226293 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: md: Do not set mddev’s private field to NULL in raid0 with pers-free. In a normal stop process, the following sequence of operations occurs: domdstop | mdstop pers-free; mddev-private=NULL | mdfree free mddev The mdstop function...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fix tailcallreachable rejection for interpreter when jit failed During testing of f263a81451c1 “bpf: Track subprog poke descriptors correctly and fix use-after-free” under various failure conditions, for example, when...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rustbinder: Calling setnotificationdone without holding the proc lock. Consider the following sequence of events when a death listener is triggered: 1. The remote process dies and sends a BRDEADBINDER message. 2. The local proces...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fs/namespace: The reference leak in grabrequestedmntns has been fixed. lookupmntns already takes a reference to mntns. grabrequestedmntns does not need to take an additional reference...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: nfs: Clean up /proc/net/rpc/nfs when nfsfsprocnetinit fails. The syzbot reported a warning below 1 after a fault injection in nfsfsprocnetinit. 0 When nfsfsprocnetinit fails, /proc/net/rpc/nfs is not removed. Later, rpcprocexit...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ALSA: hda: Fixed an error related to the names of surround channels in version 9.1. The getlineoutpfx function may trigger an error due to overflowing a static array with more than 8 channels. This issue was reported on...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: A upper bound check has been added to user inputs in the signal ioctl function. Large input values in amdgpuuserqsignalioctl can lead to a Out-of-Memory OOM condition, and this vulnerability could be exploited...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Avoid leaking tags when processing the OPCINBSETCONTROLLERCONFIG command. The tags allocated for the OPCINBSETCONTROLLERCONFIG command need to be freed when we receive the response...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bpf: Sleepable kprobemulti programs are rejected during attachment. kprobe.multi programs run in atomic/RCU contexts and cannot sleep. However, bpfkprobemultilinkattach did not validate whether the program being attached had the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: i2c: piix4: Fix the issue where the adapter is not removed in piix4remove. In piix4probe, the piix4 adapter will be registered in piix4probe. This involves calling piix4addadapterssb800 or piix4addadapter. Both functions are part...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: ntbnetdev: The ntbnetdevrxhandler function should now be modified to call netifrx instead of calling ntbnetdevrxhandler. The following message is emitted when using the idxd DSA dmaengine as the data transfer mechanism for...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: The ctx variable is initialized to avoid a memory allocation error. It is possible that the ctx variable in nfqnlbuildpacketmessage could be used before it is properly initialized. This initialization i...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Check for null before removing sysfsattrs. If coretempaddcore encounters an error, pdata-coredataindx is already NULL and has been freed. Do not pass this value to sysfsremovegroup, as it will cause a crash in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: drm/vmwgfx: Fixed a nullptr access in the cursor snooper. Checked that the resource, which is converted to a surface, exists before trying to use the cursor snooper on it. vmwcmdrescheck allows explicit invalid identifiers e.g...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: afs: Fixed a potential null pointer dereferencing in afaPutServer. afaPutServer accesses server-debugid before a NULL check is performed, which could lead to a null pointer dereferencing. The assignment of debugid has been mov...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fixed a use-after-free in inet6addrdel. syzbot reported a use-after-free of inet6ifaddr in inet6addrdel. 0 The referenced commit accidentally moved ipv6deladdr for mngtmpaddr before reading its ifp-flags for temporary...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking The current implementation uses biasPadEnable as a reference count to manage the shared bias pad for all UTMI PHYs. However, during system suspension with connecte...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/hns: Fixed a soft lockup that occurred during the loop that allocates BT pages. The driver executes a for-loop when allocating BT pages and mapping them with buffer pages. When allocating a large buffer e.g., an MR of ove...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: In mptcp, it was fixed that “pm: only mark ‘subflow’ endp as available”. The following warning has been added: WARNONONCEmsk-pm.localaddrused == 0 Adding this warning before decrementing the localaddrused counter helped to identi...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: binfmtflat: Fixed an integer overflow bug on 32-bit systems. Most of these sizes and counts are capped at 256MB, so the calculations do not result in integer overflows. The “relocs” count also needs to be checked. Otherwise, o...