Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Do not allow SETID to refer to another table. When performing lookups for sets within the same batch using their IDs, a set from a different table can be used. However, when the table is removed, a reference ...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: tty: vt: initialize unicode screen buffer The syzbot report indicates a kernel vulnerability at the vcsread function 1. The buffer can be read immediately after the resizing operation. Initialize the buffer using kzalloc...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: nvidia-shield: Reference to hiddevice for devm allocation of the inputdev name. Using hiddevice for devm allocation of the inputdev name helps prevent use-after-free issues. inputunregisterdevice will trigger the cleanup of...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/disp: fixed a use-after-free in error handling of nouveauconnectorcreate. We cannot simply free the connector after calling drmconnectorinit on it. We need to clean up the DRM-related aspects first. This may not fix a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad4851: fix ad4858 channel pointer handling The pointer returned by ad4851parseChannelscommon is incremented internally as each channel is populated. In ad4858ParseChannels, the same pointer was further incremented whil...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Net: libwx – fixed the use of Rx buffer DMA. The wxrxbuffer structure contained two DMA address fields: ‘dma’ and ‘pagedma’. However, only ‘pagedma’ was actually initialized and used to program the Rx descriptor. ‘DMA’ was...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcidevcddump: Fixed an out-of-bounds error caused by devcoredumpv. Currently, both devcoredumpv and skbPutData in hcidevcddump use hdev-dump.head. However, devcoredumpv can free the buffer. According to the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: dm: Always split write BIOs to zoned device limits Any zoned DM target that requires zone append emulation will use the block layer zone write plugging mechanism. In such cases, DM target drivers must not split BIOs using...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed a lockup issue caused by a race condition between inode eviction and inode caching. There is a race condition between inode eviction and inode caching that can cause a struct btrfsinode to be missing from the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ixgbe: Fixed the incorrect map used in eeelinkmode. The ixgbelpmap was incorrectly used in loops intended to populate the supported and advertised EEElinkmode bitmap, based on ixgbelsmap. This resulted in incorrect bit setting...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Do not finalize the CSA in IBSS mode if the state is disconnected. When we are not connected to a channel, sending the “switch” announcement doesn’t make any sense. The BSS list is empty in that case. This causes...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Input: iforce – wait to complete the command after clearing the IFORCEXMITRUNNING flag. syzbot reports a hung task at inputunregisterdevice, with iforceclose waiting in waiteventinterruptible, while dev-mutex is held. This is...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: HID: steam: Prevent NULL pointer dereferencing in steamrecv,sendreport It is possible for a malicious device to fail to submit a Feature Report. The HID Steam driver currently does not handle this situation and dereferences the...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: mt6359 – Fixed a refcount leak bug. In functions mt6359parsedt and mt6359accdetparsedt, we should call ofnodeput for the reference returned by ofgetchildbyname, which has caused an increase in the refcount...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: 9p: fix refcount leak in p9readwork error handling p9reqput need to be called when m-rreq-rc.sdata is NULL to avoid temporary refcount leak. Dominique: commit wording adjustments, p9reqput argument fixes for rebase...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Drivers: Net: qlcnic: A potential memory leak has been fixed in qlcnicsriovinit. If the vpalloc function fails in qlcnicsriovinit, all previously allocated vp resources must be freed...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: igb: Do not free qvector unless a new one is allocated. Avoid potential use-after-free conditions under memory pressure. If kzalloc fails, qvector will be freed, but it will remain in the original adapter-qvectorvidx array positi...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: lockd: set other missing fields when unlocking files vfslockfile expects the struct filelock to be fully initialised by the caller. Re-exported NFSv3 has been seen to Oops if the flfile field is NULL...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Add checks for devmkcalloc As the devmkcalloc may return NULL, the return value needs to be checked to avoid NULL poineter dereference...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Drivers: Serial: JSM – fixed some leaks in the probe. This error path needs to be unwound instead of just being returned directly...