4330 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fixed the race condition involving the deleteendpoint function and the unregistration of parent ports. The CXL subsystem establishes a lineage of ports struct cxlport objects between an endpoint and the root of a CXL...
Astra Linux – Vulnerability in Linux 5.15
A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw occurs during the processing of SMB2SESSIONSETUP and SMB2LOGOFF commands. The issue arises due to the lack of proper locking when performing operations on an object. An...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: systemport: Added global locking for the descriptor lifecycle. The descriptor list is a shared resource across all transmit queues. The locking mechanism currently used only protects concurrency within a given transmit queue...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: NFS: Fixed the issue with nfsnetfsissueread’s xarray locking for writeback interrupts. The loop within nfsnetfsissueread currently does not disable interrupts while iterating through the pages in the xarray to submit NFS read...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: ISO: Fixed issues related to locking and validity checks for isoconn. sk-skstate indicates whether isopisk-conn is valid. Operations that check or update skstate and access conn should hold locksock; otherwise, they...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: interconnect: Fixed locking issues for runpm vs. reclaim For cases where iccbwset can be called in callbaths that may lead to deadlocks with shrinker/reclaim, such as during runpm resume, we need to separate the icc locking...
Astra Linux – Vulnerability in Mariadb 10.3
MariaDB Server before version 10.7 is vulnerable to Denial of Service attacks. In the file extra/mariabackup/dscompress.cc, when an error occurs i.e., transitioning to the err label during the execution of the createworkerthreads method, the held lock thd-ctrlmutex is not released properly. This...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bpf: Consider the return from setmemoryrox when using bpfjitbinarylockro setmemoryrox may fail, leaving memory unprotected. Check the return value and bail out if bpfjitbinarylockro returns an error...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed a memory leak in the LRU and LRUPERCPU hash maps The LRU and LRUPERCPU maps allocate a new element during updates, before locking the target hash table bucket. Immediately afterwards, the maps attempt to lock the bucke...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tptunnelregister When a file descriptor of the pppol2tp socket is passed as a file descriptor of the UDP socket, a recursive deadlock occurs in l2tptunnelregister. This situation can b...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix recursive locking directmutex in ftracemodifydirectcaller Naveen reported recursive locking of directmutex with sample ftrace-direct-modify.ko: 74.762406 WARNING: possible recursive locking detected 74.762887 6.0.0-rc...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In multiple functions of iouring.c, there is a possibility of kernel memory corruption due to improper locking. This could lead to a local escalation of privileges in the kernel, as execution privileges are required. User interaction is not necessary for exploiting this vulnerability...
Astra Linux – Vulnerability in Linux 5.15
A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw exists in the processing of SMB2SESSIONSETUP commands. The issue arises due to the lack of proper locking when performing operations on an object. An attacker can exploit...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: “aoe”: avoided potential deadlock at “setcapacity”. “setcapacity” has been moved outside of the section protected by &d-lock. This prevents possible unsafe locking scenarios due to interrupts. Here’s the sequence of events: 1...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fixed the lock ordering in btrfszoneactivate The btrfs CI reported a lockdep warning as follows when running generic/129. WARNING: A circular locking dependency was detected. 6.7.0-rc5+ 1 Not tainted...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: cxl/ras: Fixed the device confusion related to the CPER handler. Upon inspection, the cxlcperhandleproterr function makes several fragile assumptions that can lead to crashes: 1. It assumes that the endpoints identified in the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: phy: Transfer phyconfiginband has the responsibility of acquiring &phylink Problem description =================== Lockdep reports a possible circular locking dependency AB/BA between &pl-statemutex and &phy-lock, as follows...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: gtp: Fixed a use-after-free in gtpencapdestroy. syzkaller reported a use-after-free in gtpencapdestroy. The same process freed “sk” and accessed it illegally. The commit e198987e7dd7 “gtp: fix suspicious RCU usage” added...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: USB: core: Prevent nested device-reset calls Automatic kernel fuzzing revealed a recursive locking violation in usb-storage. ============================================ WARNING: Possible recursive locking detected 5.18.0 3 No...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: powerpc/pci: Fixed the locking behavior of getphbnumber. The recent change to getphbnumber causes a DEBUGATOMICSLEEP warning on some systems: - Bug: A sleeping function is called from an invalid context at...