15971 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: wifi: ath12k: Avoid accessing uninitialized arvif-ar during beacon missed situations. During beacon missed handling, the ath12k driver iterates over active virtual interfaces vifs and attempts to access the radio object ar via...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup The kthreadrun function returns error pointers, so the max3421hcd-spithread pointer can be either an error pointer or NULL. Check both cases before...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Use memset to avoid memory leaks. Use memset to initialize structs to prevent memory leaks. In l2capecredconnect...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: safesetid: Check the size of policy writes. syzbot attempts to write a buffer with a large size to a sysfs entry. The writing is handled by handlepolicyupdate, which triggers a warning in kmalloc. Check the size specified for the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-generic: prohibiting potential out-of-bounds accesses The fbdev test in IGT may write after EOF, leading to out-of-bound accesses for DRM drivers that use fbdev-generic. For example, running the fbdev test on an...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: media: atomisp: preventing integer overflow in shcsssetblackframe The values of “height” and “width” come from the user, so the multiplication of “height width” can cause an integer overflow...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Media: Platform: MediTech: VPU: Fix for NULL pointer dereferencing If pdev is NULL, it is still dereferenced. This fixes the “match warning” in the following file: drivers/media/platform/mediatek/vpu/mtkvpu.c:570 – vpuloadfirmwar...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Staging: GPIB – Fixed the issue with cb7210 pcmcia. The pcmciadriver struct still used the old initialization of the .name field in the drv field. This caused a NULL pointer dereferencing issue in the strcmp function called from...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bpf: prevents the LSM program from leaking after a failed attach. In 0, we added the ability to use bpfprogattach for LSM programs within cgroups. However, during our validation to ensure that the program is indeed attached to...
Astra Linux – Vulnerability in Linux 5.10
The Linux kernel before version 5.18.13 lacked a clear mechanism for handling the block start symbol .bss. This allowed Xen PV guest OS users to cause a denial of service or gain privileges...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: grudc: fixed a memory leak that occurred when using debugfslookup. When calling debugfslookup, the result must be processed by calling dput; otherwise, a memory leak will occur over time. To simplify things, simply...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing the DMACR register The chapter “B Generic UART” in “ARM Server Base System Architecture” 1 describes a generic UART interface. Such a generic UART does not support DMA. In current cod...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mac80211: Only QoS data frames are tracked for admission control. For admission control, it clearly only applies to QoS data frames. Otherwise, we wouldn’t even be able to access the QoS field in the header. Syzbot reported an...
Astra Linux - уязвимость в linux-5.15
In efirtasmwrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fixed NULL pointer dereferencing in the error path When calling mlxswspacltcamregiondestroy from an error path after failing to attach the region to an ACL group, we encountered a NULL pointer dereferencin...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iommufd: IOMMUFDDESTROY should not increment the refcount. syzkaller identified a race condition where IOMMUFDDESTROY increments the refcount: c obj = iommufdgetobjectucmd-ictx, cmd-id, IOMMUFDOBJANY; if ISERRobj return PTRERRobj...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: octeontx2-pf: mcs: Fixed NULL pointer dereferencing issues When the system is rebooted after creating a MacSec interface, NULL pointer dereferencing errors occurred. This patch fixes these errors by using the correct order of...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: USB: isp1362 – A memory leak was fixed by using debugfslookup. When calling debugfslookup, the result must be processed with dput, otherwise a memory leak will occur over time. To simplify things, simply call...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix invalid derefence of sblvbptr I experience issues when putting a lkbsb on the stack and have sblvbptr field to a dangled pointer while not using DLMLKFVALBLK. It will crash with the following kernel message, the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: The oem i2c adapter is removed after the operation is completed. This fix addresses a bug where unbinding the GPU would leave the oem i2c adapter registered, resulting in a null pointer dereference when...