95 matches found
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: erofs: fixed the UAF issue for file-backed mounts with the directio option 9.269940 T3222 Call trace: 9.269948 T3222 ext4filereadIter+0xac/0x108 9.269979 T3222 vfsiocbiterread+0xac/0x198 9.269993 T3222...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: ipc: Fix for use-after-free in ipcmsgsendrequest The ipcmsgsendrequest function waits for a generic netlink reply using an ipcmsgtableentry on the stack. The generic netlink handler handlegenericevent/handleresponse fil...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Make cpumaskofnode robust against NUMANONODE. The arch definition of cpumaskofnode cannot handle NUMANONODE—which is a valid index—so a check must be added for this case...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: xfs: fixed a UAF Use-after-Free in xchkbtreecheckblockowner. We cannot dereference bs-cur when trying to determine whether bs-cur aliases bs-sc-sa.bno,rmapcur after the latter has been freed. This issue was fixed by introducing a...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: The socket is closed after it has been accepted, even when the per-IP limit is exceeded and a connection attempt fails. When the per-IP connection limit is exceeded in ksmbdkthreadfn, the code sets ret to -EAGAIN and...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix the initialization of the spitransfer struct Make sure that the spitransfer struct is cleared to zero before use...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Added a missing NULL pointer check for the pingpong interface. This check is almost always performed in dpuencoderphyswbsetupctl, but in a single location, the check is missing. Also, use convenient locals variables...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed a bug in extent parsing when ehentries == 0 and ehdepth 0. When traversing inode extents, the ext4extbinsearchidx function assumes that the extent header has been validated previously. However, there are no checks to...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: bpf: Propagate error from htablockbucket to userspace In the function htabmaplookupanddeletebatch, if htablockbucket returns -EBUSY, the operation proceeds to the next bucket. Moving to the next bucket may not only silently skip...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: Fix endpoint check The syzbot fuzzer detected a problem with the udlfb driver, caused by an endpoint that does not have the expected type. usb 1-1: Failed to read the EDID byte 0; result: -71. usb 1-1: Unable to...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: PCI: mediatek-gen3: The refcount leak in mtkpcieinitirqdomains has been fixed. The function ofgetchildbyname returns a node pointer whose refcount is incremented. Therefore, we should use ofnodeput on it when we no longer need it...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Fixed a reference leak in amdgpuuserqwaitioctl. Also, removed the reference to syncobj and timeline fence when aborting the ioctl, as the output array became too small. Selected from the commit...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ice: Do not double-unplug the aux device during a peer-initiated reset. In the IDC callback that is called when aux drivers request a reset, the function to unplug the aux devices is executed. This function is also called in the...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: Media: i2c: ov772x: Fixed a memory leak in ov772xprobe. A memory leak was reported when testing ov772x with the bpf mock device. AssertionError: Unreferenced object 0xffff888109afa7a8 size 8: comm "python3", pid 279, jiffies...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mac80211: A potential double-free operation occurred during mesh join. While commit 6a01afcf8468 “mac80211: Mesh: Deleting ie data when leaving the mesh” fixed a memory leak that occurred during mesh leave/teardown, it introduced...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/cma: Fixed a kmemleak in rdmacore that was observed during the blktests nvme/rdma tests with siw. When running the blktests nvme/rdma tests, the following kmemleak issue will appear: - kmemleak: The kernel memory leak...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mtd: lpddr2nvm: Fixed a possible null-ptr-deref issue. This issue could lead to a null-ptr-deref when the resourcesizeaddrange function is called, if the platformgetresource function returns NULL...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Check endpoint numbers during parsing of Scarlett2 mixer interfaces The Scarlett2 mixer has a quirky behavior in the USB-audio driver; it may encounter a NULL dereference when a malformed USB descriptor is passed...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek – Add an interface release flow when USB is disconnected. MediaTek claims that there is a special USB interface for ISO data transmission. This interface must be released before unregistering an HCI...
Astra Linux – Vulnerability in Linux, Linux 5.10
A race condition was identified in the vtkioctl function within drivers/tty/vt/vtioctl.c in the Linux kernel. This may lead to an out-of-bounds read, as the write access to vcmode is not protected by a lock in vtioctl KDSETMDE. The primary threat of this vulnerability is data confidentiality...