226256 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drbd: Only clone the bio if there is a backing device available. The commit c347a787e34cb drbd: changed -bibdev to -bibdev in drbdreqnew moved the biosetdev call which has since been removed to an earlier stage, from...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Avoid scheduling in rtasosterm. It is unsafe to use rtasbusydelay to handle a busy status from the IBM,os-term RTAS function in rtasosterm: Kernel Panic – Not Syncing: Attempted to kill init! Exitcode = 0x0000000b...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: dvb-core: The double-free operation in dvbregisterdevice has been fixed. In the function dvbregisterdevice - dvbregistermediadevice - dvbcreatemediaentity, the dvb-entity is allocated and initialized. If the initialization...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Macintosh: A possible memory leak in macioaddonedevice has been fixed. After committing 1fa5ae857bb1 “driver core: get rid of struct device’s busid string array”, the name of the device is allocated dynamically. This memory...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/core: Ensure that “ibport” is valid when accessing the sysfs node. The “ibport” structure must be set before adding the sysfs kobject, and reset after removing it. Otherwise, the system may crash when accessing the sysfs...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ntbnetdev: Use devkfreeskbany in interrupt context. TX/RX callback handlers ntbnetdevtxhandler, ntbnetdevrxhandler can be called in interrupt context via the DMA framework after the respective DMA operations are completed...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: mt76x0: fixed out-of-bound access in mt76x0phygettargetpower. After the commit “ba45841ca5eb “wifi: mt76: mt76x02: simplify struct mt76x02ratepower””, mt76x02 relies on the ht0-7 ratepower data for vht mcs0,7, while i...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
There is a flaw in the Linux kernel’s handling of new TCP connections. The issue arises due to the lack of memory release after the effective lifetime of these connections. This vulnerability allows an unauthenticated attacker to create a denial-of-service condition on the system...
Astra Linux – Vulnerability in Linux 5.10, Linux
A flaw related to the use of “free” in the Linux kernel’s Video4Linux driver was discovered in the way that triggers em28xxusbprobe, for Empia 28xx-based TV cards. A local user could exploit this flaw to crash the system or potentially escalate their privileges on the system...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: IB/mad: Do not call to functions that might sleep while in atomic context. Tracepoints are not allowed to sleep. As a result, the following error is generated due to a call to ibquerypkey in atomic context. WARNING: CPU: 0 PID:...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Fixed a crash that occurred when I/O abort times out. During CPU hotplug, a crash was observed with the following stack: Call Trace: qla24xxprocessresponsequeue+0x42a/0x970 qla2xxx qla2x00startnvmemq+0x3a2/0x4b0...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Thermal: intelpowerclamp: Use getcpu instead of smpprocessorid to avoid crashes. When CPU 0 is offline and intelpowerclamp is used to simulate idle state, it causes a kernel bug: Bug: Using smpprocessorid in preemptible 000000...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/mipi-dsi: Detaching devices when removing the host Whenever the MIPI-DSI host is unregistered, the code for mipidsihostunregister loops through every device currently found on that bus and will unregister them. However, it do...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cpufreq: The completion function is called before kobjectinitandadd. In cpufreqpolicyalloc, the uninitialized completion function is called in cpufreqsysfsrelease when kobjectinitandadd fails. This will cause a crash, such as a...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix compose-height boundary issue Syzkaller identified a bug: BUG: Unable to handle page faults for address: ffffc9000a3b1000 PF: Supervisor write access in kernel mode PF: Errorcode0x0002 – Not-present page PGD...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate data run offset This adds sanity checks for the data run offset. We should ensure that the data run offset is valid before attempting to unpack the data; otherwise, we may encounter use-after-free errors or...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: Fixed the return type of netcpndostartxmit With Clang’s Kernel Control Flow Integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to ensure that the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: procfs: Fixed a possible double mmput operation in doprocmapquery. When a user provides a buffer of incorrect size for the PROCMAPQUERY build ID, we return an -ENAMETOOLONG error. After recent changes, this condition occurs later...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fs/smb/client: fixed an out-of-bounds read in cifssanitizeprepath. When cifssanitizeprepath is called with an empty string or a string containing only delimiters e.g., /, the current logic attempts to check cursor2 - 1 before...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fixed a flaw in existing endpoint checks Syzbot once again identified a flaw in USB endpoint checking. See 1. This time, the issue stems from a commit authored by me 2eabb655a968: “usb: atm: cxacru: fix endpoint...