3254 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: powerpc/fslrio: The refcount leak in fslriosetup has been fixed. ofparsephandle returns a node pointer with a refcount incremented; we should use ofnodeput on it when there is no longer a need for it. Add the missing ofnodeput...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Prevent UAF in kvmspaprtceattachiommugroup It was reported that there might be a use-after-free UAF in the kvmspaprtceattachiommugroup function. The function looks up stt from tablefd, but then continues to u...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/interrupt: Fixed the interrupt exit race issue with security mitigation switches. The RFI and STF security mitigation options can simultaneously alter the interruptexitnotreentrant static branch condition during the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: powerpc/rtas: Use the correct function name for resetting TCE tables. The PAPR specification specifies that the function name should be written as “ibm,reset-pe-dma-windows”. However, in practice, the firmware uses the singula...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: powerpc/memhotplug: Added an addpages override for PPC. With the commit ffa0b64e3be5 “powerpc: Fix virtaddrvalid for 64-bit Book3E & 32-bit”, the kernel now validates the addr against the highmemory value. This results in the...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Keep MSRRI set when calling RTAS RTAS runs in real mode MSRDR and MSRIR unset and in 32-bit big endian mode MSRSF,LE unset. The change in MSR is done in enterrtas in a relatively complex way, since the MSR value cou...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: powerpc/bpf: Fixed the JIT code size calculation for the BPF trampoline. The archbpftrampolinesize function provides the JIT size of the BPF trampoline before the buffer for JIT compilation of it is allocated. The total number of...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/mm: Fixed the null-pointer dereference in pgtablecacheadd. kasprintf returns a pointer to dynamically allocated memory; this pointer may be NULL in case of failure. Ensure that the allocation was successful by checking th...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/memhp: Fixed access beyond the end of the drmem array The dlparmemoryremovebyindex function may access beyond the bounds of the drmem lmb array when the LMB lookup fails to match an entry with the given DRC index...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: powerpc/47x: Fixed the crash that occurred during the 47x syscall return. Eddie reported that newer kernels crashed during boot on his 476FSP2 system: - The kernel attempted to execute the user page b7ee2000 – a potential...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: fixed a possible memory leak in ibmebusbusinit. If deviceregister returns an error in ibmebusbusinit, the name of the kobject allocated by devsetname, which is called in deviceadd, is leaked. According to the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: powerpc/rtasflash: allows user copy to flash block cache objects With hardened usercopy enabled CONFIGHARDENEDUSERCOPY=y, using the /proc/powerpc/rtas/firmwareupdate interface to prepare a system firmware update results in a BUG:...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Avoid device tree lookups in rtasosterm. rtasosterm is called during panic. Its behavior depends on several conditions in the /rtas node of the device tree; traversing these nodes involves locking and changes to loc...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: powerpc/kprobes: Fixed a null pointer reference in archpreparekprobe I found a null pointer reference in archpreparekprobe: echo 'p cmdlineprocshow' kprobeevents echo 'p cmdlineprocshow+16' kprobeevents The kernel attempted to re...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: pci/hotplug/pnvphp: Fixed the hotplug driver crash on Powernv The hotplug driver for powerpc pci/hotplug/pnvphp.c causes a kernel crash when attempting to hot-unplug or disable the PCIe switch/bridge from the PHB. The crash occur...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fixed dtlaccesslock to use a rwsemaphore instead of a rwsemaphore. The dtlaccesslock needs to be a rwsemaphore, a sleeping lock, because the code calls kmalloc while holding it, which can cause a sleep condition...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fixed a potential memory leak in paprgetattr. The buffer is allocated in paprgetattr, and the krealloc call for buf could fail. In the event of a failure, we need to free the original buf...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: powerpc/32: Fixed the hard lockup that occurred due to vmap stack overflow. Since the commit c118c7303ad5 “powerpc/32: Fixed vmap stack – Do not activate the MMU before reading the task struct”, a vmap stack overflow would result...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: powerpc/bpf: Fixed the detection of BPF atomic instructions. The commit 91c960b0056672 “bpf: Rename BPFXADD and prepare to encode other atomic instructions in .imm” changed BPFXADD to BPFATOMIC and added a mechanism to...