VYPR

Vendor CVEs

Linux

All CVEs

15,998 total · sorted by risk
  • CVE-2026-23258MedMar 18, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Initialize netdev pointer before queue setup In setup_nic_devices(), the netdev is allocated using alloc_etherdev_mq(). However, the pointer to this structure is stored in oct->props[i].netdev…

  • CVE-2026-23257MedMar 18, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fix off-by-one error in PF setup_nic_devices() cleanup In setup_nic_devices(), the initialization loop jumps to the label setup_nic_dev_free on failure. The current cleanup loop while(i--) skip…

  • CVE-2026-23256MedMar 18, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fix off-by-one error in VF setup_nic_devices() cleanup In setup_nic_devices(), the initialization loop jumps to the label setup_nic_dev_free on failure. The current cleanup loop while(i--) skip…

  • CVE-2026-23255MedMar 18, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: add proper RCU protection to /proc/net/ptype Yin Fengwei reported an RCU stall in ptype_seq_show() and provided a patch. Real issue is that ptype_seq_next() and ptype_seq_show() violate RCU rules. …

  • CVE-2026-23254MedMar 18, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: gro: fix outer network offset The udp GRO complete stage assumes that all the packets inserted the RX have the `encapsulation` flag zeroed. Such assumption is not true, as a few H/W NICs can set such flag…

  • CVE-2026-23252MedMar 18, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: xfs: get rid of the xchk_xfile_*_descr calls The xchk_xfile_*_descr macros call kasprintf, which can fail to allocate memory if the formatted string is larger than 16 bytes (or whatever the nofail guarantees…

  • CVE-2026-23251MedMar 18, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: xfs: only call xf{array,blob}_destroy if we have a valid pointer Only call the xfarray and xfblob destructor if we have a valid pointer, and be sure to null out that pointer afterwards. Note that this patch…

  • CVE-2026-23250MedMar 18, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: xfs: check return value of xchk_scrub_create_subord Fix this function to return NULL instead of a mangled ENOMEM, then fix the callers to actually check for a null pointer and return ENOMEM. Most of the…

  • CVE-2026-23249MedMar 18, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: xfs: check for deleted cursors when revalidating two btrees The free space and inode btree repair functions will rebuild both btrees at the same time, after which it needs to evaluate both btrees to confirm…

  • CVE-2025-71270MedMar 18, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable exception fixup for specific ADE subcode This patch allows the LoongArch BPF JIT to handle recoverable memory access errors generated by BPF_PROBE_MEM* instructions. When a BPF program…

  • CVE-2025-71269MedMar 18, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: btrfs: do not free data reservation in fallback from inline due to -ENOSPC If we fail to create an inline extent due to -ENOSPC, we will attempt to go through the normal COW path, reserve an extent, create an…

  • CVE-2025-71268MedMar 18, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix reservation leak in some error paths when inserting inline extent If we fail to allocate a path or join a transaction, we return from __cow_file_range_inline() without freeing the reserved qgroup…

  • CVE-2026-23247MedMar 18, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: tcp: secure_seq: add back ports to TS offset This reverts 28ee1b746f49 ("secure_seq: downgrade to per-host timestamp offsets") tcp_tw_recycle went away in 2017. Zhouyan Deng reported off-path TCP source port…

  • CVE-2025-71267MedMar 18, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service (DoS) condition. A malformed NTFS image can cause an…

  • CVE-2025-71266MedMar 18, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: check return value of indx_find to avoid infinite loop We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service (DoS) condition. A malformed dentry in the ntfs3…

  • CVE-2025-71265MedMar 18, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service (DoS) condition. A malformed NTFS…

  • CVE-2026-23241MedMar 17, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: audit: add missing syscalls to read class The "at" variant of getxattr() and listxattr() are missing from the audit read class. Calling getxattrat() or listxattrat() on a file to read its extended attributes…

  • CVE-2025-71239MedMar 17, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: audit: add fchmodat2() to change attributes class fchmodat2(), introduced in version 6.6 is currently not in the change attribute class of audit. Calling fchmodat2() to change a file attribute in the same…

  • CVE-2026-23238MedMar 4, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: romfs: check sb_set_blocksize() return value romfs_fill_super() ignores the return value of sb_set_blocksize(), which can fail if the requested block size is incompatible with the block device's configuration.…

  • CVE-2026-23229MedFeb 18, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: crypto: virtio - Add spinlock protection with virtqueue notification When VM boots with one virtio-crypto PCI device and builtin backend, run openssl benchmark command with multiple processes, such as …

  • CVE-2026-23228MedFeb 18, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection() On kthread_run() failure in ksmbd_tcp_new_connection(), the transport is freed via free_transport(), which does not decrement…

  • CVE-2026-23220MedFeb 18, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths The problem occurs when a signed request fails smb2 signature verification check. In __process_request(), if check_sign_req()…

  • CVE-2026-23157MedFeb 14, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: btrfs: do not strictly require dirty metadata threshold for metadata writepages [BUG] There is an internal report that over 1000 processes are waiting at the io_schedule_timeout() of balance_dirty_pages(),…

  • CVE-2026-23026MedJan 31, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config() Fix a memory leak in gpi_peripheral_config() where the original memory pointed to by gchan->config could be lost if krealloc() fails. The issue…

  • CVE-2025-71191MedJan 31, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_hdmac: fix device leak on of_dma_xlate() Make sure to drop the reference taken when looking up the DMA platform device during of_dma_xlate() when releasing channel resources. Note that commit…

  • CVE-2025-71190MedJan 31, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: bcm-sba-raid: fix device leak on probe Make sure to drop the reference taken when looking up the mailbox device during probe on probe failures and on driver unbind.

