226319 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: procfs: Fixed a possible double mmput operation in doprocmapquery. When a user provides a buffer of incorrect size for the PROCMAPQUERY build ID, we return an -ENAMETOOLONG error. After recent changes, this condition occurs later...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: fixed an issue where access to the vnicinfo array was out of range. The bnxtqueuestart | stop access allocates vnicinfo, which indicates bp-nrvnics. Therefore, it should not access bp-vnicinfobp-nrvnics...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Driver: iio: added missing checks for callback accesses in iioinfo. Some callbacks from the iioinfo structure are accessed without any checks. Therefore, if a driver does not implement these callbacks, attempting to access the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: powerpc/64s: Fixed the program check interrupt emergency stack path issue. The emergency stack path was jumping into a 3: label within the GENCOMMONBODY macro for the normal path after it had finished, rather than jumping over...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: can: pchcan; pchcanrxnormal: fix use after free After calling netifreceiveskbskb, dereferencing the skb is unsafe. In particular, the canframe field, which aliases memory of type skb, is dereferenced just after the call to...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fixed the crash caused by hcisuspendsync. If hciunregisterdev frees the hcidev object, but hcisuspendnotifier may still access it, this can cause the program to crash. Here is the call trace: 102152.653246 Call Trace:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: us144mkii: fixed NULL dereferencing when interface 0 is missing. A malicious USB device with the TASCAM US-144MKII device ID may have a configuration where bInterfaceNumber=1, but there is no interface 0. USB...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed the issue where dcc-f2fsissuediscard was not invalidated during the error path. Syzbot reports a NULL pointer dereference issue as follows: refcountadd include/linux/refcount.h:193 inline refcountinc...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: iommu/amd: Serialize sequence allocation under concurrent TLB invalidations. With concurrent TLB invalidations, the completion wait time might randomly time out. This occurs because the cmdsemval field was incremented outside ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed an infinite loop caused by resetting nextsmb2rcvhdroff during error paths. The issue occurs when a signed request fails the smb2 signature verification check. In processrequest, if checksignreq returns an error,...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: - In the net subsystem, sfc: added missing xdp queue reinitialization after changing the rx/tx ring buffer size. When acting as XDPTX or XDPREDIRECT, the kernel panics if the xdp queues are not reinitialized properly...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: XDP: Use the flags field to disambiguate broadcast redirections When redirecting a packet using XDP, the bpfredirectmap helper function sets the redirection destination information in the struct bpfredirectinfo structure using th...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/hpre – fixed a resource leak in the remove process. In hpreremove, when the disable operation of qm sriov fails, the following logic should continue to be executed to release the remaining resources that have be...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ntfs: Fixed a panic caused by a slab-out-of-bounds condition in ntfslistxattr Here is a bug report from syzbot: BUG: KASAN: Slab-out-of-bounds in ntfslistea fs/ntfs3/xattr.c:191 inline BUG: KASAN: Slab-out-of-bounds in...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: dmaengine: zynqmpdma: In struct zynqmpdmachan, the descsize data type was fixed. In the zynqmpdmaalloc/freechanresources functions, there is a potential overflow in the following expressions: dmaalloccoherentchan-dev, 2...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: f2fs: Fixed an issue where dirty data was not accounted in getsecsrequired. This could trigger a system panic in certain test cases. ------------ Cut here ------------ Kernel bug at fs/f2fs/segment.c:2752! RIP:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: smb: client: fixed a potential use-after-free in smb2queryinfocompound When smb2QueryInfoCompounded attempts to retry, the previously allocated cfid might have been freed during the first attempt. Since the cfid was not reset...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: az6007: Fixed nullptrderef in az6007i2cxfer In az6007i2cxfer, msg is controlled by the user. When msgi.buf is null and msgi.len is zero, previous checks on msgi.buf will still be performed. Malicious data will eventually...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ext4: Only dirty folio entries are marked when regular files are journaled. The fstest generic/388 test occasionally causes a crash that appears as follows: BUG: The kernel dereferes a NULL pointer; address: 0000000000000000… …...
Astra Linux – Vulnerability in Linux, Linux 5.10
A flaw was discovered in the s390 eBPF JIT mechanism within bpfjitinsn in the arch/s390/net/bpfjitcomp.c file of the Linux kernel. In this flaw, a local attacker with special user privileges can bypass the verifier, potentially leading to confidentiality issues...