Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: gve: Prevent ethtool operations after shutdown A crash can occur if an ethtool operation is invoked after the shutdown function is called. shutdown is invoked during system shutdown to stop DMA operations without performing...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix NULL-pointer dereferences There are several places where we can cause the kernel to crash by requesting certain functions, unbinding the GPIO device, and then calling any of the system calls related to the GPIO...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211 – Rejects TDLS operations when the station is not associated. The syzbot triggered a WARN in the ieee80211tdlsoper function by sending NL80211TDLSENABLELINK immediately after NL80211CMDCONNECT, before association i...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: Block: A check was added to ensure that the partition size must be aligned with the block size. Before calling the add partition or resize partition functions, there was no check to verify whether the partition size was aligned...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Rejects negative offsets for ALU operations When verifying BPF programs, the checkaluop function validates instructions involving ALU operations. The “offset” field in these instructions is a signed 16-bit integer. The...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Handled errors that nilfspreparechunk may return. The patch series “nilfs2: fix issues with rename operations” addresses several issues. It fixes BUGON check failures reported by syzbot during rename operations, as wel...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: powerpc/lib: Validate size for vector operations Some parts of the fp/vmx code in sstep.c assume a certain maximum size for the instructions being emulated. However, the size of these operations is determined separately in...

Astra Linux - уязвимость в f2fs-tools

There is an exploitable code execution vulnerability in the file system checking functionality of fsck.f2fs 1.12.0. A specially crafted f2fs file can exploit a logical flaw and out-of-bounds heap operations, leading to code execution. An attacker can provide a malicious file to trigger this...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: media: amphion: Set video drvdata before registering the video device. video drvdata should be set before the video device is registered; otherwise, videodrvdata may return NULL in the open file operations, leading to errors...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ethtool: Do not perform operations on net devices that are not yet registered. There is a short period between when a net device starts to be unregistered and when it is actually gone. During that time frame, ethtool operations c...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/xe: Fixed the double-free bug in vmbindioctl If the argument check during an array bind fails, the bindops is freed twice. This issue is fixed by setting bindops to NULL after freeing it. BUG: KASAN: Double-free in...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: Removed the RTNL dance for SIOCBRADDIF and SIOCBRDELIF. SIOCBRDELIF is passed to devioctl first, and then forwarded to brioctlcall, which causes unnecessary RTNL dance and a segmentation fault below 0 under RTNL pressure...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: clk: socfpga: Fix memory leak in socfpgagateinit The objects @socfpgaclk and @ops are freed on the error path to avoid the memory leak issue...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fprobe: The rethook must be released after the ftraceops is unregistered. While running bpf selftests, the following errors may occur: General protection fault, likely for non-canonical addresses \ 0x6b6b6b6b6b6b6b6b: 0000 1...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: dm: Fixed unconditional IO throttling caused by REQPREFLUSH When a bio with REQPREFLUSH is submitted to dm, sendemptyFlush generates a flushbio with REQOPWRITE | REQPREFLUSH | REQSYNC, which causes the flushbio to be throttled by...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: A potential memory leak was fixed by cleaning the opsfilter variable in damonDestroyScheme. Currently, damonDestroyScheme only cleans up the filter list but leaves opsfilter untouched. This could lead to memory lea...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Added a null pointer check for inode operations This adds a sanity check for the iop pointer of the inode, which is returned after reading the Root directory MFT record. We should check that the iop is valid before...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: mmc: vub300: fix warning – do not call blocking ops when !TASKRUNNING vub300enablesdioirq works with a mutex and requires TASKRUNNING. Ensure that we mark the current context as TASKRUNNING for sleepable contexts. 77.554641 Do...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Clearing DMA operations when switching domains Since the commit 08a27c1c3ecf “iommu: Adding support for changing the default domain of an iommu group”, a user can switch a device between IOMMU and direct DMA through...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: sched/deadline: Only the freecpus field is set for online runqueues. Commit 16b269436b72 “sched/deadline: Modified cpudl::freecpus to reflect rd-online“” introduced the cpudlset/clearfreecpu functions, allowing the...