61289 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: virtiofs: added a check for the filesystem context source name In certain scenarios, for example during fuzz testing, the source name may be NULL, which could lead to a kernel panic. Therefore, an additional check for the source...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: A validation check for zero numsubauth is added before accessing subauth. Accessing psid-subauthpsid-numsubauth - 1 without checking whether numsubauth is non-zero can lead to an out-of-bounds read. This patch adds a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-edma: The free irq operation was corrected in the remove path. A check for fsledma-txirq/errirq has been added to avoid the following warning, as there is no errirq on the i.MX9 platform. Otherwise, a kernel dump...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: Add a NULL check in aspeedlpcenablesnoop. devmkasprintf returns NULL when memory allocation fails. Currently, aspeedlpcenablesnoop does not check for this case, resulting in a NULL pointer being dereferenced. Add a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: idpf: The issue of null-ptr-deref in idpffeaturescheck has been fixed. idpffeaturescheck is used to validate the TX packet. The length of the skb header is compared with the value supported by the hardware, which is received from...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fixed invalid data access in ath12kdprxhundecapnwifi. In certain cases, hardware may generate packets with a length greater than the maximum native Wi-Fi header length. This can lead to accessing and modifying field...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check if the modulo result is 0 before performing division. How & Why If a value of 0 is read, it will cause a Divide-by-0 panic...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host – Added an alignment check for the event ring read pointer. Although we check the event ring read pointer using “isvalidringptr” to ensure it is within the buffer range, there is another risk that the pointer might...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Fixed the bounds check for sx controls. For sx controls, the semantics of the max field are not the usual one; max represents the number of steps, rather than the maximum value. This means that our check in...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ionic: removed WARNON to prevent paniconwarn. Unnecessary early code development checks and the WARNON have been removed. The processes related to irq allocation and deallocation have also been cleaned up. This check shouldn’t ha...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: mvm – Use IWLFWCHECK for link ID check The lookup function iwlmvmrcufwlinkidtolinkconf is typically called with inputs from the firmware. Therefore, it should use IWLFWCHECK instead of WARNON...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Added a rough attrallocsize check...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: drm: Fixed a potential null-ptr-deref due to drmmmodeconfiginit. drmmmodeconfiginit will call drmmodecreatestandardproperties, and it does not check the return value. When drmmodecreatestandardproperties fails due to allocatio...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: x86 – Handling of SRCU initialization failures during page track initialization Check the return value of initsrcustruct, which may fail due to OOM conditions when initializing the page track mechanism. Lack of checking lead...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ocfs2: Passing a u64 value to ocfs2truncateInline may lead to an overflow. Syzbot reported a kernel bug in ocfs2truncateInline. There are two reasons for this: first, the parameter value passed is greater than...
Astra Linux – Vulnerability in Linux 5.15
A issue was discovered in the Linux kernel before version 6.3.4. In the file fs/ksmbd/smb2pdu.c of ksmbd, there is a flaw where the UserName value is not properly checked. This occurs because the address of the security buffer is not taken into consideration, resulting in a out-of-bounds read...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Media: PCI: cx23885: Check cx23885vdevinit return. cx23885vdevinit may return a NULL pointer, but that pointer is used in the next line without any checks. Add a NULL pointer check, and proceed with error unwinding if the pointer...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: drm: Check that output polling is initialized before disabling it. In drmkmshelperpolldisable, check that output polling is initialized before disabling polling. If not, flag this as a warning. Additionally, in...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: SOF: Added bounds checking to firmware data. Smatch complains that “head-fullsize – head-headersize” can cause underflow. To some extent, we will always have to trust the firmware. However, it’s easy to add checks for...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: crypto: hisilicon/debugfs – Fixed the issue with the uninit process of debugfs. During the zip probe process, a failure in debugfs does not stop the probe. When the initialization of debugfs fails, jumping to the error branch...