226311 matches found
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed the use-after-free bug. This bug can be triggered by sending a single amdgpugemuserptrioctl command to the AMDGPU DRM driver on any ASICs with an invalid address and size. The bug was reported by Joonkyo Jung...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: fixed the call order in amdgputtmmove v2. This resolves issue with drm/amdgpu: fixing the ftrace event where amdgpuboMove always moves objects on the same heap. The fundamental problem is that after the move, the o...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: crypto: sun8i-ce-cipher – Fixed error handling in sun8icecipherprepare. Fixed two DMA cleanup issues on the error path in sun8icecipherprepare: 1. If dmamapsg fails for areq-dst, the device driver will attempt to free DMA memo...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: md: Do not set mddev’s private field to NULL in raid0 with pers-free. In a normal stop process, the following sequence of operations occurs: domdstop | mdstop pers-free; mddev-private=NULL | mdfree free mddev The mdstop function...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fix tailcallreachable rejection for interpreter when jit failed During testing of f263a81451c1 “bpf: Track subprog poke descriptors correctly and fix use-after-free” under various failure conditions, for example, when...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rustbinder: Calling setnotificationdone without holding the proc lock. Consider the following sequence of events when a death listener is triggered: 1. The remote process dies and sends a BRDEADBINDER message. 2. The local proces...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fs/namespace: The reference leak in grabrequestedmntns has been fixed. lookupmntns already takes a reference to mntns. grabrequestedmntns does not need to take an additional reference...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: nfs: Clean up /proc/net/rpc/nfs when nfsfsprocnetinit fails. The syzbot reported a warning below 1 after a fault injection in nfsfsprocnetinit. 0 When nfsfsprocnetinit fails, /proc/net/rpc/nfs is not removed. Later, rpcprocexit...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ALSA: hda: Fixed an error related to the names of surround channels in version 9.1. The getlineoutpfx function may trigger an error due to overflowing a static array with more than 8 channels. This issue was reported on...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: A upper bound check has been added to user inputs in the signal ioctl function. Large input values in amdgpuuserqsignalioctl can lead to a Out-of-Memory OOM condition, and this vulnerability could be exploited...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Avoid leaking tags when processing the OPCINBSETCONTROLLERCONFIG command. The tags allocated for the OPCINBSETCONTROLLERCONFIG command need to be freed when we receive the response...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bpf: Sleepable kprobemulti programs are rejected during attachment. kprobe.multi programs run in atomic/RCU contexts and cannot sleep. However, bpfkprobemultilinkattach did not validate whether the program being attached had the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: i2c: piix4: Fix the issue where the adapter is not removed in piix4remove. In piix4probe, the piix4 adapter will be registered in piix4probe. This involves calling piix4addadapterssb800 or piix4addadapter. Both functions are part...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: ntbnetdev: The ntbnetdevrxhandler function should now be modified to call netifrx instead of calling ntbnetdevrxhandler. The following message is emitted when using the idxd DSA dmaengine as the data transfer mechanism for...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: The ctx variable is initialized to avoid a memory allocation error. It is possible that the ctx variable in nfqnlbuildpacketmessage could be used before it is properly initialized. This initialization i...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Check for null before removing sysfsattrs. If coretempaddcore encounters an error, pdata-coredataindx is already NULL and has been freed. Do not pass this value to sysfsremovegroup, as it will cause a crash in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: drm/vmwgfx: Fixed a nullptr access in the cursor snooper. Checked that the resource, which is converted to a surface, exists before trying to use the cursor snooper on it. vmwcmdrescheck allows explicit invalid identifiers e.g...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: afs: Fixed a potential null pointer dereferencing in afaPutServer. afaPutServer accesses server-debugid before a NULL check is performed, which could lead to a null pointer dereferencing. The assignment of debugid has been mov...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fixed a use-after-free in inet6addrdel. syzbot reported a use-after-free of inet6ifaddr in inet6addrdel. 0 The referenced commit accidentally moved ipv6deladdr for mngtmpaddr before reading its ifp-flags for temporary...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking The current implementation uses biasPadEnable as a reference count to manage the shared bias pad for all UTMI PHYs. However, during system suspension with connecte...