21882 matches found
Astra Linux - уязвимость в linux-5.10, linux
A flaw was discovered in the udmabuf device driver of the Linux kernel. The specific flaw resides within a fault handler. The issue arises due to the lack of proper validation of user-supplied data, which can lead to a memory access beyond the end of an array. An attacker can exploit this...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: fixed a use-after-free in twtimerhandler A real-world panic issue was discovered in Linux 5.4. Bug: Unable to handle a page fault for the address: ffffde49a863de28 PGD: 7e6fe62067 P4D: 7e6fe62067 PUD: 7e6fe63067 PMD:...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: KVM: s390/diag: fixed the issue ofracy access to the physical CPU number in the diag 9c handler. We currently check if the target CPU equals -1, but this may change at a later time when we will use this functionality. We store th...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net/smc: fixed the issue where NULL sndbufdesc was used in smccdctxhandler. When performing a stress test on SMC-R using the rmmod mlx5ib driver during the wrk/nginx test, we found that there is a possibility of triggering a pani...
Astra Linux - уязвимость в firefox
When opening a website using the firefox:// protocol handler, SameSite cookies were not properly respected. This vulnerability affects Firefox versions 123...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: ARM: 9064/1: hwbreakpoint: Do not directly check the event’s overflowhandler hook The commit 1879445dfa7b “perf/core: Set event’s default ::overflowhandler” sets a default event-overflowhandler in perfeventalloc, and replaces the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Platform/x86: intel-vbtn: Protected the ACPI notify handler from racing with itself. Since the commit e2ffcda16290 “ACPI: OSL: Allow Notify handlers to run on all CPUs”, ACPI notify handlers like intel-vbtn’s notifyhandler may ru...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Regulator: da9211 – Use the irq handler when ready. If the system does not start from a reset state such as when it is in kexec mode, the regulator might have an IRQ waiting for processing. If we enable the IRQ handler before its...
Astra Linux - уязвимость в linux-5.10, linux
There are use-after-free vulnerabilities caused by a timer handler in the net/rose/rosetimer.c file of Linux, which allow attackers to crash the Linux kernel without any privileges...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Added a lock to protect the encoder context list. A lock was added for the ctxlist to prevent accessing a NULL pointer within the 'vpuencipihandler' function when the ctxlist is deleted due to an unexpect...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: block: nullblk: end timed out poll request When a poll request times out, it is removed from the poll list. However, since the request is not completed, it becomes exposed and never gets a chance to be processed. This issue is...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: The spinlock is used as a lock for protecting the context list. Previously, a mutex was added to protect the encoder and decoder context lists from unexpected changes originating from the SCP IP block. Th...
Astra Linux - уязвимость в linux-5.15
A flaw was discovered in KVM AMD Secure Encrypted Virtualization SEV within the Linux kernel. A KVM guest that uses SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: usb: cdnsp: Fixed a deadlock issue in cdnspthreadirqhandler. The patch fixes the following critical issue caused by deadlock, which was detected during testing of the NCM class: - smp: csd: A non-responsive CSD lock 1 was...
Astra Linux - уязвимость в linux, linux-5.10
A vulnerability has been identified in the Linux kernel and is classified as problematic. This vulnerability affects the function inet6streamops/inet6dgramops of the IPv6 Handler component. The vulnerability causes a race condition. It is recommended that a patch be applied to address this issue...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect currxfer check in IRQ handler Now that all other accesses to currxfer are done under the lock, protect the NULL check of currxfer in tegraqspiisrthread. Without this protection, the following race...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a use-after-free of nreq in reqsktimerhandler. The referenced commit replaced inetcskreqskqueuedropandput with inetcskreqskqueuedrop and reqskput in reqsktimerhandler. As a result, oreq should be passed to reqskput...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: media: imx: csc/scaler: fix v4l2ctrlhandler memory leak The memory allocated in v4l2ctrlhandlerinit is freed upon release...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: kprobes: The posthandler of aggrprobe is cleared in the case where kprobe-on-ftrace is used. In unregisterkprobetop, if the currently unregistered probe has a posthandler, but other child probes of aggrprobe do not have a...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fixed the issue where an unrecoverable MCE interrupt call from the NMI handler could lead to unexpected behavior. The machine check handler is not considered an NMI handler on 64s architectures. The early handler is...