8146 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: – The faulty behavior of the mm:resolvefaultymmapregion function has been fixed. The mmapregion function is quite problematic; its control flow is complex and messy, and there are numerous ways in which issues can arise. This...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: A kernel oops occurs when the debug level is greater than 2. A null dereference or oops exception will eventually occur when the qla1280.c driver is compiled with DEBUGQLA1280 enabled and when qldebuglevel is great...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fixed a memory leak when CONFIGDEBUGOBJECTS=y is enabled. After a pcidoetask completes, its workstruct needs to be destroyed to avoid a memory leak when CONFIGDEBUGOBJECTS=y is set...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi – Fix the order of debug actions. The order in which debug actions were performed was incorrectly implemented. Now, we have implemented a split dump process and perform the FW reset only at the middle of the dump...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: cifs: Avoid NULL pointer dereferencing in debug calls. The cifsserverdbg function assumes that the server variable is non-NULL; therefore, move the call under conditions that prevent NULL pointer dereferencing. Identified by t...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: orangefs: The issue with memory leaks in orangefskernel,clientdebuginit was fixed. When the orangefs module is inserted or removed, memory leaks occur as follows: unreferenced object 0xffff88816b0cc000 size 2048: comm "insmod", p...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: mptcp: handles DDS corruption consistently. The buggy peer implementation can send corrupted DSS options, consistently causing several warnings in the data path. Use DEBUGNET assertions to avoid errors on some builds and to handl...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: locking/spinlock/debug: Fixed a data race in dorawwritelock. KCSAN reports: BUG: KCSAN: Data race in dorawwritelock/dorawwritelock. The following events occurred: Write marked as 0xffff800009cf504c, 4 bytes by task 1102 on CPU...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Fixed a deletion race condition A system crash occurred when using the debug kernel due to corruption of the link list. The cause of the link list corruption was that session deletion was allowed to be queued...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: s390/vmem: Split pages when debug pagealloc is enabled. Since commit bb1520d581a3 “s390/mm: Start kernel with DAT enabled”, the kernel crashes early during boot when debug pagealloc is enabled. Symptoms: - Memory initialization:...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Load DR6 with the guest value only before entering the .vcpurun loop. The conditional loading of hardware DR6 with the guest’s DR6 value is moved out of the core .vcpurun loop to fix a bug where KVM may load hardware wi...
Astra Linux - уязвимость в etcd
An authentication vulnerability has been discovered in Etcd-io v.3.4.10. This vulnerability allows remote attackers to escalate privileges through the debug function...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: In the bpf code, the spacketpullreason function may trigger a “splat” instruction. This issue occurs frequently in syzkaller builds where CONFIGDEBUGNET=y is enabled. We want to retain this debug check because it might indicate...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: scs: A wrong parameter was fixed in scsmagic. The scsmagic function requires a void variable, but a struct taskstruct is provided instead. taskscstsk represents the starting address of the task’s shadow call stack, and...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check debugtrapenable before writing dbgevfile. In an interrupt context, the write dbgevfile operation will be executed via a work queue. This causes the write dbgevfile operation to be executed after debugtrapdisable...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: mm: slub: Avoid waking up kswapd in settrackprepare settrackprepare may cause lock recursion. The issue arises when it is called from hrtimerstartrangens, which holds percpuhrtimerbasesn.lock. However, when CONFIGDEBUGOBJECTSTIME...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: arm64: entry: avoid kprobe recursion The cortexa76erratum1463225debuggerHandler function is called when handling debug exceptions and synchronous exceptions from BRK instructions. If the compiler does not inline...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: mm/slab: Added alloctaggingslabfreehook for memcgallocabortsingle When CONFIGMEMALLOCPROFILINGDEBUG is enabled, the following warning may be observed: 3959.023862 ------------ Cut here ------------ 3959.023891 alloctag was not...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Sanity check block descriptor length in respmodeselect In respmodeselect sanity check the block descriptor len to avoid UAF. BUG: KASAN: use-after-free in respmodeselect+0xa4c/0xb40 drivers/scsi/scsidebug.c:2509...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: UM: cpuinfo: Fixed a warning for CONFIGCPUMASKOFFSTACK When CONFIGCPUMASKOFFSTACK and CONFIGDEBUGPERCPUMAPS are selected, cpumaxbitswarn generates a runtime warning similar to the following, while we display /proc/cpuinfo. This...