Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: refscale: Uninitialized use of waitqueueheadt was fixed. Running the refscale test occasionally causes the kernel to crash with the following error: 8569.952896 BUG: Unable to handle a page fault for address: ffffffffffffffe8...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vf: Performing early GT MMIO initialization is necessary to read the GMDID. VFs need to communicate with the GuC to obtain the GMDID value. Existing GuC functions that use this information assume that the GT has already se...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Staging: vt6655 – Fixed some erroneous memory cleanup loops. In some initialization functions of this driver, memory is allocated using ‘i’ as an index variable, with the value increasing from 0. The “Fixes” section includes...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: sched: sfb: Fixed an issue where a null pointer access occurred when sfbinit failed. When the default qdisc is sfb, if the qdisc of devqueue fails to be initialized during mqprioinit, sfbreset is invoked to clear resource...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ice: fixed NULL access to tx-inuse in iceptptsirq. The E810 device supports a “low latency” firmware interface for accessing and reading Tx timestamps. This interface does not use the standard Tx timestamp logic, due to the laten...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Added a synchronization step after creating a vram block. Data corruption will occur on vrams allocated by svm if the initialization is not complete and an application writes to the memory. Adding a synchronization st...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: pm8001: Fix for aborting all task initialization In pm80xxsendabortall, the nelem field of the ccb used is not initialized to 0. This missing initialization sometimes causes the task completion path to encounter an ccb...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: sctp: Check the send stream number after waitforsndbuf This patch addresses a corner case where the number of out streams may change after waitforsndbuf is called. When the main thread in the client initiates a connection, if the...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2 – Clearing the BM pool before initialization. The register values persist after booting the kernel using kexec, which results in a kernel panic. Therefore, it is necessary to clear the BM pool registers before...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Proper initialization of the struct pn533outarg structure. The struct pn533outarg, which serves as a temporary context for outurb, is not initialized properly. Its uninitialized ‘phy’ field can be dereferenced in erro...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fix for crashes when mounting with quota enabled There is a reported crash when mounting ocfs2 with quota enabled. Stack Trace: RIP: 0010:ocfs2qinfolockresinit+0x44/0x50 ocfs2 Call Trace: ocfs2localreadinfo+0xb9/0x6f0 ocfs...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mlxbfgige: Call requestirq after NAPI initialization The mlxbfgige driver encounters a NULL pointer exception in mlxbfgigeopen when kdump is enabled. The sequence to reproduce this exception is as follows: a Enable kdump. b Trigg...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: crypto: afalg – Fixed an issue where initialisation was missing, affecting gcm-aes-s390. Fixed the afalgallocareq function to initialize areq-firstrsgl.sgl.sgt.sgl to point to the scatterlist array in areq-firstrsgl.sgl.sgl...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fixed an error in the unwind operation of rxecreateqp. In the function rxecreateqp, the rxeqpfrominit function is called to initialize the qp. Internally, things like the spin locks are not set up until rxeqpinitreq is...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: octeonep: fixed a potential memory leak in octepdevicesetup. When errors such as unsupporteddev and mbox init occur, the variables oct-conf and iounmap oct-mmioi.hwaddr were not freed properly. This could lead to a memory leak...

Astra Linux - уязвимость в intel-microcode

Improper initialization of shared resources in some IntelR processors may allow an authenticated user to potentially enable information disclosure via local access...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ipmi: ssif: Initialize ssifinfo-client early. During the probe process, ssifinfo-client is dereferenced in a faulty path. However, it is set after some error checking has already been performed. This causes a kernel crash if an...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ath9khtc: fixed uninitialized values issues Syzbot reported 2 KMSAN bugs in ath9k. All of these bugs are caused by missing field initialization. In htcconnectservice, svcmetalen and pad are not initialized. Based on the code, ...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sendone: fixed the issue of missing CAN header initialization. The read access to struct canxlframe::len within a j1939 object, which creates a skbuff, revealed that the reserved elements in struct canframe were...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: can: afcan: fixed NULL pointer dereferencing in canrcvfilter. Similar to the issue reported in commit 8aa59e355949 “can: afcan: fixed NULL pointer dereferencing in canrxregister”, we need to check for a missing initialization ...