226061 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Remove a drr class from the active list if it changes to strict. Whenever a user issues a ets qdisc change command, transforming a drr class into a strict one, the ets code does not check whether that class was in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fixed a NULL dereference when deactivating an inactive aggregate in qfqreset. qfqclass-leafqdisc-q.qlen 0 does not imply that the class itself is active. Two qfqclass objects may point to the same leafqdisc. Th...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: jbd2: avoided the bugon in jbd2journalgetcreateaccess when the file system is corrupted. The issue occurs when the file system is corrupted: ------------ cut here ------------ Kernel BUG at fs/jbd2/transaction.c:1289! Oops:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: A BUG in pskbexpandhead, as part of calipsoskbuffsetattr. There exists a kernel oops caused by a BUGONnhead INTMAX i.e., intskbheadroomskb + lendelta skbheadroomskb is meant to ensure that delta = headroom - skbheadroomskb ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net/hsr: A NULL pointer dereference was fixed in prpgetuntaggedframe. prpgetuntaggedframe calls pskbcopy to create frame-skbstd, but does not check whether the allocation fails. If pskbcopy returns NULL, skbclone is called with a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Backlight: led-bl: Added devlink to the supplier LEDs The LED Backlight is a consumer of one or multiple LED class devices. However, devlink currently cannot create the correct supplier-producer links when the supplier is a LED...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: nfc: Fixed a deadlock between nfcunregisterdevice and rfkillfopwrite. A deadlock can occur between nfcunregisterdevice and rfkillfopwrite due to the inverted lock order between devicelock and rfkillglobalmutex. The problemat...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: Fixed a memory leak that occurred due to a failure in usbsubmiturb. In asyncsetregisters, when usbsubmiturb fails, the allocated asyncreq structure and URB are not freed, resulting in a memory leak. The...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ACPICA: Avoid walking the Namespace if startnode is NULL Although commit 0c9992315e73 “ACPICA: Avoid walking the ACPI Namespace if it is not there” fixed the issue when both startnode and acpigblrootnode were NULL, the Linux kern...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: scs: A wrong parameter was fixed in scsmagic. The scsmagic function requires a void variable, but a struct taskstruct is provided instead. taskscstsk represents the starting address of the task’s shadow call stack, and...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fwtracer, Validate format string parameters We have added validation for format string parameters in the firmware tracer to prevent potential security vulnerabilities and crashes caused by malformed format strings...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ntfs3: init run lock for extend inode After setting the inode mode of $Extend to a regular file, executing the truncate system call will invoke the dotruncate routine, resulting in an uninitialized runlock error reported by syzbo...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Check skb-transportheader is set in bpfskbcheckmtu. The bpfskbcheckmtu helper needs to use skb-transportheader when the BPFMTUCHKSEGS flag is used: bpfskbcheckmtuskb, ifindex, &mtulen, 0, BPFMTUCHKSEGS. The transportheader i...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: GPU: host1x – Fixed a race condition in syncptalloc and syncptfree. A race condition occurred between host1xsyncptalloc and host1xsyncptput, which was addressed by using krefputmutex instead of krefput plus manual mutex locking...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed an invalid prog-stats access when updateeffectiveprogs fails. The issue occurs due to a fault-injected code sequence in updateeffectiveprogs. The problem can be described as follows: c cgroupbpfdetach...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: locking/spinlock/debug: Fixed a data race in dorawwritelock. KCSAN reports: BUG: KCSAN: Data race in dorawwritelock/dorawwritelock. The following operations were performed: Write 0xffff800009cf504c 4 bytes to memory by task 11...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad – Fixing timeout handling When the CPU on which the QSPI interrupt handler runs typically CPU 0 is excessively busy, it can lead to rare cases where the IRQ thread does not run before the transfer timeout is...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecishtp: Fixed a UAF issue after unbinding the driver. After unbinding the driver, another kthread named crosecconsolelogwork still accesses the device, resulting in a UAF and system crash. The driver does no...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ipv4: A reference count leak was fixed when using error routes with nexthop objects. When a nexthop object is deleted, it is marked as “dead”, and then fibtableFlush is called to flush all routes that use the dead nexthop. The...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: powerpc/64s/slb: Fixed the issue where multiple hits occurred during SLB preloading. On systems that use the hash MMU, there is a software SLB preload cache that mirrors the entries loaded into the hardware SLB buffer. This...