Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: Fixed the potential deadlock issue. When some client process A calls pdraddlookup to add a lookup for the service and performs scheduling-related tasks, another process B receives a new server packet indicating th...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: The dummy regulator must be checked before being used. Due to asynchronous driver probing, there is a possibility that the dummy regulator may not have been checked when accessed for the first time...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: atm: fixed the use after free in lecsend The -send operation frees the skb object; therefore, the length of the object should be saved before calling -send to avoid a use after free situation...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fs/proc: fixed the softlockup issue in readvmcore part 2. Since the commit 5cbcb62dddf5 fs/proc: fix softlockup in readvmcore, the number of softlockups during readvmcore at the time of kdump has decreased, but they still occur...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Discard packets if the transport changes. If the socket has been de-assigned or assigned to another transport, we must discard any packets received because they are not expected and would cause issues when accessing...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: removed the unused checkbuddypriv function. The commit 2461c7d60f9f “rtlwifi: Update header file” introduced a global list of private data structures. Later, the commit 26634c4b1868 “rtlwifi: Modify existing bits t...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Memory issue: tegra20-emc – fixed a bug related to references to OF nodes in tegraemcfindnodebyramcode. When the offindnodebyname function releases the reference to the argument “device node”, the tegraemcfindnodebyramcode functi...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: RISCV: Fixed sleeping in an invalid context in die. Die can be called in an exception handler, and therefore cannot sleep. However, die takes spinlockt, which can sleep when PREEMPTRT is enabled. This causes the following warning...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Misc: Microchip: PCI1xxxx – Resolve kernel panic during GPIO IRQ handling This issue resolves the kernel panic caused by improper handling of IRQs when accessing GPIO values. This is achieved by replacing the generichandleirq...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Remove WARNON from functionfsbind This commit addresses an issue related to a kernel panic that occurs when paniconwarn is enabled. The issue is caused by the unnecessary use of WARNON in functionfsbind, which c...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iio: imu: kmx61: fixed information leakage in the triggered buffer. The “buffer” local array is used to push data to user space from a triggered buffer. However, it does not set values for inactive channels, as it only uses...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed an out-of-bounds access in ‘dcn21linkencodercreate’. An issue was identified in the dcn21linkencodercreate function, where an out-of-bounds access could occur when the hpdsource index was used to reference...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Tracing: Fixed a use-after-free in printgraphfunctionflags during tracer switching. Kairui reported a UAF issue in printgraphfunctionflags during ftrace stress testing 1. This issue can be reproduced by putting a ‘mdelay10’ after...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: x86/xen: Remove the USERGSSYSRET64 paravirt call. This change is committed as upstream commit afd30525a659ac0ae0904f0cb4a2ca75522c3123. USERGSSYSRET64 is used to return from a syscall via SYSRET. However, a Xen PV guest will stil...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

A vulnerability was discovered in vhostnewmsg in drivers/vhost/vhost.c within the Linux kernel. This issue arises due to the improper initialization of memory in messages transmitted between virtual guests and the host operating system, as implemented in the vhostnewmsg function. This vulnerabili...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

A vulnerability, classified as critical, was discovered in the Linux kernel. The affected function is l2capconndel in the file net/bluetooth/l2capcore.c of the Bluetooth component. This vulnerability allows for exploitation after the memory allocation has been freed. It is recommended that patche...

Astra Linux – Vulnerability in Linux, Linux 5.10

A flaw after-free usage in the function scosocksendmsg of the Linux kernel’s HCI subsystem was discovered. This flaw allows a privileged local user to exploit it to crash the system or escalate their privileges on the system. This flaw triggers a race condition when the user calls ioct...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ice: Do not use the WQMEMRECLAIM flag for the workqueue. When both the ice and irdma drivers are loaded, a warning is triggered in the checkFlushDependency function. This occurs because the ice driver’s workqueue is allocated wit...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net/iucv: Avoid explicit allocation of the cpumask variable on the stack. For the CONFIGCPUMASKOFFSTACK=y kernel, explicit allocation of the cpumask variable on the stack is not recommended, as it may cause a potential stack...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/i915/gt: Fixed a potential UAF issue by revoking the fence registers. CI has been sporadically reporting the following issue triggered by igt@i915selftest@live@hangcheck on ADL-P and similar machines: 414.049203 i915:...