226376 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: tty: serial: samsungtty: Fixed a memory leak in s3c24xxSerialGetClk in case of an error. If clkgetrate fails, the clock that has just been allocated needs to be freed...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Avoid use-after-free in dbg for hciaddadvmonitor KSAN reports a use-after-free in hciaddadvmonitor. When adding an adv monitor, hciaddadvmonitor calls msftaddmonitorpattern, which in turn calls...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fixed a use-after-free in l2capdisconnectreq,rsp. Similar to the issue reported in commit d0be8347c623 "Bluetooth: L2CAP: Fix use-after-free caused by l2capchanput", use l2capchanholdunlesszero to prevent...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: kcm: Fixed error handling for SOCKDGRAM in kcmsendmsg. Syzkaller identified a memory leak in kcmsendmsg, and the commit c821a88bd720 "kcm: Fix memory leak in the error path of kcmsendmsg" suppressed this issue by updating...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ina2xx: avoid NULL pointer dereference on OF device match The affected lines resulted in a NULL pointer dereference on our platform because the device tree contained the following list of compatible strings:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: netlink: Annotate lockless accesses to nlk-maxrecvmsglen. syzbot reported a data race in netlinkrecvmsg. Indeed, netlinkrecvmsg can be executed concurrently, and netlinkdump also requires protection. 1 Bug: KCSAN: Data race in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: netlink: Do not hard code the device address length in fdb dumps. syzbot reports that some netdev devices do not have a six-byte address. Replace ETHALEN with dev-addrlen. 1 In cases where dev-addrlen = 4 BUG: KMSAN:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/i915: The issue of NULL pointer dereferencing was fixed by checking newcrtcstate. intelatomicgetnewcrtcstate may return NULL, unless the crtc state was obtained previously using intelatomicgetcrtcstate. Therefore, we must che...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: nvme-core: fixed a memory leak in dhchapsecretstore Free the dhchapsecret in nvmectrldhchapsecretstore before returning. Fixed the following kmemleak: Unreferenced object 0xffff8886376ea800 size 64: Command "check", PID 22048,...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: In md/raid10, the issue of null-ptr-deref in raid10syncrequest has been fixed. In initresync, the mempool is initialized, and conf-havereplacemnt is set to 0 at the beginning of the sync process. closesync frees the mempool when...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: media: mdp3: Fixed resource leaks in offinddevicebynode. Use putdevice to release the object obtained through offinddevicebynode, thereby avoiding resource leaks...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ubifs: A memory leak has been fixed in the dorename function. When renaming a file in an encrypted directory, the function fscryptsetupfilename allocates memory for a file name. This name is never used, and before returning to th...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb: phy: phy-tahvo: fix memory leak in tahvousbprobe Suggestions: drivers/usb/phy/phy-tahvo.c: tahvousbprobe Warning: Missing unwind goto? After obtaining the IRQ, if ret 0, it will return without error handling, freeing up...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dp: Only trigger DRM HPD events if the bridge is attached. The MediaTek DisplayPort interface bridge driver starts its interrupts as soon as it is probed. However, when the interrupts are triggered, the bridge might...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net/smc: Resetting connections when attempting to use SMCRv2 fails. We identified a crash when using SMCRv2 with 2 Mellanox ConnectX-4 devices. This issue can be reproduced by running the following commands: - smcrun nginx -...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/i915/dpt: Treat the DPT BO as a framebuffer. Currently, i915gemobjectisframebuffer does not treat the BO containing the DPT as a framebuffer itself. This means that the shrinker can evict the DPT BO while leaving the actual F...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ALSA: hda: Fixed an error related to the names of surround channels in version 9.1. The getlineoutpfx function may trigger an error due to overflowing a static array with more than 8 channels. This issue was reported on...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: cifs: preventing use-after-free by freeing the cfile later. In smb2compoundop, there is a potential use-after-free that may lead to difficult debugging issues in the future. This issue was identified during stress testing with th...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fixed task leakage in pm8001sendabortall In pm8001sendabortall, ensure that the allocated SAS task is freed if pm8001tagalloc or pm8001mpibuildcmd fails...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Fuse: Fixed a livelock issue in synchronous file put operations performed by fuseblk workers. I observed a hang when running the generic/323 test against a fuseblk server. This test creates a file, initiates multiple AIO writes t...