Oct 18, 2025
    affected < 6.17.5-1.1fixed 6.17.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: Fix use-after-free caused by cyclic delayed work The origin code calls cancel_delayed_work() in ocelot_stats_deinit() to cancel the cyclic delayed work item ocelot->stats_work. However, cance

  • CVE-2025-40002Oct 18, 2025
    affected < 6.17.5-1.1fixed 6.17.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix use-after-free in tb_dp_dprx_work The original code relies on cancel_delayed_work() in tb_dp_dprx_stop(), which does not ensure that the delayed work item tunnel->dprx_work has fully completed

  • CVE-2025-40001Oct 18, 2025
    affected < 6.17.5-1.1fixed 6.17.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: mvsas: Fix use-after-free bugs in mvs_work_queue During the detaching of Marvell's SAS/SATA controller, the original code calls cancel_delayed_work() in mvs_free() to cancel the delayed work item mwq->wor

  • CVE-2025-40000Oct 15, 2025
    affected < 6.17.5-1.1fixed 6.17.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() There is a bug observed when rtw89_core_tx_kick_off_and_wait() tries to access already freed skb_data: BUG: KFENCE: use-after-free write in

  • CVE-2025-39999Oct 15, 2025
    affected < 6.17.5-1.1fixed 6.17.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix blk_mq_tags double free while nr_requests grown In the case user trigger tags grow by queue sysfs attribute nr_requests, hctx->sched_tags will be freed directly and replaced with a new allocated tag

  • CVE-2025-39998Oct 15, 2025
    affected < 6.17.5-1.1fixed 6.17.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: scsi: target: target_core_configfs: Add length check to avoid buffer overflow A buffer overflow arises from the usage of snprintf to write into the buffer "buf" in target_lu_gp_members_show function located in

  • CVE-2025-39997Oct 15, 2025
    affected < 6.17.5-1.1fixed 6.17.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free The previous commit 0718a78f6a9f ("ALSA: usb-audio: Kill timer properly at removal") patched a UAF issue caused by the error timer. However, becau

  • CVE-2025-39996Oct 15, 2025
    affected < 6.17.5-1.1fixed 6.17.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove The original code uses cancel_delayed_work() in flexcop_pci_remove(), which does not guarantee that the delayed work item irq_chec

  • CVE-2025-39995Oct 15, 2025
    affected < 6.17.5-1.1fixed 6.17.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe The state->timer is a cyclic timer that schedules work_i2c_poll and delayed_work_enable_hotplug, while rearming itself. Using timer_

  • CVE-2025-39994Oct 15, 2025
    affected < 6.17.5-1.1fixed 6.17.5-1.1

    In the Linux kernel, the following vulnerability has been resolved: media: tuner: xc5000: Fix use-after-free in xc5000_release The original code uses cancel_delayed_work() in xc5000_release(), which does not guarantee that the delayed work item timer_sleep has fully completed i

Page 33 of 72