226378 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: powercap: dtpmcpu: Fixed a NULL pointer dereferencing in getpdpoweruw. The getpdpoweruw function can crash due to a NULL pointer dereferencing when emcpuget returns NULL. This occurs when a CPU becomes unavailable during runtime,...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: nfsd: nfsd4spomustallow must check whether this is a v4 compound request. If the request being processed is not a v4 compound request, then examining the cstate can have undefined results. This patch adds a check to ensure that t...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: iommufd: Fixed the issue where pages were unpinned when an access was present. syzkaller discovered that the calculation of batchlastindex should use ‘startindex’, because when this function is called, the batch is either empt...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: mt76: dma: fixed a memory leak in the mt76dmatxcleanup function. Fixed the memory leak caused by unregistering devices, and ensured that all configured rx queues are always cleaned up during the mt76dmatxcleanup routine...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: blk-mq: Fixed a null pointer dereference in blkmqclearrqmapping. Our syzkaller report identified a null pointer dereference. The root cause is as follows: - blkmqallocmapandrqs: set-tagshctxidx = blkmqallocmapandrqs. -...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Input: gpio-keys – cancels delayed work only in case of GPIO. The gpiokeys module can accept gpios or interrupts. The module initializes delayed work only in case of gpios and is only used if the debounce timer is not used...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: A double-free operation in siparsepowertable has been fixed. In the function siparsepowertable, the array adev-pm.dpm.ps and its members are allocated. If the allocation of each member fails, the array itself is freed...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: fix UAF in hugetlbhandleuserfault The vmalock and hugetlbfaultmutex are removed before handling userfault, and reacquired again after handleuserfault. However, reacquiring the vmalock could lead to a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: x86/entry: Clear X86FEATURESMAP when CONFIGX86SMAP=n Commit 3c73b81a9164 “x86/entry, selftests: Further improve user entry sanity checks” added a warning if AC is set when in the kernel. Commit 662a0221893a3d “x86/entry: Fix A...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Use rawsmpprocessorid instead of smpprocessorid. The following call trace was observed: localhost kernel: nvme nvme0: NVME-FC0: controller connect complete localhost kernel: BUG: Using smpprocessorid in preemptible...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: comedi: pcl812: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: c if 1 options1 & board-irqbits However, it-optionsi is an unchecked int value from userspace, so the shift amount...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-6.1, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211gtkrekeyadd is called, and ieee80211gtkrekeyadd returns 0 due to KRACK protection identical key reinstall, ieee80211gtkrekeyadd will still return a pointer to the key...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: cxl/port: Fixed the issue where parentport was used after freeing it in cxldetachep. The cxldetachep function is called during the bottom-up removal process when all CXL memory devices beneath a switch port have been removed...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed an out-of-band issue in ntfslistxattr. The length of a name cannot exceed the space occupied by “ea”...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: cookiehmacalg: avoid using current-nsproxy As mentioned in a previous commit of this series, using the net structure via current is not recommended for various reasons: - Inconsistency: obtaining information from th...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Bonding: Fixed a NULL dereference of the struct bonding.rrtxcounter member. This issue occurs because if a bond is created with an initial mode != zero Round Robin, the memory required for the counter is never allocated. When the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: BPF: Disabling migration in nfhookrunbpf. Syzbot reported that the netfilter BPF program can be called without disabling migration in the xmit path. Then, the assertion in bpfprogrun fails, triggering a crash below. 0 Let’s use...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: powerpc/qspinlock: Fixed deadlock in the MCS queue. If an interrupt occurs in queuedspinlockslowpath after we increment qnodesp-count and before node-lock is initialized, another CPU may see stale lock values in gettailqnode. ...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net/smc: Fixed the LGR and link use-after-free issue. We encountered a use-after-free issue with the LGR/link reference count. This issue manifested when the LGR/link reference count reached 0 prematurely and entered a clearin...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ima: Handle error code returned by imafilterrulematch In imamatchRules, if imafilterruleMatch returns -ENOENT due to the rule being NULL, the function incorrectly skips the if !rc check and sets result = true. The LSM rule is...