225962 matches found
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: A null pointer check was added in opalpowercapinit. The kasprintf function returns a pointer to dynamically allocated memory; this pointer may be NULL in case of failure...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ACPI: LPIT – Avoid u32 multiplication overflow. In the function lpitupdateresidency, there is a possibility of overflow during multiplication, if tsckhz is large enough UINTMAX/1000. The multiplication operation should be replace...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: media: rc: The bpf attach/detach operation requires write permission. source-iocs-preserved const=CAPNETADMIN...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: crypto: lib/mpi – Fixed unexpected pointer access in mpiecinit When the mpiecctx structure is initialized, some fields are not cleared, resulting in a crash when referencing those fields after the structure is released. Initially...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: jfs: fixed an array-index-out-of-bounds issue in diNewExt Syz report UBSAN: array-index-out-of-bounds in fs/jfs/jfsimap.c:2360:2 Index -878706688 is out of range for the type 'struct iagctl128' CPU: 1 PID: 5065 Comm:...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: KVM: s390: fix in setting the fpc register The function kvmarchvcpuioctlsetfpu allows setting the floating-point control fpc register of a guest CPU. The new value is tested for validity by temporarily loading it into the fpc...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: cifs: Fixed a UAF in cifsdemultiplexthread There is a UAF when performing xfstests on cifs: BUG: KASAN: Use-after-free in smb2isnetworknamedeleted+0x27/0x160 Reading a size 4 value at address ffff88810103fc08 by task cifsd/923...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: fixed possible store tearing in neighperiodicwork. While reviewing a related syzbot report involving neighperiodicwork, I discovered that I forgot to add an annotation when deleting an RCU-protected item from a list. When...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Rejects redirects of skmsg messages to non-TCP sockets With a SOCKMAP/SOCKHASH map and a skmsg program, users can direct messages sent from one TCP socket s1 to actually exiting from another TCP socket s2...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A issue was discovered in the Linux kernel before version 6.6.8. The roseioctl function in net/rose/afrose.c has a use-after-free issue due to a race condition involving roseaccept...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
A flaw was discovered in the XFRM subsystem of the Linux kernel. The specific flaw occurs during the processing of state filters, which can lead to a read of data beyond the end of an allocated buffer. This flaw allows a local privileged CAPNETADMIN attacker to trigger an out-of-bounds read,...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A flaw was discovered in the IPv4 Resource Reservation Protocol RSVP classifier within the Linux kernel. The xprt pointer may extend beyond the linear portion of the skb structure, resulting in an out-of-bounds read in the rsvpclassify function. This issue could potentially cause a local user to...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A array indexing vulnerability was discovered in the netfilter subsystem of the Linux kernel. The absence of a certain macro could lead to an incorrect calculation of the offset of the h-nets array, giving attackers the ability to arbitrarily increment/decrement a memory buffer beyond its bounds...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net/iucv: Fixed the size of interrupt data iucvirqdata needs to be 4 bytes larger. These bytes are not used by the iucv module, but are written by the z/VM hypervisor in case a CPU is deconfigured. Reported as: BUG...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a task that was stuck in ext4xattrdeleteinode. Syzbot reported a problem with stuck tasks: ================================================================== INFO: Task syz-executor232:5073 is blocked for more than...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: drm/shmem-helper: The erroneous “put” operation has been removed from the error path. The drmgemshmemmmap function does not have a reference in the error code path, resulting in the dma-buf shmem GEM object being freed...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: Fixed the cleanup of steering rules The vport’s unicast, multicast, and multicast rules are not deleted during the teardown process when EEH occurs. Since the vport’s promiscuous settings unicast, unicast, and...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed an out-of-bounds shift in CalculateVMAndRowBytes REASON When PTEBufferSizeInRequests is zero, UBSAN reports the following warning because dmllog2 returns an unexpected negative value: The shift exponent...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: In the dmstats function, check for and propagate the allocpercpu failure. Check the return value of allocprecpu, and return an error from dmstatsinit if it fails. Update allocdev to fail if dmstatsinit does so. Otherwise, a NULL...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: “wifi: mac80211: fix memory leak in ieee80211ifadd” This resolution involves committing change 13e5afd3d773c6fc6ca2b89027befaaaa1ea7293. The function ieee80211iffree is already called from freenetdevndev, because...