226368 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: memblock: The memory allocated before it is used in memblockdoublearray was accepted. When increasing the array size in memblockdoublearray, if the slab is not yet available, a call to memblockfindinrange is used to...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ACPI: sysfs: validate return type of STR method Only buffer objects are valid return values of STR. If anything else is returned by descriptionshow, it will access invalid memory...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: core: Check for unset descriptor Ensure that the descriptor has been set before checking maxpacket. This fixes a null pointer panic in this case. This issue may occur if the gadget does not properly set up the endpoi...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: dm-integrity: A memory leak was fixed when rechecking the data. The memory allocated for the “checksums” pointer will be leaked if the data is rechecked after a checksum failure because the associated kfree operation will not occ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix race between freeswapandcache and swapoff There was previously a theoretical scenario where swapoff could execute and tear down the swapinfostruct while a call to freeswapandcache was running in another thread. This...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: sfc: Null dereferencing in ef100processdesignparam has been fixed. Since the referenced commit, ef100probemain and therefore ef100checkdesignparams are executed before efx-netdev is created. As a result, we cannot use...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: Use cpuhpstateremoveinstancenocalls instead of cpuhpstateremoveinstance so that the notifications do not execute after the PMU device has been unregistered. When removing a ‘hisihns3’ PMU, we accidentally ran...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix skbput panic on non-linear skb during reassembly In iptfsreassemcont, IP-TFS attempts to append data to the new inner packet ‘newskb’ that is being reassembled. First, a zero-copy approach is tried; if it succeed...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxrproc: Skip over the memory region when the node value is NULL In imxrprocaddrinit, the function “nph = ofcountphandlewithargs” simply counts the number of phandles. However, the phandles may be empty. Therefore, t...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: ipv6: prevented possible NULL dereference in rt6probe syzbot detected a NULL dereference in rt6probe 1 Escape if in6devget returns NULL. 1 Oops: general protection fault, likely due to an invalid address 0xdffffc00000000cb: 00...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ext4: Only dirty folio entries are marked when regular files are journaled. The fstest generic/388 test occasionally causes a crash that appears as follows: BUG: The kernel dereferes a NULL pointer; address: 0000000000000000… …...
Astra Linux – Vulnerability in Linux, Linux 5.10
A flaw was discovered in the s390 eBPF JIT mechanism within bpfjitinsn in the arch/s390/net/bpfjitcomp.c file of the Linux kernel. In this flaw, a local attacker with special user privileges can bypass the verifier, potentially leading to confidentiality issues...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: s390/dasd: fixed error checks in dasdcopypairstore In dasdaddbusid, an error can be returned via ERRPTR if an allocation fails. However, two calls within dasdcopypairstore do not check the result, potentially leading to a NULL...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: smb: client: fixed a potential use-after-free in smb2queryinfocompound When smb2QueryInfoCompounded attempts to retry, the previously allocated cfid might have been freed during the first attempt. Since the cfid was not reset...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: scsi: mpi3mr: Issues in mpi3mrgetalltgtinfo have been fixed. The function mpi3mrgetalltgtinfo has four issues: 1. It calculates the valid entry length in alltgtinfo assuming that the header part of the struct mpi3mrdevicemapin...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ACPI: Tables: FPDT: Do not call acpiosmapmemory on an invalid physical address. On a Packard Bell Dot SC Intel Atom N2600 model, there is an FPDT table containing invalid physical addresses, with high bits set that fall outside t...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: tty: xilinxuartps: split sysrq handling The lockdep tool detected the following circular locking dependencies: CPU 0 CPU 1 ========================== ============================ cdnsuartisr printk uartportlockport consolelock...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fixed a null pointer dereference in ext4raw inode If ext4getinodeloc fails e.g., if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattr inodedecrefall lacks error checking, this will lead to a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: nvme-fc: The use of lock access to portstate and rportstate was corrected. nvmefcunregisterremote removes the remote port from an lport object at any time when there is no active association. This issue conflicts with the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: VLAN: Enforcing the underlying device type Currently, VLAN devices can be created on top of non-Ethernet devices. Aside from the fact that this approach doesn’t make much sense, it also causes a bug that leads to the leakage of t...