225868 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: Fixed an uninitialized value in ocfs2filereaditer. Syzbot has reported the following KMSAN errors: BUG: KMSAN: Uninitialized value in ocfs2filereaditer+0x9a4/0xf80; ocfs2filereaditer+0x9a4/0xf80; ioread+0x8d4/0x20f0;...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: comedi: Flushing partial mappings in the error case If some remappfnrange calls succeeded before one failed, we still have buffer pages mapped into the user-space page tables when we drop the buffer reference with...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: nfs: Fixed the KMSAN warning in decodegetfattr attrs. Fixed the following KMSAN warnings: CPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G B Tainted: B=BADPAGE Hardware name: QEMU Standard PC Q35 + ICH9, 2009...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: udf: The use of uninit-value in udfgetfileshortad has been fixed. A check for overflow was added when calculating alen in udfcurrentaext, to mitigate potential issues with uninit-value usage in udfgetfileshortad. This is related ...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ntb: ntbhwswitchtec: Fixed a use-after-free vulnerability in switchtecntbremove due to a race condition. In the switchtecntbadd function, it is possible to call the switchtecntbinitsndev function. Then, &sndev-checklinkstatuswork...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: ppp: Fixed illegal access in pppasyncencode. syzbot reported an issue with pppasyncencode. In this case, pppoesendmsg is called with a zero size. Then, pppasyncencode is called with an empty skb. BUGs: - KMSAN: Uninit-value in...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Slip: Make slhcremember more robust against malicious packets. syzbot found that slhcremember lacked checks against malicious packets 1. slhcremember only checks that the packet’s size is at least 20 bytes, which is...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: asihpi: Fixed potential OOB array access The ASIHPI driver stores certain values in a static array in response to a driver’s request. The index of this array depends on the firmware. We should not trust this information...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: “aoe”: The potential use-after-free problem has been fixed in multiple locations. Regarding the fix for CVE-2023-6270, f98364e92662 “aoe: The potential use-after-free problem has been fixed in aoecmdcfgpkts” involves replacing...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: pxafb: Fixed possible use after free in pxafbtask. In the pxafbprobe function, it calls the pxafbinitfbinfo function. After that, &fbi-task is associated with pxafbtask. Moreover, within this pxafbinitfbinfo function, the...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: The default value of “denominators” should be set to 1. WHAT & HOW Variables that are used as denominators and may not be assigned to other values should not have a default value of 0. Change their default value ...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed an issue where the index out of bounds occurred in the DCN30 degamma hardware format translation. This commit addresses a potential index out of bounds issue in the cm3helpertranslatecurvetodegammahwformat...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: firmwareloader: Block path traversal Most firmware names are hardcoded strings, or are constructed from fairly constrained format strings where the dynamic parts are just some hexadecimal numbers or similar elements. However,...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fixed the “in-kernel MMIO” check TDX only supports MMIO operations initiated by the kernel. The handlemmio function checks whether the VE exception occurred in the kernel and rejects the operation if it did. However, the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpudm initialization when the number of links is greater than maxlinks. Reason The Coverity report indicates an OVERRUN warning. There are only maxlinks elements within dc-links. The number of links can...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: Proper handling of errors from btrfsdecref. In walkupproc, we have a BUGONret from btrfsdecref. This is incorrect; we have proper error handling here, and the error is returned...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fixed the use of memory after it is freed in lineinfochangednotify. The use-after-free issue occurs as follows: when the GPIO chip device file is closed by invoking gpiochrdevrelease, the data structure watchedLine...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ntbhwswitchtec: Fixed an out-of-bounds situation in switchtecntbmwsettrans. There is a kernel API called ntbmwcleartrans, which passes 0 to both addr and size. This would cause xlatepos to become negative. 23.734156 switchtec...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: drm/mediatek: Fixed a coverage issue related to unintentional integer overflows. 1. Instead of multiplying two variables of different types, change the approach to assigning a value to one variable and then multiplying the oth...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: vsock: Keep the binding until the socket is destroyed. The bindings of sockets are preserved; this includes both those created through an explicit bind function and those implicitly bound during the connect operation. This fix...