15971 matches found
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed a use-after-free issue related to KFENCE violations during the sysfs firmware write process. During the sysfs firmware write process, a use-after-free read warning was logged from the lpfcwrobject routine: BUG:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: USB: chipidea – fixed a memory leak that occurred when using debugfslookup. When calling debugfslookup, the result must also contain a call to dput; otherwise, memory will leak over time. To simplify things, simply call...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fixed the incorrect setting of maxcorrreaderrors. There is no input validation when using the echo md/maxreaderrors command, and an overflow might occur. Add validation for the input number...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: PCI: Fixed a use-after-free in pcibusreleasedomainnr. The commit c14f7ccc9f5d “PCI: Assign PCI domain IDs using idaalloc” introduced a use-after-free bug during the bus removal process. This issue was discovered with kfence:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: use safe list iterator to avoid a use after free This loop is freeing the variable “clk”, so it needs to use listforeachentrysafe. Otherwise, it will dereference a freed variable to get the next item in the loop...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: perf: RISC-V: Remove PERFHESSTOPPED flag checking in riscvpmustart Since commit 096b52fd2bb4 "perf: RISC-V: throttle perf events", the perfsampleeventtook function was added to report time spent in overflow interrupts. If the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/9p: Fixed buffer overflow in the USB transport layer. There is a buffer overflow vulnerability in the USB 9pfs transport layer. In this case, inconsistencies in size validation between packet header parsing and actual data...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: remoteproc: pru: Fixed the potential NULL pointer dereferencing in prurprocsetctable. The prurprocsetctable function accesses rproc-priv before the ISERRORNULL check, which could lead to a NULL pointer dereferencing. The pru...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix NULL-pointer dereferences There are several situations in which the kernel can crash when requests are made to unbind the GPIO device and then system calls related to the GPIO character device’s anonymous file...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: tracing/hist: Fix out-of-bound write on ‘actiondata.varrefidx’ When generating a synthetic event with many parameters and then creating a trace action for it 1, a kernel panic occurred 2. This issue arises because in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: crypto: xts – Properly handles the EBUSY status. Since xts only handles the special return value EINPROGRESS, it means that in all other cases, it will free the data related to the request. However, since the caller of xts may...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: mpt3sas: Fixed a memory leak Added a forgotten kfree function...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Input: raspberrypi-ts – fixed the reference count leak in rpitsprobe. The rpifirmwareget function takes a reference; we need to release it in error paths as well. Use the devmrpifirmwareget helper to handle resources. Also,...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: gpio: sifive: Fix the refcount leak in sifivegpioprobe. The function ofirqfindparent returns a node pointer with the refcount incremented. We should use ofnodeput on it when it is no longer needed. Add the missing ofnodeput call ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: cifs: The folio lock is released upon a successful read from fscache. Under the current code, when cifsreadpageworker is called, the contract between the caller and the callee is that the callee should unlock the page. This is...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the net/sched/schcbq.c file of the Linux kernel, from version 6.1.4 onwards, cbqclassify allows attackers to cause a denial of service due to type confusion. Non-negative numbers can sometimes indicate a TCACTSHOT condition, rather than valid classification results, leading to improper...
Astra Linux - уязвимость в linux-5.15
A use-after-free flaw was discovered in the Linux kernel, specifically in the logreplay function within fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and causes a kernel information leak...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel before 6.1.3, fs/ntfs3/record.c does not validate resident attribute names. An out-of-bounds write may occur...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Let probe fail when workqueue cannot be enabled The workqueue is enabled when the appropriate driver is loaded and disabled when the driver is removed. When the driver is removed it assumes that the workqueue was...