Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: hfs: Ensure that sb-sfsinfo is always cleaned up. When hfs was converted to the new mount API, a bug was introduced by changing the allocation pattern of sb-sfsinfo. If setupbdevsuper fails after a new superblock has been allocat...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed the issue where dcc-f2fsissuediscard was not invalidated during the error path. Syzbot reports a NULL pointer dereference issue as follows: refcountadd include/linux/refcount.h:193 inline refcountinc...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: lib/fonts: Fixed undefined behavior in bit shifting for getdefaultfont. Shifting a signed 32-bit value by 31 bits is undefined; therefore, the significant bit was changed to unsigned. The UBSAN warning “calltrace” is as follow...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mt7530: Fix VLAN traffic leaks The PCRMATRIX field was set to all 1’s when VLAN filtering is enabled, but it wasn’t reset when VLAN filtering was disabled. This could lead to traffic leaks: ip link add br0 type bridge...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: check if extcaps is valid in BL setup. LVDS connectors do not have extended backlight caps; therefore, check whether the pointer is valid before accessing it. Selected from commit...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: “NFSD: Remove the cap on the number of operations per NFSv4 COMPOUND.” I have found that the pynfs COMP6 now leaves the connection or lease in a strange state, causing CLOSE9 to hang indefinitely. I have investigated this issue a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: soc/tegra: pmc: Fixed the unsafe generichandleirq call. Currently, when resuming from system suspension on Tegra platforms, the following warning is observed: WARNING: CPU: 0 PID: 14459 at kernel/irq/irqdesc.c:666 Call trace:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: perf/armdmc620: Fixed a leak in the hotplug callback in dmc620pmuinit. The dmc620pmuinit function does not remove the callback added by cpuhpsetupstatemulti when platformdriverregister fails. Remove the callback by calling...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Unallocated resources are no longer allowed to be returned. In cases where the topology requests resources that have not been created by the system since they are typically not represented in dpumdsscfg, the resource...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fixed the issue where memory is disabled if the DVSEC CXL range does not match a CFMWS window. The Linux CXL subsystem is based on the assumption that HPA == SPA. That is, the host physical address HPA of HDM decoder...

Astra Linux - уязвимость в linux

A out-of-bounds memory write flaw was discovered in the Linux kernel’s joystick devices subsystem in versions prior to 5.9-rc1. This flaw allows a local user to crash the system or potentially escalate their privileges on the system. The greatest threat posed by this vulnerability is related to...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: misc: tifpc202: fixed a potential memory leak in the probe function. Used foreachchildofnodescoped to simplify the code and ensure that the device node reference is automatically released when the loop scope ends...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmfmac: A potential shift-out-of-bounds condition in brcmfmac has been fixed. This condition occurs in BITchiprev when the chiprev provided by the device is too large. It should also not be equal to or greater than...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: iaa – Fixed an out-of-bounds index issue in findemptyiaacompressionmode. The local variable ‘i’ is initialized with -EINVAL, but the for loop immediately overwrites it, and -EINVAL is never returned. If no empty compressi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nvmet: moving async event work off nvmet-wq For the target function nvmetctrlfree, the variable ctrl-asynceventwork is flushed. If nvmetctrlfree runs on nvmet-wq, the flush re-enters the workqueue completion for the same worker. ...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/panel/panel-sitronix-st7701: Remove the panel when DSI attachment fails. In the event that mipidsiattach fails, call drmpanelremove to avoid a memory leak...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: perf/arm-cmn: Unsupported hardware configurations are now rejected. So far, we have been fairly lenient in accepting both unknown CMN models at least with a warning, as well as unknown versions of those models that we do know...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: x86: Shadow stacks – proper error handling for mmap lock Kim Young-min reported that shstkpopsigframe does not check for errors from mmapreadlockkillable. This is a silly oversight. It was also shown that we have not marked...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Tracing: Fixed a potential deadlock in CPU hotplug with osnoise. The following sequence may lead to a deadlock in CPU hotplug: task1 task2 task3 ----- ----- ----- The code sequence is as follows: mutexlock&interfacelock CPU GOING...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Lag – Check for LAG devices before creating debugfs. The function mlx5lagdevaddmdev may return 0 success even when an error occurs, but this error is handled gracefully. As a result, the initialization process proceeds ...