6392 matches found
Astra Linux - уязвимость в libjettison-java
It was discovered that Jettison before version 1.5.2 contained a stack overflow vulnerability through the map parameter. This vulnerability allows attackers to cause a Denial of Service DoS attack by using a specially crafted string...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: bpf: Reject unhashed sockets in bpfskassign The semantics of bpfskassign are as follows: sk = somelookupfunc bpfskassignskb, sk bpfskreleasesk That is, the sk is not consumed by bpfskassign. Therefore, the function must ensure th...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: A leak in mapuserpages was fixed. If getuserpagesfast allocates some pages, but not as many as we wanted, then the current code causes those pages to be leaked. Call putpage on the pages before returning...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: soundwire: Reverted “soundwire: qcom: Add setchannelmap API support”. This reversion is associated with commit 7796c97df6b1b2206681a07f3c80f6023a6593d5. This patch caused issues with Dragonboard 845c sdm845. The issues include...
Astra Linux - уязвимость в linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: x86/mm/identmap: Use GB pages only when the entire GB page should be mapped. When identpudinit uses only GB pages to create identity maps, large ranges of addresses that are not actually requested can be included in the resulting...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm: filemap: fix nrpages calculation overflow in filemapmappages When running stress-ng on my Arm64 machine with v7.0-rc3 kernel, I encountered some very strange crash issues that appeared as “Bad page state”: “ 734.496287 BUG: B...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fixed the double dmabufunpin in the failure path. In ibumemdmabufgetpinnedwithdmadevice, the call to ibumemdmabufmappages may fail. If this occurs, the dmabuf is immediately unpinned, but the umemdmabuf-pinned flag...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fixed the issue where mr-map was freed twice. The function rxemrcleanup, which attempts to free mr-map again, will be called when rxemrinituser fails. CPU: 0, PID: 4917, Comm: rdmaFlushserv, Kdump: loaded, Not tainted,...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: bpf, sockmap: Fixed a race condition in sockmapfree. sockmapfree calls releasesocksk without owning a reference to the socket. This could lead to a use-after-free, as syzbot identified this issue 1. Jakub Sitnicki already...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: irqchip/realtek-rtl: The refcount leak in mapinterrupts has been fixed. The offindnodebyphandle function returns a node pointer with a incremented refcount. We should use ofnodeput on it when there is no longer a need for it. Thi...
Astra Linux - уязвимость в linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Use a u64 type for the bankmap. The maximum number of MCA banks is 64 MAXNRBANKS. See a0bc32b3cacf “x86/mce: Increase the maximum number of banks to 64”. However, the bankmap, which contains a bitfield indicating whi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: perf/core: Fixed the refcount bug and potential UAF in perfmmap. Syzkaller reported a refcountt: addition on 0; use-after-free warning in perfmmap. The issue is caused by a race condition between a failing mmap setup and a...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: PCI: ofproperty: Return error for intmap allocation failure The “ENOMEM” return value occurs when kcalloc fails to prevent a NULL pointer dereferencing in this case. bhelgaas: commit log...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fixed a possible memory leak. This issue occurs in bnxtresetupchipctx, when bnxtqplibmapdbbar fails; the driver does not free the memory allocated for “rdev-chipctx”...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: BPF, sockmap: Fixed a potential memory leak in an unlikely error case. If the skblinearize function is needed and fails, we might leak a message during error handling. To fix this issue, we must free the message buffer before...
Astra Linux - уязвимость в hdf5
A SIGFPE signal is raised in the function H5Dcreatechunkfilemaphyper of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempt to parse a crafted HDF file. This occurs due to incorrect protection against division by zero. This could allow a remote denial-of-service attack...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iouring: Fixed the issue of releasing pinned pages when iouaddrmap fails. Looking at the error path of iouaddrmap, if we fail to pin the pages for any reason, ret will be set to -EINVAL, and the error handler will not properly...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: powerpc/paprscm: Fixed the issue where elements of nvdimmeventsmap were leaking during calls to paprscmpmucheckevents, paprscmremove, and paprscmpmuregister. Additionally, the individual statid values were no longer...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: kernel/kexec: Fixed the issue when the kexec target address is allocated in the CMA area. Description of the bug When I tested kexec with the latest kernel, I encountered the following warning: 40.712410 ------------ Cut here ---...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential AB/BA lock with buffermutex and mmaplock syzbot detected a potential deadlock between the runtime-buffermutex and the mm-mmaplock. This issue arose due to the recent fix related to racy read/writes and...