19073 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: “Revert ‘ipmi: fix msg stack when IPMI is disconnected’” This fix reverts to the previous behavior in commit c608966f3f9c2dca596967501d00753282b395fc. This patch contains a minor bug that can cause the IPMI driver to enter an...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: spi: Fix for statistics allocation. The controller per-cpu statistics is not allocated until after the controller has been registered with the driver core. This creates a window during which accessing the sysfs attributes may lea...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In isotpsendmsg, cmpxchg is used to serialize access to so-tx.buf. isotprelease waits for ISOTPIDLE via waiteventinterruptible and then calls kfreeso-tx.buf. If a signal interrupts waiteventinterruptible inside close while tx.sta...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: can: dev: fix skb drop check In commit a6d190f8c767 “can: skb: drop txskb if in listen-only mode”, the priv-ctrlmode element is read even on virtual CAN interfaces that do not create the structcanpriv structure during startup. Th...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: phy: qcom-qmp: fixed the reset-controller leak in cases of probe errors. Be sure to release the lane reset controller in case of a late probe error e.g., probe deferral...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Check the running state of GuC before deregistering an exec queue. During normal operation, a registered exec queue is disabled and deregistered through GuC. The resources are only freed after GuC confirms completion...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: xhci: Handling of TD clearing for multiple streams When multiple streams are in use, multiple TDs might be active during the termination of an endpoint. We need to issue a Set TR Dequeue Pointer for each TD to ensure everything i...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: hardening the detection of controllers. The existing code currently sets a pointer to an ACPI handle before checking whether it is indeed a SoundWire controller. This can lead to issues where the proces...
Astra Linux - уязвимость в intel-microcode
Incorrect default permissions in some memory controller configurations for some IntelR XeonR Processors when using IntelR Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb: xhci-mtk: Fixed an issue where shared HCD resources were leaked when attempting to set the wake-up IRQ. The issue occurred because it was not possible to set @sharedhcd to NULL before reducing the usage count via usbputhcd...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: caam – Prevent crashes during suspension with iMX8QM/iMX8ULP Since the CAAM on these SoCs is managed by another ARM core, called the SECO Security Controller on iMX8QM and Secure Enclave on iMX8ULP. The SECO also reserves...
Astra Linux – Vulnerability in Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: fec: removed .ndopollcontroller to avoid deadlocks. A deadlock issue was found in the sungem driver. Please refer to the commit ac0a230f719b “eth: sungem: removed .ndopollcontroller to avoid deadlocks”. The root cause of the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: USB: xHCI – Fix for isochronous Ring Underrun/Overrun event handling The TRB pointer associated with these events points to the enqueue location when an error occurs in xHCI 1.1+ HCs; for older versions, this pointer is NULL. By...
Astra Linux – Vulnerability in Qemu
A reachable assertion issue was detected in the USB EHCI emulation code of QEMU. This issue can occur during the processing of USB requests due to a faulty handling of the DMA memory map. A malicious privileged user within the guest environment may exploit this flaw to send invalid USB requests,...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: xHCI: Corruption of the command ring pointer occurred during command aborts. The command ring pointer is located at bits 6:63 of the command ring control register CRCR. All control bits, such as those related to command stopping...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/ast: Fixed soft lockup issues. There is a while-loop in astdpsetonoff, which could lead to an infinite loop. This is because the register VGACRI-Dx checked in this API is actually a scratch register controlled by an MCU named...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race The function sgremovesfpusercontext must not use sgdeviceDestroy after calling scsidevicePut. sgdeviceDestroy accesses the parent scsidevice request queue, which will already be set to NULL...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Wait unconditionally after issuing the ENDXFER command. Currently, for all controller IP/versions except DWC3usb3 = 310a, a 1ms wait is required unconditionally for the completion of ENDXFER when the IOC is not set. Th...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: eth: sungem: Remove .ndopollcontroller to avoid deadlocks. Erhard reports netpoll warnings from sungem: netpollsendskbondev: eth0 enables interrupts during polling gemstartxmit+0x0/0x398. Warning: CPU: 1, PID: 1; at...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: i2c: smbus – fixed the dereferencing of NULL function pointers. Baruch reported an OOPS error when using the Designware controller as the target. Only targeting mode breaks the assumption that one transfer function is always...