5963 matches found
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
A use-after-free flaw was discovered in the Linux kernel’s SGI GRU driver. This flaw arises from the way the grufileunlockedioctl function is called by the user, resulting in a failure in the grucheckchipletassignment function. This flaw allows a local user to cause a system crash or potentially...
Astra Linux – Vulnerability in Linux 5.10, Linux
When setting a font using malicious data via the ioctl command PIOFONT, the kernel will write memory beyond its bounds...
Astra Linux – Vulnerability in Linux, Linux 5.10
A race condition was identified in the vtkioctl function within drivers/tty/vt/vtioctl.c in the Linux kernel. This may lead to an out-of-bounds read, as the write access to vcmode is not protected by a lock in vtioctl KDSETMDE. The primary threat of this vulnerability is data confidentiality...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: A upper bound check has been added to user inputs in the signal ioctl function. Large input values in amdgpuuserqsignalioctl can lead to a Out-of-Memory OOM condition, and this vulnerability could be exploited...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Locking external INTx masking operations Masking operations through changes to the config space for DisINTx may cause races with INTx configuration changes via ioctl. Create wrappers that add locking mechanisms for path...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate userq input args. This will assist in validating the userq input arguments and rejecting invalid userq requests during IOCTLs...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed a use-after-free after failing to create a snapshot. In ioctl.c’s createsnapshot function, we allocate a pending snapshot structure and then attach it to the transaction’s list of pending snapshots. After that, we ca...
Astra Linux – Vulnerability in Linux, Linux 5.10
A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c within the Linux kernel. This flaw allows a local attacker with special user privileges CAPSYSADMIN or CAPSYSRAWIO to cause confidentiality issues...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
When sending malicious data to the kernel using the ioctl cmd FBIOPUTVSCREENINFO, the kernel will write memory beyond its boundaries...
Astra Linux – Vulnerability in Linux
A out-of-bounds memory write flaw was discovered in the Linux kernel’s joystick devices subsystem in versions prior to 5.9-rc1. This flaw allows a local user to crash the system or potentially escalate their privileges on the system. The greatest threat posed by this vulnerability is related to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: explicitly clear ioctl input data. As seen from a recent syzbot bug report, mistakes in the compat ioctl implementation can lead to uninitialized kernel stack data being used as input for driver ioctl handlers...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k: Avoid reading uninitialized memory in ath9khtcrxmsg. syzbot reports that the uninitialized value is accessed at ath9khtcrxmsg. For ioctlUSBRAWIOCTLEPWRITE, the function ath9khifusbrxstream may call ath9khtcrxmsg with...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: block: fixed leakage of debugfs entries caused by blktrace. The commit 99d055b4fd4b “block: removed per-disk debugfs files in blkunregisterqueue” moves the blkTraceShutdown function to blkUnregisterQueue. This is safe if blktrace...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: fpga: Prevent integer overflow in dflfeatureioctlsetirq The multiplication hdr.count sizeofs32 can cause integer overflow on 32-bit systems, leading to memory corruption. Use arraysize to fix this issue...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: Refactored amdgpugemvaioctl to handle last fence updates and timeline management v4. This commit simplifies the amdgpugemvaioctl function by introducing the following key updates: - Moved the logic for managing the...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: nbd: Fixed incomplete validation of ioctl arguments. We identified an alarm caused by incomplete validation of ioctl arguments without proper verification. The UBSAN warning appears as follows: UBSAN: Undefined behavior in...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: vt: Clear the selection before changing the font. When changing the console font using ioctlKDFONTOP, the new font size may be larger than the previous one. As a result, a previous selection might now be outside the new screen...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fixed the issue where GEM handle creation was subject to ref counting. Previously, panfrostgemcreatewithhandle would return a BO, but only with a reference to the handle. User space could theoretically guess this...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp – Use kzalloc for sev ioctl interfaces to prevent kernel memory leaks. For some sev ioctl interfaces, input may be passed that is less than or equal to SEVFWBLOBMAXSIZE, but larger than the data returned by the PSP...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: arkfb: Fixed a divide-by-zero bug in arksetpixclock Since the user can control the arguments of the ioctl function from the user space, there are special cases where a divide-by-zero bug may occur. For example, in:...