226369 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Fixed a dangling pointer in krbauthenticate. krbauthenticate frees sess-user and does not set the pointer to NULL. It calls ksmbdkrb5authenticate to reinitialise sess-user, but that function may return without doing so...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ext4: Only dirty folio entries are marked when regular files are journaled. The fstest generic/388 test occasionally causes a crash that appears as follows: BUG: The kernel dereferes a NULL pointer; address: 0000000000000000… …...
Astra Linux – Vulnerability in Linux, Linux 5.10
A flaw was discovered in the s390 eBPF JIT mechanism within bpfjitinsn in the arch/s390/net/bpfjitcomp.c file of the Linux kernel. In this flaw, a local attacker with special user privileges can bypass the verifier, potentially leading to confidentiality issues...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: s390/dasd: fixed error checks in dasdcopypairstore In dasdaddbusid, an error can be returned via ERRPTR if an allocation fails. However, two calls within dasdcopypairstore do not check the result, potentially leading to a NULL...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: smb: client: fixed a potential use-after-free in smb2queryinfocompound When smb2QueryInfoCompounded attempts to retry, the previously allocated cfid might have been freed during the first attempt. Since the cfid was not reset...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: scsi: mpi3mr: Issues in mpi3mrgetalltgtinfo have been fixed. The function mpi3mrgetalltgtinfo has four issues: 1. It calculates the valid entry length in alltgtinfo assuming that the header part of the struct mpi3mrdevicemapin...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ACPI: Tables: FPDT: Do not call acpiosmapmemory on an invalid physical address. On a Packard Bell Dot SC Intel Atom N2600 model, there is an FPDT table containing invalid physical addresses, with high bits set that fall outside t...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: tty: xilinxuartps: split sysrq handling The lockdep tool detected the following circular locking dependencies: CPU 0 CPU 1 ========================== ============================ cdnsuartisr printk uartportlockport consolelock...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fixed a null pointer dereference in ext4raw inode If ext4getinodeloc fails e.g., if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattr inodedecrefall lacks error checking, this will lead to a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: nvme-fc: The use of lock access to portstate and rportstate was corrected. nvmefcunregisterremote removes the remote port from an lport object at any time when there is no active association. This issue conflicts with the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: VLAN: Enforcing the underlying device type Currently, VLAN devices can be created on top of non-Ethernet devices. Aside from the fact that this approach doesn’t make much sense, it also causes a bug that leads to the leakage of t...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent buffer overflow crashes in debugfs due to malformed user input. Malformed user input to debugfs can lead to buffer overflow crashes. It is necessary to adjust the length of the input string to fit within the...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: discard write access to the directory open The mayopen function does not allow a directory to be opened with write access. However, some writing flags set by clients result in adding write access on the server, making ksmb...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix cryptofreeacomp deadlock in zswapcpucompdead Currently, zswapcpucompdead calls cryptofreeacomp while holding the per-CPU acompctx mutex. cryptofreeacomp then holds the scomplock through cryptoexitscompopsasync. On...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: phy: rockchip: inno-usb2: A double-free bug has been fixed in rockchipusb2phyprobe. The foreachavailablechildofnode function calls ofnodeput to release the child NPN in each successful loop. After exiting the loop when the child...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: libbpf: Handling of size overflow for ringbuf mmap The maximum size of a ringbuf on an x86-64 host is 2GB. Therefore, 2 maxentries will cause an overflow of type u32 when mapping producer pages and data pages. Simply casting...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: The zero-initialize of the eb.vma array in i915gemdoexecbuffer was corrected. The eb.vma array is initialized with values of 0 when the eb structure is first set up. Specifically, this sets the eb-vmai.vma pointers ...
Astra Linux – Vulnerability in Linux 5.15
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: can: pchcan; pchcanrxnormal: fix use after free After calling netifreceiveskbskb, dereferencing the skb is unsafe. In particular, the canframe field, which aliases memory of type skb, is dereferenced just after the call to...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fixed the crash caused by hcisuspendsync. If hciunregisterdev frees the hcidev object, but hcisuspendnotifier may still access it, this can cause the program to crash. Here is the call trace: 102152.653246 Call Trace:...