15971 matches found
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: mdio: Fixed an unbalanced fwnode reference count in mdiodevicerelease. There is a warning report regarding a refcount leak when probing the mdio device: OF: Error: Memory leak; the expected refcount was 1 instead of 2. The...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fixed potential use-after-free in hisifemacrx The skb object is passed to napigroreceive, which may free it. After calling this function, dereferencing the skb object may trigger a use-after-free...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: riscv: Sync efi page table's kernel mappings before switching The EFI page table is initially created as a copy of the kernel page table. With VMAPSTACK enabled, kernel stacks are allocated in the vmalloc area: if the stack is...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: Add missing pmruntimeputsync pmruntimegetsync will increase the rumtime PM counter even when it returns an error. Thus a pairing decrement is needed to prevent refcount leak. Fix this by replacing this API with...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: fix ref leak when switching zones When switching zones or network namespaces without doing a ct clear in between, it is now leaking a reference to the old ct entry. That's because tcfctskbnfctcached returns fals...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fixed a race condition in SNDCTLDSPSYNC There is a small race condition in the sndpcmosssync function, which is called from OSS PCM SNDCTLDSPSYNC ioctl. Specifically, the function calls sndpcmossmakeready first, a...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: tipc: The issue in tipcnlcompatnametabledumpheader regarding the check of the msg-req TLV length was fixed. This is a follow-up to commit 974cb0e3e7c9 “tipc: fixing uninit-value in tipcnlcompatnametabledump". In that commit, a ty...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: gso: Fixed a panic that occurred when using a fraglist with mixed head allocation types. Since the commit 3dcbdb134f32 “net: gso: Fixed an error in skbsegment when splitting a gsosize mangled skb having linear-headed...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: HID: hyperv: fixed a possible memory leak in mousevscprobe If hidadddevice returns an error, it should call hiddestroydevice to free the hiddev that was allocated in hidallocatedevice...
Astra Linux - уязвимость в linux-5.15
A NULL pointer dereference flaw was discovered in the Linux kernel’s AMD Sensor Fusion Hub driver. This flaw allows a local user to crash the system...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In the bpf function, the task with pid=1 can be skipped in the sendsignalcommon function. The following kernel panic can occur when a task with pid=1 attempts to send a killing signal to itself. For more details, see 1. Kernel...
Astra Linux - уязвимость в linux-5.15
A use-after-free flaw was discovered in the Linux kernel. When a disk is removed, the bdiunregister function is called to stop further write-back operations, and the system waits for the associated delayed tasks to complete. However, the wb inodewritebackend function may schedule bandwidth...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
In the Linux kernel up to version 6.3.1, a use-after-free issue in Netfilter’s nftables module arises when processing batch requests. This allows unprivileged local users to obtain root privileges. The issue occurs due to improper handling of anonymous sets...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: A fix was made for NULL pointer access in mpt3sastransportportadd. The port is allocated using sasportallocnum, and the RPHY is allocated via either sasenddevicealloc or sasexpanderalloc. Both of these functions ma...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: bnxten: Avoid order-5 memory allocation for TPA data. The driver needs to keep track of all possible concurrent TPA GRO/LRO completions on the aggregation ring. On P5 chips, the maximum number of concurrent TPA is 256, and the...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: drm: bridge/panel: The cleanup of the connector occurs when the bridge is detached. If we do not call drmconnectorcleanup manually in panelbridgedetach, the connector will be cleaned up along with other DRM objects during the cal...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: lib/generic-radix-tree.c: Do not cause overflow in the peek function. When we started assigning new inode numbers to most of the 64-bit inode space, some edge-case bugs occurred, particularly some integer overflows related to...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
A flaw was discovered in the XFRM subsystem of the Linux kernel. The specific flaw occurs during the processing of state filters, which can lead to a read of data beyond the end of an allocated buffer. This flaw allows a local privileged CAPNETADMIN attacker to trigger an out-of-bounds read,...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Drop the channel lock before queuing buffers. Ensure that read and write locks for the channel are not acquired consecutively by dropping the read lock from parsexferevent. This allows a callback provided to the...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: crypto: scomp – fixed the req-dst buffer overflow issue. The size of the req-dst buffer should be checked before copying data from scompscratch-dst to avoid the req-dst buffer overflow problem...