7464 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Initialize freeqp completion before using it. In irdmacreateqp, if ibcopytoudata fails, it will call irdmadestroyqp to clean up. This process will attempt to wait for the completion of freeqp, but freeqp has not yet...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: nbd: The issue of task hanging when the nbdstartdeviceioctl signal interrupt occurs has been fixed. The syzbot reported that the task could get hung. The following program is a simplified version of the original reproducer...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: Fixed a kernel panic that occurred in bnxtgetqueuestatsrx | tx. When the qstats-get operation is executed, calls to netdevstatsops are made. bnxtgetqueuestatsrx | tx collects per-queue statistics from swstats in the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: - block: Fixed a possible memory leak for rqwb when deviceadddisk fails. - kmemleak reported memory leaks in deviceadddisk: 3 new suspected memory leaks. - A unreferenced object 0xffff88800f420800 size 512: - Command “modprobe...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: afunix: Do not leave consecutive consumed OOB packets in the receive queue. Jann Horn reported a use-after-free in the unixstreamreadgeneric function. The following sequence reproduces the issue: $ python3 from socket import s...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/mlx5: Returns the firmware result upon destroying QP/RQ. Previously, when destroying a QP/RQ, the result of the firmware destruction function was ignored, and the upper layers were not informed of the failure. This could...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: amdkfd: The gangctxbo memory is properly freed when attempting to initialize the user queue. The destructor of a gtt bo is declared as: void amdgpuamdkfdfreegttmemstruct amdgpudevice adev, void memobj; This function takes void as...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: - For “ice”: validate the “queuequantas” parameters to prevent out-of-band OOB access. - Add prevention measures for “queuewraparound” in “quantum” configurations. Ensure that “endqid” does not overflow by validating “startqid...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ublk: Make sure that ubq-canceling is set when the queue is frozen. Now, the ublk driver relies on ubq-canceling to determine whether a request can be dispatched via uringcmd and iouringcmdcompleteintask. Once ubq-canceling is se...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ipc: mqueue: fixed a possible memory leak in initmqueuefs The commit details are as follows: db7cfc380900 "ipc: Free mqsysctls if ipc namespace creation failed" This is a similar memory leak to the one fixed by the above patch. T...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iouring/io-wq: The IOWQBITEXIT check is performed within the work run loop. Currently, this check is performed before executing the pending tasks. Normally, this works fine, as the tasks either block temporarily and then a new...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: The queuelock must be held when removing blkg-qnode. When blkg is removed from q-blkglist in the blkgfreeworkfn function, the queuelock must be held. Otherwise, various bugs such as list corruption, hard lockups, etc...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: Replace physindev with physinif in nfbridgeinfo. A skb can be added to the neigh-arpqueue while waiting for an arp reply. In this case, the skb-dev of the original skb may differ from the neigh-dev of the targe...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: ti: j721e-csi2rx: fix listdel corruption If the ticsi2rxstartdma function fails in the ticsi2rxdmacallback, the buffer is marked as corrupted with VB2BUFSTATEERROR, but is not removed from the DMA queue. This causes the sa...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: blk-mq: Fixed a NULL dereference on q-elevator in blkmqelvswitchnone. After acquiring the q-sysfslock, q-elevator may become NULL due to the elevator switch. This issue was addressed by checking q-elevator with a lock to prevent...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: ioam6: fix OOB and missing lock issues When trace-type.bit6 is set: if trace-type.bit6 ... queue = skbgettxqueuedev, skb; qdisc = rcudereferencequeue-qdisc; This code can lead to an out-of-bounds access of the dev-tx array...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: netsched: Red: fixed a race condition in redchange. Gerrard Tai reported a race condition in RED, whenever the SFQ perturb timer fires at the wrong time. The race condition is as follows: CPU 0: 1: Lock root 2:...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/qedr: Fixed the qedrcreateuserqp error flow. Avoid the following warning by ensuring that allocated resources are freed in case qedrinituserqueue fails. ----------- cut here --- WARNING: CPU: 0 PID: 143192 at...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Check the running state of GuC before deregistering an exec queue. In normal operation, a registered exec queue is disabled and deregistered through GuC. It is only freed after GuC confirms completion. However, if the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: The call to fini during the creation of an execution queue fails. Every call to queue initialization should include a corresponding fini call. Skipping this would mean failing to remove the queue from the GuC list...