  • CVE-2025-71189MedJan 31, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw: dmamux: fix OF node leak on route allocation failure Make sure to drop the reference taken to the DMA master OF node also on late route allocation failures.

  • CVE-2025-71188MedJan 31, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: lpc18xx-dmamux: fix device leak on route allocation Make sure to drop the reference taken when looking up the DMA mux platform device during route allocation. Note that holding a reference to a…

  • CVE-2025-71186MedJan 31, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: stm32: dmamux: fix device leak on route allocation Make sure to drop the reference taken when looking up the DMA mux platform device during route allocation. Note that holding a reference to a…

  • CVE-2025-71185MedJan 31, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation Make sure to drop the reference taken when looking up the crossbar platform device during am335x route allocation.

  • CVE-2026-22977MedJan 21, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: sock: fix hardened usercopy panic in sock_recv_errqueue skbuff_fclone_cache was created without defining a usercopy region, [1] unlike skbuff_head_cache which properly whitelists the cb[] field. [2] This…

  • CVE-2026-22976MedJan 21, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset `qfq_class->leaf_qdisc->q.qlen > 0` does not imply that the class itself is active. Two qfq_class objects may point to the…

  • CVE-2025-68340MedDec 23, 2025
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: team: Move team device type change at the end of team_port_add Attempting to add a port device that is already up will expectedly fail, but not before modifying the team device header_ops. In the case of the…

  • CVE-2025-40251MedDec 4, 2025
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: devlink: rate: Unset parent pointer in devl_rate_nodes_destroy The function devl_rate_nodes_destroy is documented to "Unset parent for all rate objects". However, it was only calling the driver-specific…

  • CVE-2025-40164MedNov 12, 2025
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix using smp_processor_id() in preemptible code warnings Syzbot reported the following warning: BUG: using smp_processor_id() in preemptible [00000000] code: dhcpcd/2879 caller is…

  • CVE-2025-40005MedOct 20, 2025
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: spi: cadence-quadspi: Implement refcount to handle unbind during busy driver support indirect read and indirect write operation with assumption no force device removal(unbind) operation. However force device…

  • CVE-2023-53550MedOct 4, 2025
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: fix global sysfs attribute type In commit 3666062b87ec ("cpufreq: amd-pstate: move to use bus_get_dev_root()") the "amd_pstate" attributes where moved from a dedicated kobject to the cpu…

  • CVE-2023-53540MedOct 4, 2025
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: reject auth/assoc to AP with our address If the AP uses our own address as its MLD address or BSSID, then clearly something's wrong. Reject such connections so we don't try and fail later.

  • CVE-2025-39947MedOct 4, 2025
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Harden uplink netdev access against device unbind The function mlx5_uplink_netdev_get() gets the uplink netdevice pointer from mdev->mlx5e_res.uplink_netdev. However, the netdevice can be removed…

  • CVE-2025-39931MedOct 4, 2025
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Set merge to zero early in af_alg_sendmsg If an error causes af_alg_sendmsg to abort, ctx->merge may contain a garbage value from the previous loop. This may then trigger a crash on the next…

  • CVE-2025-39929MedOct 4, 2025
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path During tests of another unrelated patch I was able to trigger this error: Objects remaining on __kmem_cache_shutdown()

  • CVE-2023-53528MedOct 1, 2025
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix unsafe drain work queue code If create_qp does not fully succeed it is possible for qp cleanup code to attempt to drain the send or recv work queues before the queues have been created causing a…

  • CVE-2023-53526MedOct 1, 2025
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: jbd2: check 'jh->b_transaction' before removing it from checkpoint Following process will corrupt ext4 image: Step 1: jbd2_journal_commit_transaction __jbd2_journal_insert_checkpoint(jh, commit_transaction) …

  • CVE-2023-53525MedOct 1, 2025
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Allow UD qp_type to join multicast only As for multicast: - The SIDR is the only mode that makes sense; - Besides PS_UDP, other port spaces like PS_IB is also allowed, as it is UD compatible. In…

  • CVE-2023-53523MedOct 1, 2025
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: fix time stamp counter initialization If the gs_usb device driver is unloaded (or unbound) before the interface is shut down, the USB stack first calls the struct usb_driver::disconnect and then…

  • CVE-2023-53519MedOct 1, 2025
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: media: v4l2-mem2mem: add lock to protect parameter num_rdy Getting below error when using KCSAN to check the driver. Adding lock to protect parameter num_rdy when getting the value with function:…

  • CVE-2023-53517MedOct 1, 2025
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: tipc: do not update mtu if msg_max is too small in mtu negotiation When doing link mtu negotiation, a malicious peer may send Activate msg with a very small mtu, e.g. 4 in Shuang's testing, without checking…

  • CVE-2023-53513MedOct 1, 2025
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: nbd: fix incomplete validation of ioctl arg We tested and found an alarm caused by nbd_ioctl arg without verification. The UBSAN warning calltrace like below: UBSAN: Undefined behaviour in fs/buffer.c:1709:35…

  • CVE-2023-53511MedOct 1, 2025
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: io_uring: fix fget leak when fs don't support nowait buffered read Heming reported a BUG when using io_uring doing link-cp on ocfs2. [1] Do the following steps can reproduce this BUG: mount -t ocfs2 /dev/vdc…

  • CVE-2023-53503MedOct 1, 2025
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ext4: allow ext4_get_group_info() to fail Previously, ext4_get_group_info() would treat an invalid group number as BUG(), since in theory it should never happen. However, if a malicious attaker (or fuzzer)…

Page 224 of 320