1035728 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: The issue was that can: ucan: introduced an out-of-bound read in the strscpy function’s source code. Commit 7fdaf8966aae “can: ucan: use strscpy instead of strncpy” inadvertently resulted in an out-of-bound read of one byte from...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: streamzap: fix race between device disconnection and urb callback Syzkaller has reported a general protection fault in the function irraweventstorewithfilter. This crash occurs due to a NULL pointer dereference of the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mm: Fixed a kernel bug where userfaultfdmove encountered swapcache. userfaultfdmove checks whether the PTE entry is present or a swap entry. - If the PTE entry is present, movepresentpte handles folio migration by setting:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fixed a slab-use-after-free error in l2capsendcmd. After the hci sync command releases the l2capconn, the hci receive data work queue references the released l2capconn when sending data to the upper layer...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: The program exits after a state insertion failure at btrfsconvertextentbit. If the insertstate function fails, it returns an error pointer. We then call extentiotreepanic, which will trigger a BUG. However, if CONFIGBUG is...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: The segfault caused by PEBS-via-PT with a sample frequency has been fixed. Currently, using PEBS-via-PT with a sample frequency instead of a sample period causes a segfault. For example: BUG: Kernel NULL pointer...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Eliminate the window where the TLB flush may be inadvertently skipped TL;DR: There is a window in the MM switching code where the new CR3 is set, and the CPU should receive TLB flushes for the new MM. However,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: s390/pci: The duplicate call to pcidevput in disableslot was fixed when a PF had child VFs. With the commit bbc5d6c76903 “s390/pci: introducing a lock to synchronize the state of zpcidev’s”, the code that ignored power-off...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: In btusb, there is a risk of NULL pointer dereferencing in skbdequeue. A NULL pointer dereferencing can occur when processing a QCA firmware crash dump on WCN7851 0489:e0f3. 93.672166 Bluetooth: hci0: ACL memdump...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: The hash table is now created per queue. Sharing a global hash table among all queues is tempting, but it can lead to crashes. Bug: KASAN: A “slab-use-after-free” issue exists in...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: usb: aqc111: Check the packet for fixup for true limits. If a device sends a packet that lies between 0 and sizeofu64, the value passed to skbtrim as the packet length will wrap around, resulting in a very large value. The driver...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fixed a possible null-ptr-deref issue when assigning a stream. While AudioDSP drivers assign streams that are exclusively of HOST or LINK type, nothing prevents a user from attempting to assign a COUPLED stream. The...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fixed the issue where immediate work requests were flushed to the completion queue. The opcode of the send queue element was correctly set during the flushing of immediate work requests in the post-sendqueue operation...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: virtionet: fixed device mismatch in devmkzalloc/devmkfree The initial rsshdr allocation uses virtiodevice-device, but virtnetsetqueues frees resources using netdevice-device. This device mismatch causes the following devres...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: powerpc/memhotplug: Added an addpages override for PPC. With the commit ffa0b64e3be5 “powerpc: Fix virtaddrvalid for 64-bit Book3E & 32-bit”, the kernel now validates the addr against the highmemory value. This results in the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: fixed a possible Use-after-Allocation UAF in ip6finishoutput2. If skbexpandhead returns NULL, the skb is freed, and the associated dst/idev may also be freed. We need to hold the rcureadlock to ensure that the dst and...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed the f2fsbugon when uninstalling the filesystem, specifically the call to f2fsevict inode. Creating large files during the checkpoint disabling period results in insufficient free segments. When writing back the root...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Regulator: bq257xx: A leak in the device node reference occurred in bq257xxregdtparsegpio. In bq257xxregdtparsegpio, if the subchild is not successfully retrieved, the function returns without calling nodeputchild, resulting in a...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Do not generate errors if the user space injects an interrupt with GIF=0. Do not generate errors or warnings during interrupt injection when GIF is cleared. It is trivial for the user space to force this situation using...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: clk: zynqmp: Fixed a stack-out-of-bounds issue in strncpy “BUG: KASAN: Stack-out-of-bounds in strncpy+0x30/0x68” The Linux-ATF interface uses 16 bytes of SMC payload. If the clock name is longer than 15 bytes, the string...