252189 matches found
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: bus: qcom: Place the child node before the return statement. Placing the child node before the return statement helps to prevent potential reference count leaks. Typically, the reference count of a child node is automatically...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: cgroup: Use separate source/destination nodes when preloading csssets for migration. Each cssset is associated with its corresponding tasks. When moving tasks between csssets during a migration, we need to keep the source and...
Astra Linux - уязвимость в node-loader-utils
A prototype pollution vulnerability exists in the parseQuery function in parseQuery.js, within the webpack-loader-utils module. This issue affects all versions prior to 1.4.1 and 2.0.3...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: misc: tifpc202: fixed a potential memory leak in the probe function. Used foreachchildofnodescoped to simplify the code and ensure that the device node reference is automatically released when the loop scope ends...
Astra Linux - уязвимость в libraw
In LibRaw, there is an out-of-bounds write vulnerability within the "newnode" function libraw\src\x3f\x3futilspatched.cpp that can be triggered via a crafted X3F file...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: HSI: omapssi: Fixed a refcount leak in ssiprobe. When returning from or prematurely terminating a foreachavailablechildofnode loop, we need to explicitly call ofnodeput on the child node to potentially release the node...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: cifs: Prevent NULL dereferencing in cifscomposemountoptions. The optional @ref parameter may contain a NULL nodename, so dereferencing it in cifscomposemountoptions should be prevented. Addresses-Coverity: 1476408 “Explicit NULL...
Astra Linux - уязвимость в node-thenify
This affects the thenify package before version 3.3.1. The name argument provided to the package can be controlled by users without any sanitization, and this value is passed to the eval function without any sanitization...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-of-esdhc: Fixed the refcount leak in esdhcsignalvoltageswitch. The offindmatchingnode function returns a node pointer with a refcount incremented. We should use ofnodeput on it when there is no longer a need for it. Ad...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: sai: fixed the OF node leak during probe operations. The reference to the sync provider’s OF node during platform device probing is currently only dropped if the setsync callback fails during DAI probe. Make sure tha...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: ARM: versatile: Added ofnodeput in dcscbinit. The devicenode pointer is returned by offindcompatiblenode, with the reference count incremented. We should use ofnodeput to avoid the reference count leak...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: ARM: exynos: Fixed a refcount leak in exynosmappmu. The offindmatchingnode function returns a node pointer with a refcount incremented. We should use ofnodeput on this pointer when it is no longer needed. Added missing ofnodep...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: usb: typec: wusb3801: fixed the refcount leak in wusb3801probe I encountered the following report during the fault injection test: OF: ERROR: memory leak; the expected refcount was 4 instead of 1. ofnodeget/ofnodeput is unbalance...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Issue: unittest – Fix null pointer dereferencing in ofunittestfindnodebyname Description: When kmalloc fails to allocate memory in kasprintf, name or fullname will be NULL, and strcmp will cause a null pointer dereference...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fixed a potential use-after-free issue in airohanpuget. np-name was being used after calling ofnodeputnp, which releases the node and could lead to a use-after-free bug. Previously, ofnodeputnp was called...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: mapletree: fixed a potential out-of-bounds access in maswrendpiv Check the write offset’s end bounds before using it as an offset into the pivot array. This prevents possible out-of-bounds accesses to the pivot array if the...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: mt6797-mt6351 – Fixed the refcount leak in mt6797mt6351devprobe. The ofparsephandle function returns a node pointer with a refcount incremented. We should use ofnodeput on it when there is no longer a need for it. Add th...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: tipc: Moving the bc link creation back to tipcnodecreate. Shuang Li reported a NULL pointer dereference crash: BUG: NULL pointer dereference in the kernel, address: 0000000000000068 RIP: 0010:tipclinkisup+0x5/0x10 tipc Call...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: irqchip/apple-aic: The refcount leak in aicoficinit has been fixed. ofgetchildbyname returns a node pointer with a refcount incremented. We should use ofnodeput on it when there is no longer a need for it. Add the missing ofnodep...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: cs35l41: Fixed NULL pointer dereferencing in cs35l41hdareadacpi The acpigetfirstphysicalnode function may return NULL. In such cases, the getdevice function also returns NULL. However, this value is then dereferenced...