Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nfqueue: fixed a possible use-after-free issue Eric Dumazet says: The sockhold function seems suspicious, because there is no guarantee that skrefcnt is not already 0. In case of failure, we cannot queue the packet...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: SUNRPC: Fixed a server shutdown leak A race condition was addressed where kthreadstop might prevent threadfn from being called at all. If this occurs, the svcrqst will not be cleaned up properly...

Astra Linux - уязвимость в linux-5.10

An integer overflow flaw was discovered in the Linux kernel’s virtio device driver code, where a user triggers the vhostvdpaconfigvalidate function. This flaw allows a local user to crash the system or potentially escalate their privileges on the system...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: xtensa: xtfpga: Fixed a refcount leak bug in setup. In machinesetup, offindcompatiblenode will return a node pointer with the refcount incremented. We should use ofnodeput when it is no longer needed...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed the issue where the “vf” variable might be used without initialization in this function. To address the regression introduced by commit 52424f974bc5, which causes servers to hang under very difficult-to-reproduce...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iio: Buffer: Fixed error handling related to files in IIOBUFFERGETFDIOCTL. If we fail to copy the newly created file descriptor to userland, we try to clean it up by returning the ‘fd’ and freeing the ‘ib’. The code uses...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: - svcrdma: The use of rcpageoff for the byte offset in memcpy was corrected. - svcrdmacopyInlinerange: The page index rccurpage was added to the page base instead of the byte offset rcpageoff. Use rcpageoff to ensure that copi...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/interrupt: Fixed the interrupt exit race issue with security mitigation switches. The RFI and STF security mitigation options allow the interruptexitnotreentrant static branch condition to be tested concurrently with...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: can: j1939: fix errant WARNONONCE in j1939SESSIONdeactivate The statement “j1939SESSIONdeactivate should be called with a session ref-count of at least 2” is incorrect. In some concurrent scenarios, j1939SESSIONdeactivate can be...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: can: isotp: split the transmission timer into two parts—transmission and timeout. The timer for the transmission of isotp PDUs previously had two functions: 1. sending two consecutive frames with a specified time interval. 2...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/i915: Fixed the reference counting during error capture and debugfs dump. When GuC support was added to error capture, the reference counting around the request object was broken. This issue has been fixed. The context-bas...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: block: ublk: extending queuesize to fix overflow issues When validating the Draft SPDK ublk target, in cases where a large queue depth was assigned to the multiqueue ublk device, the ublk target would enter an incorrect state...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix buffer overflow in sja1105setupdevlinkregions If an error occurs in dsadevlinkregioncreate, then the array ‘priv-regions’ will be accessed using a negative index -1. This issue was identified by the Linux...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Always report an error in runonedelayedref. Currently, we have a btrfsdebug function for handling failures in runonedelayedref. However, if end users encounter such problems, there will be no chance that btrfsDebug is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm/hugetlb: fixed the handling of PTE markers in hugetlbchangeprotection The patch series “mm/hugetlb: uffd-wp fixes for hugetlbchangeprotection”. While working with virtio-mem and background snapshots using uffd-wp on hugetlb...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Debug: Fixed a potential buffer overflow caused by snprintf. snprintf returns the size of the string that would be filled if it exceeds the given buffer size. Therefore, using this value may lead to a buffer overflow...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: Fix error handling code in ufxusbprobe The current error handling code in ufxusbprobe contains many issues that are not consistent. For example, ufxfreeusblist is missing, and the destroymodedb label should only...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: netlink: prevents potential Spectre v1 exploits Most netlink attributes are parsed and validated via nlavalidateparse or validatenla. c u16 type = nlatypenla; if type == 0 || type maxtype / Report an error or proceed with...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fixed possible out-of-bounds accesses to addldescptr. Sanitized possible out-of-bounds accesses to addldescptr in sesenclosuredataprocess...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Fixed the use of a mutex in the IRQs-disabled section. The current imc-pmu code triggers a warning when CONFIGDEBUGATOMICSLEEP is enabled and CONFIGPROVELOCKING is also enabled, while a threadimc event is running...