Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: clk: rs9: Fix for suspend/resume behavior. Disabling the cache in commit 2ff4ba9e3702 “clk: rs9: Fix for I2C accessors” without removing cache synchronization in the resume path results in a kernel panic, as map-cacheops is unset...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: clk: A memory leak was fixed in devmclknotifierregister. devmclknotifierregister allocates a device resource for the clk notifier, but it does not register that resource with the device. As a result, the notifier remains...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: mp: Fix for double-divider clock rate readback When support for double-divider clocks was introduced, the P-divider offset was left out of the .recalcrate readback function. This caused the clock rate to become...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: clk: rockchip: A memory leak has been fixed in rockchipclkregisterpll. If clkregister fails, @pll-ratetable may have allocated memory using kmemdup. Therefore, that memory needs to be freed; otherwise, a memory leak issue will...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: clk: ti: dra7-atl: Fixed a reference leak in ofdra7atlclkprobe. pmruntimegetsync will increment the pm usage counter. Forgetting to perform the necessary operations will result in a reference leak. Added the missing...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: hdmi: Avoid a system hang when debug registers are used during suspension. Attempting to read /sys/kernel/debug/dri/1/hdmi1 regs when the HDMI connection is disconnected results in a fatal system hang. This issue arises...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: da7219: Fixed an error handling path in da7219registerdaiclks. If clkhwregister fails, the corresponding clk should not be unregistered. To handle errors from loops, partial iterations should be cleaned up before performing...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: OPP: Added an index check to ensure no buffer overflow occurs in readfreq. The freq index is passed to the assert function to ensure that we do not read values from the opp-rates table when called from the indexed variants:...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: ipq8074: dont disable gccsleepclksrc Once the USB sleep clocks are disabled, the clock framework attempts to disable the sleep clock source as well. However, it seems that this attempt fails, resulting in the following...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: mt7622-apmixedsys: Fixed an error handling path in clkmt8135apmixedprobe “clkdata” is allocated using mtkdevmallocclkdata. Therefore, explicitly calling mtkfreeclkdata in the remove function would lead to a...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: h6 – Reparenting the CPUX during PLL CPUX clock rate changes. While changes in the PLL CPUX clock rate when the CPU is running work in the vast majority of cases, occasionally they cause instability. This leads to...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: MIPS: cevt-r4k – Do not call getc0compareint if the timer irq is installed. This prevents a warning: 0.118053 BUG: A sleeping function was called from an invalid context at kernel/locking/mutex.c:283. The issue was caused by the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: posix-clock: The missing timespec64 check in pcclocksettime has been fixed. As Andrew pointed out, it makes sense that the PTP core checks the tvsec and tvnsec fields of the timespec64 structure before calling ptp-info-settime64...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Staging: iio: frequency: ad9832: fixed division by zero in ad9832calcfreqreg. In the ad9832writefrequency function, clkgetrate might return 0. This can lead to a division by zero when calling ad9832calcfreqreg. The check if fout...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: renesasusbhs: Revised the handling of clock reordering and power management in the probe function. The initialization sequence in usbhsprobe was reorganized to enable runtime PM before accessing registers. This prevents...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ptp: The logic that checks ptp-nvclocks was removed from ptpvclockinuse. It’s clear that we should check both ptp-isvirtualclock and ptp-nvclocks to determine whether the ptp virtual clock is in use. However, when we access...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: rtc: mt6397: Check the return value after calling platformgetresource. This could lead to a null-ptr-deref issue if platformgetresource returns NULL. Therefore, we need to check the return value...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mpblk: Add fdcc clock to hdmimix domain According to the i.MX8MP RM and HDMI specifications, the fdcc clock is part of the HDMI RX verification IP. This clock should not be enabled for HDMI TX...

Astra Linux – Vulnerability in mbedtls

A issue was discovered in Arm Mbed TLS before version 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: rtc: cmos: Fix event handler registration ordering issue Since acpiinstallfixedeventhandler automatically enables the event handling mechanism upon success, it is incorrect to call it before the handler routine is ready to handle...