VYPR

linux

by Debian

Source repositories

CVEs (3,008)

  • CVE-2025-38707HigSep 4, 2025
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add sanity check for file name The length of the file name should be smaller than the directory entry size.

  • CVE-2025-38702HigSep 4, 2025
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: fbdev: fix potential buffer overflow in do_register_framebuffer() The current implementation may lead to buffer overflow when: 1. Unregistration creates NULL gaps in registered_fb[] 2. All array slots become…

  • CVE-2025-38699HigSep 4, 2025
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Double-free fix When the bfad_im_probe() function fails during initialization, the memory pointed to by bfad->im is freed without setting bfad->im to NULL. Subsequently, during driver…

  • CVE-2025-38697HigSep 4, 2025
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: jfs: upper bound check of tree index in dbAllocAG When computing the tree index in dbAllocAG, we never check if we are out of bounds realative to the size of the stree. This could happen in a scenario where…

  • CVE-2025-38685HigSep 4, 2025
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix vmalloc out-of-bounds write in fast_imageblit This issue triggers when a userspace program does an ioctl FBIOPUT_CON2FBMAP by passing console number and frame buffer number. Ideally this maps…

  • CVE-2024-58240HigAug 28, 2025
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: tls: separate no-async decryption request handling from async If we're not doing async, the handling is much simpler. There's no reference counting, we just need to wait for the completion to wake us up and…

  • CVE-2025-38676HigAug 26, 2025
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Avoid stack buffer overflow from kernel cmdline While the kernel command line is considered trusted in most environments, avoid writing 1 byte past the end of "acpiid" if the "str" argument is…

  • CVE-2025-38552HigAug 16, 2025
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: mptcp: plug races between subflow fail and subflow creation We have races similar to the one addressed by the previous patch between subflow failing and additional subflow creation. They are just harder to…

  • CVE-2025-38500HigAug 12, 2025
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collect_md xfrm interface collect_md property on xfrm interfaces can only be set on device creation, thus xfrmi_changelink() should fail when called on such…

  • CVE-2025-38471HigJul 28, 2025
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compacts skbs much more aggressively. This unearthed a bug in TLS where we may try to operate on an old skb when checking if…

  • CVE-2025-38350HigJul 19, 2025
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net/sched: Always pass notifications when child class becomes empty Certain classful qdiscs may invoke their classes' dequeue handler on an enqueue operation. This may unexpectedly empty the child qdisc and…

  • CVE-2025-38280HigJul 10, 2025
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid __bpf_prog_ret0_warn when jit fails syzkaller reported an issue: WARNING: CPU: 3 PID: 217 at kernel/bpf/core.c:2357 __bpf_prog_ret0_warn+0xa/0x20 kernel/bpf/core.c:2357 Modules linked in: CPU: 3…

  • CVE-2025-38236HigJul 8, 2025
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: af_unix: Don't leave consecutive consumed OOB skbs. Jann Horn reported a use-after-free in unix_stream_read_generic(). The following sequences reproduce the issue: $ python3 from socket import * s1, s2…

  • CVE-2025-38212HigJul 4, 2025
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using RCU syzbot reported that it discovered a use-after-free vulnerability, [0] [0]: https://lore.kernel.org/all/67af13f8.050a0220.21dd3.0038.GAE@google.com/ idr_for_each()…

  • CVE-2025-38198HigJul 4, 2025
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: fbcon: Make sure modelist not set on unregistered console It looks like attempting to write to the "store_modes" sysfs node will run afoul of unregistered consoles: UBSAN: array-index-out-of-bounds in…

  • CVE-2025-38079HigJun 18, 2025
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is called on socket type algif_hash with MSG_MORE flag set and crypto_ahash_import fails, sk2 is freed. However, it is also freed in…

  • CVE-2023-52927HigMar 14, 2025
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nf_ct_find_expectation Currently nf_conntrack_in() calling nf_ct_find_expectation() will remove the exp from the hash table. However, in some scenario, we expect the…

  • CVE-2024-50007HigOct 21, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ALSA: asihpi: Fix potential OOB array access ASIHPI driver stores some values in the static array upon a response from the driver, and its index depends on the firmware. We shouldn't trust it blindly. This…

  • CVE-2024-49924HigOct 21, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: fbdev: pxafb: Fix possible use after free in pxafb_task() In the pxafb_probe function, it calls the pxafb_init_fbinfo function, after which &fbi->task is associated with pxafb_task. Moreover, within this…

  • CVE-2024-49894HigOct 21, 2024
    risk 0.51cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds in degamma hardware format translation Fixes index out of bounds issue in `cm_helper_translate_curve_to_degamma_hw_format` function. The issue could occur when the…

Page 26 of 151