Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: The issue of destroying KFD debugfs after destroying KFD wq has been addressed. Since the KFD proc content was moved to the kernel debugfs, we cannot destroy KFD debugfs before calling kfdprocessDestroywq. Moving...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k – Buffer overflow in debugfs If the user attempts to write more than 32 bytes, it will result in memory corruption. Fortunately, since this issue relates to debugfs, it only affects root users...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HV: hvballoon: fixed a memory leak that occurred when using debugfslookup. When calling debugfslookup, the result must have had dput called upon it; otherwise, a memory leak would occur over time. To simplify things, simply call...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: crypto: hisilicon/debugfs – Fixed the issue with the uninit process of debugfs. During the zip probe process, a failure in debugfs does not stop the probe. When the initialization of debugfs fails, jumping to the error branch...

Astra Linux – Vulnerability in Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: A missing size check was added in amdgpudebugfsgprwaveread. This prevents a possible buffer overflow if the size exceeds 4K. Chery picked from the commit f5d873f5825b40d886d03bd2aede91d4cf002434...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential array underflow in ucsiccgsynccontrol The “command” variable can be controlled by the user via debugfs. The concern is that if conindex is zero, then “&uc-ucsi-connectorconindex - 1” would result in an...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Limits the number of signal/freq counts in summary output functions. The debugfs summary output could access uninitialized elements in the freqin and signalout arrays, leading to NULL pointer dereferences and triggering...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed a debugfs null pointer error WHY & HOW Check whether the getsubvpen callback exists before calling it...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/nouveau/debugfs: fixed the memory leak when releasing files. When using singleopen to open a file, singlerelease should be called. Otherwise, the memory allocated with singleopen may be leaked...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: clk: Obtain runtime PM information before traversing the tree to retrieve clksummary. Similar to the previous commit, we should ensure that all devices are resumed during runtime before printing the clksummary through debugfs...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Added an increment to the count field in struct tripstats, which represents the number of times the zone’s temperature exceeded the trip point. This increment must be performed in thermaldebugtztripup, for two...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed a deadlock issue during reading mqd from debugfs An erroneous disk backup on my desktop entered the debugfs directory, triggering the following deadlock scenario in the amdgpu debugfs files. The machine also...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Prevent use-after-free from occurring after cdev removal. Since thermaldebugcdevremove does not run under cdev-lock, it can run in parallel with thermal Debugcdevstateupdate. This may free the struct thermal...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: mgb4: Fix for double debugfs remove calls This fix addresses an issue where the debugfsremoverecursive function is called first on a parent directory, and then again on a child directory, causing a kernel panic. hverkuil:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: mana: cleanup of the mana struct after debugfsremove When hibernation is triggered on a MANA VM, as part of hibernatesnapshot, managdsuspend and managdresume are called. If a failure occurs during managdresume related to HWC...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: gpio: mockup: Fixed a NULL pointer dereferencing issue when removing debugfs. We now remove the debugfs entries of the device when unbinding the driver. This now causes a NULL-pointer dereferencing issue at the end of the module,...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: core: Fixed a use-after-free in sndsocexit. KASAN reported a use-after-free: BUG: KASAN: use-after-free in devicedel+0xb5b/0xc60. Size 8 was read at addr ffff888008655050 by task rmmod/387. CPU: 2 PID: 387 Comm: rmmod...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: kernel/irq/irqdomain.c: fixed a memory leak that occurred when using debugfslookup. When calling debugfslookup, the result must also be processed by calling dput; otherwise, memory leaks will occur over time. To simplify things,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Free all thermal zone debug memory upon removing a zone Since thermaldebugtzremove does not free all the memory allocated for thermal zone diagnostics, some of that memory becomes unreachable after freeing the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Fixed the error code in iwlopmodedvmstart The error code should be preserved if iwlsetupdeferredwork fails. The current code returns ERRPTR0 which is NULL at this point. I believe that the missing error code could...