61258 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: HID: hid-thrustmaster: A warning was fixed in thrustmasterprobe by adding an endpoint check. syzbot has identified a type mismatch between a USB pipe and the transfer endpoint, which is triggered by the hid-thrustmaster driver...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the context of dm-verity-target.c, there is a potential way to modify read-only files due to a missing permission check. This could lead to a local escalation of privileges, as System execution privileges are required. User interaction is not necessary for exploiting this vulnerability. Produc...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: A fix was made to perform a sanity check on the destination blkaddr during recovery. As Wenqing Liu reported in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 loop5: A change in capacity was detected, from 0...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: bridge: Fixed a soft lockup issue in brmulticastqueryexpired. When setting multicastqueryinterval to a large value, the local variable time in brmulticastsendquery may overflow. If the time is less than a few milliseconds, t...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: virtiofs: added a check for the filesystem context source name In certain scenarios, for example during fuzz testing, the source name may be NULL, which could lead to a kernel panic. Therefore, an additional check for the source...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: nilfs2: A shift-out-of-bounds condition has been fixed due to an overly large exponent of the block size. If the slogblocksize field in the superblock data is corrupted and too large, initnilfs and loadnilfs may still trigger a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iouring: The bounds check for the physical SQE index in SQEMIXED 128-byte operations has been fixed. When IORINGSETUPSQEMIXED is used without IORINGSETUPNOSQARRAY, the boundary check for 128-byte SQE operations in ioinitreq...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: iavf: Fixed off-by-one issues in iavfconfigrssreg There are off-by-one bugs when configuring the RSS hash key and lookup table, causing out-of-bounds reads to memory 1 and out-of-bounds writes to device registers. Before commi...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: vop: Fixed a warning regarding dereference of a variable before checking it. The ‘state’ parameter cannot be NULL; we should check crtcstate accordingly. Fixed the warning:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: Fixed an issue where an interrupt storm occurred after receiving a corrupted ifid in the IRQ handler. Commit 31a7a0bbeb00 “dpaa2-switch”: added a range check for ifid in the IRQ handler introduces a mechanism to...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: comedi: A flaw in the comedibufmunge function was addressed. This function performs a modulo operation async-mungechan %= async-cmd.chanlistlen, without first checking whether chanlistlen is zero. If a user program submits a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ice: fixed NULL access to tx-inuse in iceptptsirq. The E810 device supports a “low latency” firmware interface for accessing and reading Tx timestamps. This interface does not use the standard Tx timestamp logic, due to the laten...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Guard for possible null pointer dereferencing REASON In some situations, dc-respool may be null. SOLUTION Check whether the pointer is null before dereferencing it...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Check endpoint numbers during parsing of Scarlett2 mixer interfaces The Scarlett2 mixer has a quirky behavior in the USB-audio driver; it may encounter a NULL dereference when a malformed USB descriptor is passed...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fixed the crash issue for the zero copy XDPTX action. There is a crash issue when running the zero copy XDPTX action. The crash log is as follows: 216.122464 Unable to handle kernel paging request at virtual address...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fix for u8 overflow By continuously sending L2CAPCONFREQ packets, chan-numconfrsp increases multiple times, eventually exceeding the maximum number i.e., 255. This patch prevents this issue by adding a bounda...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: does not allow unaligned truncation on released compress inode An F2FS image may become corrupted after performing the following test cases: - mkfs.f2fs -O extraattr,compression -f /dev/vdb - mount /dev/vdb...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: watchqueue: Fix for filter limit check In watchqueuesetfilter, there are several places where we check that the filter type value does not exceed what the typefilter bitmap can hold. One place calculates the number of bits using...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: The issue related to null-ptr-deref in bitmapparselist has been fixed. A crash was observed with the following output: BUG: NULL pointer dereferencing in the kernel; address: 0000000000000010 Oops: 0000 1 SMP NOP...
Astra Linux – Vulnerability in Thunderbird, Firefox
The length of the certificate was not properly checked when it was added to the certificate store. In practice, only trusted data was processed. This vulnerability was fixed in Firefox 135, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...