226293 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: procfs: Fixed a possible double mmput operation in doprocmapquery. When a user provides a buffer of incorrect size for the PROCMAPQUERY build ID, we return an -ENAMETOOLONG error. After recent changes, this condition occurs later...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fs/smb/client: fixed an out-of-bounds read in cifssanitizeprepath. When cifssanitizeprepath is called with an empty string or a string containing only delimiters e.g., /, the current logic attempts to check cursor2 - 1 before...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fixed a flaw in existing endpoint checks Syzbot once again identified a flaw in USB endpoint checking. See 1. This time, the issue stems from a commit authored by me 2eabb655a968: “usb: atm: cxacru: fix endpoint...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: gpio: aggregator: Protect driver attr handlers against module unload Both newdevicestore and deletedevicestore access module global resources e.g., gpioaggregatorlock. To prevent race conditions during module unloading, a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: caifvirtio: The incorrect pointer check in cfvprobe was fixed. delvqs frees virtqueues. Therefore, the pointer cfv-vqtx should be checked for being NULL before calling delvqs. Instead of checking cfv-vdev, this check is necessary...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: gpio: sifive: Fix the refcount leak in sifivegpioprobe. The function ofirqfindparent returns a node pointer with the refcount incremented. We should use ofnodeput on it when it is no longer needed. Add ofnodeput to avoid the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: enetc: avoid buffer leaks on xdpdoredirect failure Before enetccleanrxringxdp calls xdpdoredirect, each software BD in the RX ring between index origi and i can have one of two refcount values on its page. We are the current...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: perf: RISC-V: Remove PERFHESSTOPPED flag checking in riscvpmustart Since commit 096b52fd2bb4 "perf: RISC-V: throttle perf events", the perfsampleeventtook function was added to report time spent in overflow interrupts. If the...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: do not trust the firmware’s nChannels value. If the firmware sends us a corrupted MCC response where nChannels is much larger than what the command response can handle, we might copy too much uninitialized...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed a slab-use-after-free issue in hdcpwork Why A slab-use-after-free issue was reported when HDCP was destroyed, but the propertyvalidatedwork queue was still running. How The delayed work was canceled when th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/amd: fixed a potential memory leak This patch fixes a potential memory leak clksrc when the function returns NULL at the end of its execution. s/free/kfree/ - Alex...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mld: cancel mloscanstartwk mloscanstartwk is not canceled upon disconnection. In fact, it isn’t canceled anywhere else, except during the restart cleanup, where we don’t actually need to cancel it. This could lead ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net/sched: It has been ensured that teql can only be used as a root qdisc. The design intention of teql is that it should only be used as a root qdisc. Therefore, we need to ensure this constraint is respected. Although not very...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: watchqueue: fix pipe accounting mismatch Currently, watchqueuesetsize modifies the pipe buffers allocated to user-pipebufs, without updating the pipe-nraccounted value on the pipe itself. This occurs due to the if...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fixed the issue with mlx5pollone where the curqp is updated. When curqp is not NULL, in order to avoid fetching the QP from the radix tree again, we check if the next CQE QP is identical to the one we already have...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: can: dev: canrestart: fix use after free bug After calling netifrxniskb, dereferencing the skb is unsafe. In particular, the canframe field, which aliases skb memory, is accessed after the netifrxni function in the line:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: smb: client: The system now validates the entire DACL before rewriting it using cifsacl. The functions buildsecdesc and idmodetocifsacl derive a pointer to the DACL from a dacloffset provided by the server. They then use the...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed the use-after-free bug. This bug can be triggered by sending a single amdgpugemuserptrioctl command to the AMDGPU DRM driver on any ASICs with an invalid address and size. The bug was reported by Joonkyo Jung...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: fixed the call order in amdgputtmmove v2. This resolves issue with drm/amdgpu: fixing the ftrace event where amdgpuboMove always moves objects on the same heap. The fundamental problem is that after the move, the o...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: crypto: sun8i-ce-cipher – Fixed error handling in sun8icecipherprepare. Fixed two DMA cleanup issues on the error path in sun8icecipherprepare: 1. If dmamapsg fails for areq-dst, the device driver will attempt to free DMA memo...