226327 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cxl/pmem: Fixed race conditions related to nvdimm registration. A loop of the form: c while true; do modprobe cxlpci; modprobe -r cxlpci; done …fails with the following crash message: BUG: Kernel NULL pointer dereference, address...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: fix filter idr initialization The referenced commit moved the idr initialization too early in flchange, which allows concurrent users to access the filter that is still being initialized and is in an inconsiste...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: “aoe”: The potential use-after-free problem has been fixed in multiple locations. Regarding the fix for CVE-2023-6270, f98364e92662 “aoe: The potential use-after-free problem has been fixed in aoecmdcfgpkts” involves replacing...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Added a encoder check in hdcp2getcapability. Also added a encoder check in intelhdcp2getcapability to avoid null pointer errors...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ubifs: Fixed a memory leak when insertoldidx failed. The following process will cause a memory leak for the copied znode: dirtycowznode zn = copyznodec, znode; err = insertoldidxc, zbr-lnum, zbr-offs; if unlikelyerr return...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: perf/arm-cmn: Rejects unsupported hardware configurations. So far, we have been fairly lenient in accepting both unknown CMN models at least with a warning, as well as unknown revisions of those models that we do know about...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: cachefiles: Cyclic allocation of msgid to avoid reuse. Reusing the msgid after a maliciously completed reopen request may cause a read request to remain unprocessed, resulting in a hung task, as shown below: t1 | t2 | t3...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: libbpf: Use of the OPTSSET macro in bpfxdpquery When the featureFlags and xdpzcmaxsegs fields were added to the libbpf bpfxdpQueryOpts structure, the code that wrote these fields did not use the OPTSSET macro. This causes libbpf ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Thunderbolt: Fixed a memory leak in margining. The memory associated with usb4-margining also needs to be freed for the upstream port of the router. This issue is fixed even though the debugfs directory is freed when the route...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed an off-by-one error in the dosplit function. Syzkaller identified a use-after-free issue in ext4insertdentry, which was caused by out-of-bounds accesses due to incorrect splitting in dosplit. BUG: KASAN: Use-after-fre...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Memory: renesas-rpc-if – fixed the platform-device leak in the error path. Make sure the flash platform device is freed if registration fails during the probe...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix for NPE during rxcomplete. There is a missing validation of usbnetgoingaway in the critical path. The usbsubmiturb function lacks this validation, while usbnetqueueskb includes this check. This inconsistency causes a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mt76: mt7915: fixed a possible NULL pointer dereferencing in mt7915macfillrxvector. Fixed a possible NULL pointer dereferencing in mt7915macfillrxvector if the chip does not support dbdc and the hardware reports bandidx set to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: “arm64: zynqmp: Add an OP-TEE node to the device tree” This issue has been resolved through the commit 06d22ed6b6635b17551f386b50bb5aaff9b75fbe. OP-TEE logic in U-Boot automatically inserts a reserved-memory node along with the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/panel: A possible null pointer dereference in jdipaneldsiremove has been fixed. In jdipaneldsiremove, jdi is explicitly checked, indicating that it may be NULL: c if !jdi mipidsidetachdsi; However, when jdi is NULL, the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: hi846: Fixed a memory leak in hi846initcontrols The hi846initcontrols function does not clean up the allocated ctrlhdlr resources in case of a failure, which leads to a memory leak. Added v4l2ctrlhandlerfree to properly fr...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Added conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor such as QEMU. Existing mitigations already protect the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/pagewalk: fixed a race condition between concurrent operations involving splitting PUD entries and refaulting PUD leaf entries. The splitting of a PUD entry in walkpudrange can cause a race with a concurrent thread that refaul...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fs/namespace: The reference leak in grabrequestedmntns has been fixed. lookupmntns already takes a reference to mntns. grabrequestedmntns does not need to take an additional reference...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fix tailcallreachable rejection for interpreter when jit failed During testing of f263a81451c1 “bpf: Track subprog poke descriptors correctly and fix use-after-free” under various failure conditions, for example, when...