225868 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Disabling ASPM when a multifunction device’s function is removed to avoid use-after-free errors. The struct pcielinkstate-downstream is a pointer to the pcidev of function 0. Previously, we retained this pointer when...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: md/raid10: check slab-out-of-bounds in mdbitmapgetcounter If we write a large number to md/bitmapsetbits, mdbitmapcheckpage will return -EINVAL because ‘page = bitmap-pages’. However, the returned value was not checked immediatel...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Added the missing IPSETHASHWITHNET0 macro for ipsethashnetportnet.c. The missing IPSETHASHWITHNET0 macro in ipsethashnetportnet can lead to the use of the incorrect CIDRPOSc for calculating array offsets, which...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Corrected the incorrect validation of the next buffer length in smb2setea. There are multiple smb2eainfo buffers in the FILEFULLEAINFORMATION request from the client. ksmbd uses the NextEntryOffset of the current...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: BUG: KASAN: Slab-out-of-bounds in crc32body lib/crc32.c:111 inline BUG: KASAN: Slab-out-of-bounds in crc32legeneric lib/crc32.c:179 inline BUG: KASAN: Slab-out-of-bounds in crc32lebase+0x58c/0x626 lib/crc32.c:197 A read of siz...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: VMCI: Check context-notifypage after calling getuserpagesfast to avoid GPF. The call to getuserpagesfast in vmcihostunlockedioctl may return NULL for context-notifypage, causing a GPF. To avoid this, check that context-notifypage...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: ipc: Fixed a potential use-after-free issue in the work function. When a reset notify IPC message is received, the ISR schedules a work function and passes the ISHTP device to it via a global pointer called...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Check kzalloc in lpfcsli4cgnparamsread. If kzalloc fails in lpfcsli4cgnparamsread, then we rely on lpfcreadobject’s routine to perform a NULL check on pdata. Currently, an early return error is thrown from...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: libsas: Fixed a use-after-free bug in smpexecutetasksg When executing an SMP task fails, the smpexecutetasksg function calls deltimer to delete the “slowtask-timer” timer. However, if the timer handler sastaskinternaltimedo...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: mvm – fix double-free on the TX path. We observe kernel crashes, lockups, and KASAN errors related to the ax210 firmware. One of the KASAN logs pointed to the TX path, and it appears that there is indeed a way to...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: hwmon: gpiofan Fix for out-of-bounds access to arrays The driver does not check whether the cooling state passed to gpiofansetcurstate exceeds the maximum cooling state stored in fandata-numspeeds. Since the cooling state is late...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: fixed a use-after-free in stateshow stateshow reads kdamond-damonctx without holding damonsysfslock. This allows for a use-after-free race condition: CPU 0 CPU 1 ----- ----- stateshow damonsysfsturndamonon ctx =...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mm/debugvmpgtable: Clear page table entries at destroyargs The mm/debugvmpagetable test manually allocates page table entries for the tests it runs, using the mmstruct that it manually allocated. This itself is fine, but when it...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: iio: imu: bno055: fixed OOB access to the hwxlate array A potential out-of-bounds array access to the hwxlate array has been fixed in bno055.c. In bno055getregmask, the hwxlate array was iterated over the entire length of the val...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: scsi: megaraidsas: Fixed an invalid node index issue. On systems with DRAM interleave enabled, out-of-bound access was detected: megaraidsas 0000:3f:00.0: Requested/available msix 128/128 pollqueue 0 ------------ Cut here...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: lan743x: fixed a potential out-of-bounds write in lan743xptpioeventclockget. Before calling lan743xptpioeventclockget, the ‘channel’ value is checked against the maximum value of PCI11X1XPTPIOMAXCHANNELS8. This seems correct...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: kernfs: a potential NULL dereference occurred in kernfsremove. When lockdep is enabled, lockdepassertheldwrite could cause a potential NULL pointer dereference. The following smatch warnings have also been fixed:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cifs: A memory leak was fixed when using fscache. If the condition “index == nextcached” is encountered, a reference count of the struct page is leaked. This issue is fixed by using readaheadfolio, which handles the reference cou...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: cifs: A memory leak was fixed in the deferred close operation. The xfstests tests on smb21 report kmemleak as follows: unreferenced object 0xffff8881767d6200 size 64: comm "xfsio", pid 1284, jiffies 4294777434 age 20.789s Hex...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: NFSv4/pnfs: A use-after-free bug has been fixed in open. If someone cancels the open RPC call, then we must not attempt to free either the open slot or the layoutget operation arguments, as they are likely still in use by the hun...