9029 matches found
Astra Linux – Vulnerability in opensc
The gemsafe GPK smart card software driver in OpenSC before version 0.21.0-rc1 has a stack-based buffer overflow in the scpkcs15emugemsafeGPKinit function...
Astra Linux – Vulnerability in Linux-Firmware
Improper initialization of the IntelR PROSet/Wireless and IntelR KillerTM Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable information disclosure via adjacent access...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: The zero-initialize of the eb.vma array in i915gemdoexecbuffer was corrected. The eb.vma array is initialized with values of 0 when the eb structure is first set up. Specifically, this sets the eb-vmai.vma pointers ...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed a NULL pointer derefrence issue in bnxtptpenable during error cleanup. When bnxtinitone fails during initialization e.g., bnxtinitintmode returns -ENODEV, the error handling code calls bnxtfreehwrmresources, which...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Assign -num before accessing -hws The commit f316cdff8d67 “clk: Annotate struct clkhwonecelldata with countedby annotated the hws member of struct clkhwonecelldata with countedby. This informs the bounds sanitizer ...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: of/fdt: Perform SOC memory setup when earlyinitdtscanmemory fails. If memory is found, earlyinitdtscanmemory now returns 1. If no memory is found, it returns 0, allowing other memory setup mechanisms to proceed. Previously,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ceph: Added initializers for the cephpathinfo structure when they were missing. The cephmdscbuildpath function must be called with a cephpathinfo parameter initialized to zero. Otherwise, the cephmdscfreepathinfo function may...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: udplite: Fixed null-ptr-deref in udpenqueuescheduleskb. syzbot reported null-ptr-deref of udpsksk-udpprodqueue. 0 Since the referenced commit, udplibinitsock may fail, as may udpinitsock and udpv6initsock. We need to handle th...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ip6mr: Fixed the UAF issue in ip6mrskDone, where a invalid pointer access occurred when addrconfinitnet failed. If the initialization fails during the call to addrconfinitnet, devconfall is a pointer that has been released...
Astra Linux - уязвимость в libslirp
An invalid pointer initialization issue was discovered in the SLiRP networking implementation of QEMU. The flaw resides in the tftpinput function and can occur when processing an UDP packet that is smaller than the size of the ‘tftpt’ structure. This issue may lead to out-of-bounds read access or...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: ARM: rockchip: fixed a kernel hang during SMP initialization To enable the secondary CPUs’ main CPU write trampoline code to SRAM, the trampoline code is written while the secondary CPUs are powered on at least this is true fo...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: l2tp: All race conditions in l2tptunnelregister have been fixed. The code within l2tptunnelregister is problematic in several ways: 1. It modifies the tunnel socket after it is published. 2. It calls setupudptunnelsock on an...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/hns: Fixed a NULL pointer issue in freemrinit. A lock grab occurs in a concurrent scenario, resulting in dereferencing a NULL pointer. This issue should be addressed by using initmutexinit before attempting to lock...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Handling of eagerly init vgic dist/redist during vgic creation If vgicallocateprivateirqslocked fails for any reason, we exit kvmvgiccreate early, leaving dist-rdregions uninitialized. Then, kvmvgicdistdestroy is...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: hns3 – Fixed a kernel crash that occurred when devlink reloaded during pf initialization. The devlink reloading process will access hardware resources, but the register operations are performed before the hardware is...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Media: MediTech: vcodec – Fixed an oops when HEVC initialization fails. The stateless HEVC decoder saves the instance pointer in the context, regardless of whether the initialization succeeded or not. This caused a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: Initialize rcvmss before calling tcpsendactivereset in mptcpdofastclose. syzbot reported a divide-by-zero issue in tcpselectWindow for MPTCP sockets. 0 We had a similar issue with bare TCP and fixed it in commit 499350a5a6...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Check the start of empty przs during initialization. After the commit 30696378f68a “pstore/ram: Do not treat empty buffers as valid”, initialization would assume that the prz was valid after determining that buffersiz...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
A use-after-free vulnerability was discovered in the siano smsusb module within the Linux kernel. The bug occurs during device initialization, when the siano device is plugged in. This flaw allows a local user to crash the system, resulting in a denial-of-service condition...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerabilities have been resolved: ip6tunnel: Ensure that the inner header is pulled in ip6tnlrcv. syzbot found that ip6tnlrcv could access unitized data 1. Call pskbinetmaypull to fix this, and initialize the ipv6h variable after this call, as it can change...