2406 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: vsock: Fixed lock inversion in vsockassigntransport. Syzbot reported a potential lock inversion deadlock between vsockregistermutex and sklock-AFVSOCK when vsocklinger is called. The issue was introduced by the commit...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: tcp: Prevent concurrent execution of tcpskexitbatch It is possible that two threads call tcpskexitbatch concurrently. This could happen either from the cleanupnetworkqueue or from a task that fails to clone a new netns. In the...
Astra Linux – Vulnerability in Mariadb 10.3
In MariaDB before 10.9.2, the compresswrite function in extra/mariabackup/dscompress.cc does not release the datamutex upon a stream write failure, which allows local users to trigger a deadlock...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ice: Fix for locking during Tx timestamp tracking cleanup The commit 4dd0d5c33c3e “ice: add lock around Tx timestamp tracker cleanup” added a lock around the Tx timestamp tracker process, which is used to clean up any remaining...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ALSA: jack: Access to inputdev under a mutex It is possible when using ASoC that the inputdev is not properly registered while calling sndjackreport, which can lead to a NULL pointer derefrence. To prevent this type of serialized...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fixed race conditions between concurrent hwparams and hwfree calls Currently, there are no proper checks or protections against concurrent calls to hwparams and hwfree ioctls, which may lead to a Use-After-Free error...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Scsi: sg: Fix slab-use-after-free issue in sgrelease A use-after-free bug was fixed in sgrelease, detected by syzbot with KASAN: Bug: KASAN: Slab-use-after-free in lockrelease+0x151/0xa30 kernel/locking/lockdep.c:5838...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Ring-Buffer: Fixed buffer locking in ringbuffersubbuforderset. Expanded the critical section in ringbuffersubbuforderset to ensure that error handling occurs with a per-buffer mutex held, thereby preventing list corruption and...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm: A use-after-free issue in drmgetunique has been fixed. There is a time-of-check-to-time-of-use error in drmgetunique, caused by retrieving fpriv-master before locking the device’s master mutex. An example of this error can b...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: char: tpm: Protect tpmpmsuspend with locks Currently, tpm transactions are executed unconditionally in the tpmpmsuspend function, which may lead to races with other tpm accessors in the system. Specifically, the hwrandom tpm driv...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: configfs: A race condition in configfs,unregistersubsystem has been fixed. When configfsregistersubsystem or configfsunregistersubsystem executes linkgroup or unlinkgroup, it is possible for two processes to add or delete element...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: In the zone operation, the code must traverse devices under the chunkmutex in btrfscanactivatezone. The btrfscanactivatezone function can be called with the devicelistmutex already held, which could lead to a deadlock. ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm: zynqmpdp: A deadlock has been fixed in zynqmpdpignorehpdset. Instead of attempting to access the same mutex twice, the mutex is now locked and unlocked accordingly. This bug was detected by the Clang thread-safety analyzer...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: netconsole: The sumutex should be acquired before navigating the configs hierarchy. There is a race between operations that iterate over the cgchildren list and concurrent additions/removals of userdata items through configfs. Th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mfd: macsmc: Initialize mutex The mutex of the struct applesmc is initialized in applesmcprobe. Using the mutex in an uninitialized state surprisingly resulted only in occasional NULL pointer dereferences in calls to applesmcread...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: gpib: A use-after-free occurred in the IO ioctl handlers. The IBRD, IBWRT, IBCMD, and IBWAIT ioctl handlers use a gpibdescriptor pointer after the board-biggpibmutex has been released. A concurrent IBCLOSEDEV ioctl can free the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: tracing/synthetic: Fixed races when freeing lastcmd Currently, the “lastcmd” variable can be accessed by multiple processes asynchronously when multiple users manipulate syntheticevents nodes at the same time. This could lead to...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: ipv6: mcast: fixed a data race in ipv6mcdown / mldifcwork. idev-mcifccount can be written without proper locking. Originally reported by syzbot 1. This issue was fixed by encapsulating calls to mldifcstopwork and mldgqstopwork...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: afs: Fixed the delayed allocation of a cell’s anonymous key. The allocation of a cell’s anonymous key is performed in a background thread, along with other cell-related operations such as making DNS calls. In the reported bug, th...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec - don't sleep when in softirq When kunpeng920 encryption driver is used to deencrypt and decrypt packets during the softirq, it is not allowed to use mutex lock. The kernel will report the following error:...