1035644 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ALSA: ymfpci: Created a card with the device-managed snddevmcardnew function. The sndcardymfpciremove function was removed in commit c6e6bb5eab74 “ALSA: ymfpci: Allocating resources using device-managed APIs”, but the call to...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imondisconnect Syzbot reports a KASAN issue as follows: BUG: KASAN: use-after-free in createpipe include/linux/usb.h:1945 inline BUG: KASAN: use-after-free in sendpacket+0xa2d/0xbc0...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: scs: A wrong parameter was fixed in scsmagic. The scsmagic function requires a void variable, but a struct taskstruct is provided instead. taskscstsk represents the starting address of the task’s shadow call stack, and...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: codetag: debug: handling the CODETAGEMPTY value in markobjextsempty for slabobjext. When allocslabobjexts fails and then successfully allocates a slab extension vector, it calls handlefailedobjextsalloc to mark all objects in the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fixed the KASAN global-out-of-bounds warning When running the “perf mem record” command on CWF, the following KASAN global-out-of-bounds warning was observed...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Most: usb: hdmprobe: Fixed the call to putdevice before device initialization. The early error path in hdmprobe can lead to a call to errfreemdev before &mdev-dev has been initialized using deviceinitialize. Calling...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net: qrtr: A refcount bug was fixed in qrtrrecvmsg. Syzbot reported the following bugs: refcountt: Addition of 0; use-after-free. … RIP: 0010:refcountwarnsaturate+0x17c/0x1f0 lib/refcount.c:25 … Call Trace: refcountadd...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: sctp: A potential overflow issue in sctpifwdtsnskip has been fixed. Currently, when using sctpwalkifwdtsn to traverse ifwdtsnskip, it only checks the position pos against the end of the chunk. However, the data remaining at the...
Astra Linux – Vulnerability in gdisk
In the LoadPartitionTable function of gpt.cc, there is a potential out-of-bounds write vulnerability due to a missing bounds check. This could lead to a local escalation of privileges when inserting a malicious USB device, without the need for additional execution privileges. User interaction is...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: lib/alloctag: Do not acquire an inexistent lock in alloctagtopusers. alloctagtopusers attempts to lock alloctagcttype-modlock, even when alloctagcttype is not allocated. This occurs because: 1. Allocating tags is disabled since m...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: dm-bufio: fixed scheduling in atomic context If “tryverifyintasklet” is set for dm-verity, and DMBUFIOCLIENTNOSLEEP is enabled for dm-bufio. However, when bufio attempts to evict buffers, there is a possibility of triggering...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: soundwire: Reverted “soundwire: qcom: Add setchannelmap API support”. This reversion corresponds to commit 7796c97df6b1b2206681a07f3c80f6023a6593d5. This patch caused issues with Dragonboard 845c sdm845. The following errors...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: bpf: Do not include the stack pointer register in precision backtracking bookkeeping. Yi Lai reported an issue 1 where the following warning appears in kernel dmesg: 60.643604 verifier backtracking bug 60.643635 WARNING: CPU: ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ceph: avoided a kernel bug for encrypted inodes with unaligned file sizes The generic/397 test encountered a bug in the case of encrypted inodes with unaligned file sizes for example, 33K or 1K: 877.737811 ran fstests generic/397...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: md: raid1: fixed a potential out-of-bounds error in raid1removedisk. If rddev-raiddisk is greater than mddev-raiddisks, an out-of-bounds error will occur in raid1removedisk. We have already encountered similar reports, as...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: iavf: Fixed an out-of-bounds situation when setting channels during iavfremove. If the channels are set to a value greater than what is actually allocated, it will cause a timeout, and an error will be returned. However, the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: jfs: fixed an invalid free of JFSIPipimap-iimap in diUnmount. syzbot detected an invalid-free in diUnmount: BUG: KASAN: double-free in slabfree mm/slub.c:3661 inline BUG: KASAN: double-free in kmemcachefree+0x71/0x110...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: iavf: Fixed a use-after-free in freenetdev. We perform netifnapiadd for all allocated qvectors, but potentially also perform netifnapidel for some of them. Then, we call kfree on the qvectors, leaving invalid pointers in...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a use-after-free issue in ext4findextent when using bigalloc with inline data. Syzbot identified the following issue: - loop0: A change in capacity was detected, from 0 to 2048. - EXT4-fs loop0: The filesystem...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ALSA: ymfpci: Fixed the BUGON in the probe function. The snddmabuffer.bytes field now contains the aligned size, which this sndBUGON did not account for, resulting in the following issue: 9.625915 ------------ Cut here ----------...