226319 matches found
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcicodec: Fixed leaking content of localcodecs The following memory leak can be observed when the controller supports codecs that are stored in the localcodecs list, but the elements are never freed: Unreferenced...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: media: irtoy: fix a memleak in irtoytx. When irtoycommand fails, the buffer should be freed, as it is allocated by irtoytx; otherwise, there may be a memleak...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mmc: mmci: stm32: fixed the warning regarding overlapping mappings in the DMA API. Enabling the CONFIGDMAAPIDEBUGSG option results in the following warning: DMA-API: mmci-pl18x 48220000.mmc: cacheline tracking EEXIST; overlapping...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: sis: An error will occur if pixclock equals zero. The user-space program can pass any values to the driver through the ioctl interface. If the driver does not check the value of pixclock, it may lead to a divide-by-zero...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: l2tp: Pass the correct message length to ip6.AppendData. l2tpip6sendmsg needs to avoid accounting for the transport header twice when splicing more data into an already partially-occupied skbuff. To address this issue, we chec...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fixed a race condition between bpftimercancelandfree and bpftimercancel. This race condition could lead to a UAF Use-After-Free error involving the timer-timer variable. Here’s the detailed explanation: In bpftimer...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: iio: Magnetometer: rm3100 – added a boundary check for the value read from RM3100REGTMRC. Recently, we encountered a kernel crash in the function rm3100commonprobe, caused by out-of-bound access to the array rm3100samprates due t...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: tipc: Check the bearer type before calling tipcudpnlbeareradd syzbot reported the following general protection fault 1: General protection fault, likely for non-canonical address 0xdffffc0000000010: 0000 1 PREEMPT SMP KASAN...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: Fixed an illegal access to rmbdesc during SMC-D connection dumping. A crash was detected when dumping SMC-D connections. This issue can be reproduced by performing the following steps: 1. Run the nginx/wrk test: smcrun...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
A vulnerability was reported in the Open vSwitch sub-component of the Linux kernel. The flaw occurs when a recursive operation of the code push calls into the code block recursively. The OVS module does not validate the stack depth, causing too many frames to be pushed onto the stack, leading to ...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A memory write flaw that is outside the bounds of the system’s security was discovered in the Linux kernel’s Transport Layer Security functionality. This flaw allows a local user to cause a crash or potentially escalate their privileges on the system...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A race condition was detected in the GSM 0710 tty multiplexor within the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled. It can lead to a use-after-free issue with the struct gsmdlci during the...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: In the tty subsystem, for the ngsm module, a race condition occurred during the modification of the status line of a dead connection. The gsmcleanupmux function cleans up the GSM-related resources by closing all Data Link Control...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: crypto: lib/mpi – Fixed unexpected pointer access in mpiecinit When the mpiecctx structure is initialized, some fields are not cleared, resulting in a crash when referencing those fields after the structure is released. Initially...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: ath9k: Fixed a potential array-index-out-of-bounds read in ath9khtctxstatus. The bug occurs when txs-cnt—data from a URB provided by a USB device—is larger than the size of the array txs-txstatus, which is HTCMAXTXSTATUS...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: net: nfc: fixed races in nfcllcpsockget and nfcllcpsockgetsn Sili Luo reported a race condition in nfcllcpsockget, which could lead to UAF Use-after-Allocation. The process of acquiring a reference to the socket found during a...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: HID: logitech-hidpp: Fixed a kernel crash when the USB connection is disconnected. The function hidppconnectevent experiences four times-of-check versus-time-of-use TOCTOU races when it races with itself. hidppconnectevent...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Binder: Fix for use-after-free in shinker’s callback The mmap read lock is used during shinker’s callback, which means that using the alloc-vma pointer is not safe, as it could lead to a race condition with munmap. As of commit...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fixed a memory leak in seg6hmacinitalgo. seg6hmacinitalgo returns without cleaning up previously allocated memory. If this happens, all that memory will be leaked, potentially causing issues with crypto-related function...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Fixed the sanity check on ixattrnid in sanitycheck inode. syzbot reports a kernel bug as follows: F2FS-fs loop0: Mounted with checkpoint version = 48b305e4 ========================================== BUG: KASAN:...