226368 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent buffer overflow crashes in debugfs due to malformed user input. Malformed user input to debugfs can lead to buffer overflow crashes. It is necessary to adjust the length of the input string to fit within the...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: discard write access to the directory open The mayopen function does not allow a directory to be opened with write access. However, some writing flags set by clients result in adding write access on the server, making ksmb...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix cryptofreeacomp deadlock in zswapcpucompdead Currently, zswapcpucompdead calls cryptofreeacomp while holding the per-CPU acompctx mutex. cryptofreeacomp then holds the scomplock through cryptoexitscompopsasync. On...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: phy: rockchip: inno-usb2: A double-free bug has been fixed in rockchipusb2phyprobe. The foreachavailablechildofnode function calls ofnodeput to release the child NPN in each successful loop. After exiting the loop when the child...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: libbpf: Handling of size overflow for ringbuf mmap The maximum size of a ringbuf on an x86-64 host is 2GB. Therefore, 2 maxentries will cause an overflow of type u32 when mapping producer pages and data pages. Simply casting...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: The zero-initialize of the eb.vma array in i915gemdoexecbuffer was corrected. The eb.vma array is initialized with values of 0 when the eb structure is first set up. Specifically, this sets the eb-vmai.vma pointers ...
Astra Linux – Vulnerability in Linux 5.15
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: can: pchcan; pchcanrxnormal: fix use after free After calling netifreceiveskbskb, dereferencing the skb is unsafe. In particular, the canframe field, which aliases memory of type skb, is dereferenced just after the call to...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fixed the crash caused by hcisuspendsync. If hciunregisterdev frees the hcidev object, but hcisuspendnotifier may still access it, this can cause the program to crash. Here is the call trace: 102152.653246 Call Trace:...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: The issue of the refcount leak in the PCI device during radeonatrmgetbios has been fixed. According to the comments on pcigetclass, it returns a pcidevice with its refcount being incremented. Additionally, the refcoun...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
A issue was discovered in the Linux kernel before version 6.0.11. A missing offset validation in the driver/net/wireless/microchip/wilc1000/hif.c file within the WILC1000 wireless driver can lead to an out-of-bounds read during the parsing of a Robust Security Network RSN information element from...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: The netlink notifier might race to release objects. The commit release path is invoked via callrcu, and it runs without locking to release the objects after the rcu grace period. The netlink notifier handler...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: tracing/trigger: Fixed to return an error if attempting to allocate a snapshot fails. registersnapshottrigger function was fixed to return an error code if it fails to allocate a snapshot, instead of returning 0 success. Otherwis...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Avoid memcpy field-spanning write warnings When the “storcli2 show” command is executed for eHBA-9600, the mpi3mr driver prints this warning message: memcpy: A field-spanning write size 128 was detected in the singl...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Block layer: Fixed handling of offline queues in blkmqallocrequesthctx. This patch prevents the test nvme/004 from triggering the following issues: - UBSAN: Array index out of bounds in block/blkmq.h:135:9. The index 512 is out o...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: perf/armdmc620: Fixed the hotplug callback leak in dmc620pmuinit. The dmc620pmuinit function does not remove the callback added by cpuhpsetupstatemulti when platformdriverregister fails. The callback must be removed by...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Added a null pointer check for dpuencoderneedsmodeset. The drmatomicgetnewconnectorstate function may return NULL if the connector is not part of the atomic state. A check was added to prevent a NULL pointer...
Astra Linux – Vulnerability in Linux, Linux 5.10
A vulnerability was discovered in the Linux kernel, where a use-after-free condition could occur in nouveau’s postclose handler if a device is removed. This situation occurs when removing a device—a process that isn’t common for physically removing a video card without shutting down the system...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: - Media: MediTech: vcodec: Added a lock to protect the ctxlist variable, to prevent access to a NULL pointer within the vpudecipihandler function when the ctxlist has been deleted due to an unexpected behavior on the SCP IP...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: pcmcia: Error handling was added for the addinterval function within dovalidatemem. In dovalidatemem, the call to addinterval does not handle errors properly. If kmalloc fails during addinterval, it may result in a null pointer...