226259 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net: qrtr: Fixed a bug related to access to the uninit variable in qrtrtxresume. Syzbot reported the following bugs: ===================================================== BUG: KMSAN: uninit-value in qrtrtxresume+0x185/0x1f0...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: wifi: brcmfmac: Ensure that the CLM version is terminated with null characters to prevent a stack-out-of-bounds issue. A stack-out-of-bounds read occurs in brcmfmac when a buffer that is not terminated with null characters is...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Avoid using prinfo with a spin lock in cblistinitgeneric. prinfo is called with the rtp-cbsgbllock spin lock locked. Since prinfo calls printk, which may cause a sleep, this will result in a bug like the following:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: fprobe: Release rethook after the ftraceops is unregistered While running bpf selftests, the following errors may occur: General protection fault, likely for non-canonical addresses \ 0x6b6b6b6b6b6b6b6b: 0000 1 PREEMPT SMP...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net:bcmgenet: Added a check for oversized packets. Occasionally, we may receive oversized packets from the hardware that exceed the maximum buffer size of 2 KiB allocated for SKBs. A proactive check is added to discard such...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: mtkdrmcrtc: Added checks for devmkcalloc. Since devmkcalloc may return NULL, the return value needs to be checked to avoid dereferencing a NULL pointer...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: dax: Fixed the issue where daxmappingrelease was called after the object was freed. A test using CONFIGDEBUGKOBJECTRELEASE to remove a device-related dax region e.g., using modprobe -r daxhmem results in the following output:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: nfsd: Cleanup of potential nfsdfile refcount leaks in the COPY code path. There are two different versions of the nfsd4copy structure. One is embedded within the compound structure and is used directly in synchronous copies. T...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
A use-after-free vulnerability was discovered in the siano smsusb module within the Linux kernel. The bug occurs during device initialization, when the siano device is plugged in. This flaw allows a local user to crash the system, resulting in a denial-of-service condition...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: f2fs: A fix was made to avoid a use-after-free condition related to cached IPU bio. The xfstest generic/019 report a bug: Kernel BUG: At mm/filemap.c:1619! RIP: 0010:folioendwriteback+0x8a/0x90 Call Trace:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: dochangetype: refusal to operate on unmounted/not ours mounts. It is ensured that propagation settings can only be changed for mounts located within the caller’s mount namespace. This change aligns permission checks with those of...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: cgroup: Split cgroupdestroywq into 3 workqueues A hang can occur during 1 LTP cgroup testing when repeatedly mounting/unmounting perfevent and netprio controllers with systemd.unifiedcgrouphierarchy=1. The hang manifests in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp – Always pass an error pointer to sevplatformshutdownlocked When 9770b428b1a2 “crypto: ccp – Move devinfo/err messages for SEV/SNP init and shutdown” moved the error messages so that they don’t need to be issued by...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
A use-after-free vulnerability was discovered in the Linux kernel’s netfilter subsystem, specifically in the net/netfilter/nftablesapi.c file. Improper error handling related to NFTMSGNEWRULE allows a dangling pointer to be used within the same transaction, leading to a use-after-free...
Astra Linux – Vulnerability in Linux 5.15
A flaw was discovered in the MCTP protocol within the Linux kernel. The function mctpunregister reclaims the device’s related resources when a netcard is detached. However, a running program may be unaware of this flaw, leading to a use-after-free of the mdev-addrs object, which could potentially...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mtd: lpddr2nvm: Fixed a possible null-ptr-deref issue. This issue could lead to a null-ptr-deref when the resourcesizeaddrange function is called, if the platformgetresource function returns NULL...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drbd: Only clone the bio if there is a backing device available. The commit c347a787e34cb drbd: changed -bibdev to -bibdev in drbdreqnew moved the biosetdev call which has since been removed to an earlier stage, from...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Avoid scheduling in rtasosterm. It is unsafe to use rtasbusydelay to handle a busy status from the IBM,os-term RTAS function in rtasosterm: Kernel Panic – Not Syncing: Attempted to kill init! Exitcode = 0x0000000b...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: dvb-core: The double-free operation in dvbregisterdevice has been fixed. In the function dvbregisterdevice - dvbregistermediadevice - dvbcreatemediaentity, the dvb-entity is allocated and initialized. If the initialization...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Macintosh: A possible memory leak in macioaddonedevice has been fixed. After committing 1fa5ae857bb1 “driver core: get rid of struct device’s busid string array”, the name of the device is allocated dynamically. This memory...