226312 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Thermal: intelpowerclamp: Use getcpu instead of smpprocessorid to avoid crashes. When CPU 0 is offline and intelpowerclamp is used to simulate idle state, it causes a kernel bug: Bug: Using smpprocessorid in preemptible 000000...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/mipi-dsi: Detaching devices when removing the host Whenever the MIPI-DSI host is unregistered, the code for mipidsihostunregister loops through every device currently found on that bus and will unregister them. However, it do...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cpufreq: The completion function is called before kobjectinitandadd. In cpufreqpolicyalloc, the uninitialized completion function is called in cpufreqsysfsrelease when kobjectinitandadd fails. This will cause a crash, such as a...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix compose-height boundary issue Syzkaller identified a bug: BUG: Unable to handle page faults for address: ffffc9000a3b1000 PF: Supervisor write access in kernel mode PF: Errorcode0x0002 – Not-present page PGD...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate data run offset This adds sanity checks for the data run offset. We should ensure that the data run offset is valid before attempting to unpack the data; otherwise, we may encounter use-after-free errors or...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: Fixed the return type of netcpndostartxmit With Clang’s Kernel Control Flow Integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to ensure that the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fs/smb/client: fixed an out-of-bounds read in cifssanitizeprepath. When cifssanitizeprepath is called with an empty string or a string containing only delimiters e.g., /, the current logic attempts to check cursor2 - 1 before...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: gpio: aggregator: Protect driver attr handlers against module unload Both newdevicestore and deletedevicestore access module global resources e.g., gpioaggregatorlock. To prevent race conditions during module unloading, a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: caifvirtio: The incorrect pointer check in cfvprobe was fixed. delvqs frees virtqueues. Therefore, the pointer cfv-vqtx should be checked for being NULL before calling delvqs. Instead of checking cfv-vdev, this check is necessary...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: gpio: sifive: Fix the refcount leak in sifivegpioprobe. The function ofirqfindparent returns a node pointer with the refcount incremented. We should use ofnodeput on it when it is no longer needed. Add ofnodeput to avoid the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: enetc: avoid buffer leaks on xdpdoredirect failure Before enetccleanrxringxdp calls xdpdoredirect, each software BD in the RX ring between index origi and i can have one of two refcount values on its page. We are the current...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: perf: RISC-V: Remove PERFHESSTOPPED flag checking in riscvpmustart Since commit 096b52fd2bb4 "perf: RISC-V: throttle perf events", the perfsampleeventtook function was added to report time spent in overflow interrupts. If the...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: do not trust the firmware’s nChannels value. If the firmware sends us a corrupted MCC response where nChannels is much larger than what the command response can handle, we might copy too much uninitialized...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed a slab-use-after-free issue in hdcpwork Why A slab-use-after-free issue was reported when HDCP was destroyed, but the propertyvalidatedwork queue was still running. How The delayed work was canceled when th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/amd: fixed a potential memory leak This patch fixes a potential memory leak clksrc when the function returns NULL at the end of its execution. s/free/kfree/ - Alex...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mld: cancel mloscanstartwk mloscanstartwk is not canceled upon disconnection. In fact, it isn’t canceled anywhere else, except during the restart cleanup, where we don’t actually need to cancel it. This could lead ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net/sched: It has been ensured that teql can only be used as a root qdisc. The design intention of teql is that it should only be used as a root qdisc. Therefore, we need to ensure this constraint is respected. Although not very...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: watchqueue: fix pipe accounting mismatch Currently, watchqueuesetsize modifies the pipe buffers allocated to user-pipebufs, without updating the pipe-nraccounted value on the pipe itself. This occurs due to the if...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fixed the issue with mlx5pollone where the curqp is updated. When curqp is not NULL, in order to avoid fetching the QP from the radix tree again, we check if the next CQE QP is identical to the one we already have...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: can: dev: canrestart: fix use after free bug After calling netifrxniskb, dereferencing the skb is unsafe. In particular, the canframe field, which aliases skb memory, is accessed after the netifrxni function in the line:...