7500 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: idpf: Fixed the issue where the RSS LUT NULL pointer dereference occurred after a soft reset. During a soft reset, the RSS LUT is freed and not restored unless the interface is active. If an ethtool command that accesses the R...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: kcm: Race conditions occur when accessing skreceivequeue. sk-skreceivequeue is protected by the skb queue lock. However, for KCM sockets, the RX path requires mux-rxlock to protect more than just the skb queue. Nevertheless,...
Astra Linux – Vulnerability in Qemu
An integer overflow issue was identified in the vmxnet3 NIC emulator of QEMU for versions up to v5.2.0. This issue can occur if a guest provides invalid values for the rx/tx queue size or other NIC parameters. A privileged guest user may exploit this flaw to crash the QEMU process on the host,...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: l2tp: Pass the correct message length to ip6 AppendData. l2tpip6sendmsg needs to avoid accounting for the transport header twice when splicing more data into an already partially-occupied skbuff. To address this issue, we chec...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net: stmmac: fixed an issue with left shift overflow in DMA queues When the queue number is greater than 4, left shift overflows due to the 32-bit integer variable used in calculations. The mask calculation for MTLRXQDMAMAP1 i...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/irdma: Fixed a data race on the CQP request done field. KCSAN detected a data race in the cqprequest-requestdone memory location. This location is accessed without a lock in the irdmahandlecqpop function, while it is bein...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fixed a NULL pointer dereferencing in nvmeallocadmintags. In nvmeallocadmintags, adminq can be set to an error typically -ENOMEM if the blkmqinitqueue call fails to set up the queue. This condition is checked immediatel...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fixed a possible crash that occurred when setting up bsg failed. If bsgsetupqueue fails, the bsgqueue is assigned a non-NULL value. Consequently, in mpi3mrbsgexit, the condition “if!mrioc-bsgqueue” will not be...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDPREDIRECT path, and then once again in the driver. This fix...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: dropping bogus WARN messages This issue occurs when rules are flushed/deleted while the packet is still being processed. Therefore, this WARN message needs to be removed. This WARN message has existed i...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iavf: Fixed NULL pointer dereferencing in iavfgetlinkksettings. Fixed a potential NULL pointer dereferencing issue, caused by freeing adapter-vfres in iavfinitgetresources. The previous commit introduced a regression, where...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Avoid use-after-free on suspend/resume In virtblkinithctx, hctx-userdata is set to vq. However, vq is freed during suspension and reallocated during resume. As a result, hctx-userdata becomes invalid after resume,...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: The block mode of switchdev is applied when ADQ is active, and vice versa. ADQ and switchdev are not allowed to be enabled simultaneously. Enabling both at the same time may lead to nullptr dereferencing. To prevent this issue,...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: bpf: devmap: provide rxq after redirect The rxq structure contains a pointer to the device from which the redirect occurred. Currently, the BPF program that is executed after a redirect via BPFMAPTYPEDEVMAP does not set this...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: HID: corsair-void: Update power supply values using a unified work handler. The function corsairvoidprocessreceiver can be called from an interrupt context. However, locking the batterymutex in this function caused a kernel panic...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: staging: vchiqarm: Avoid NULL ptr deref in vchiqdumpplatforminstances vchiqgetstate can return a NULL pointer. So handle this cases and avoid a NULL pointer derefence in vchiqdumpplatforminstances...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Wifi: rtl818x: Kill URBs before clearing the txstatusqueue In rtl8187stop, the call to usbkillanchoredurbs is moved before clearing the btxstatusqueue. This change prevents callbacks from using already freed skb because the ancho...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: netsched: prio: fix a race in priotune Gerrard Tai reported a race condition in PRIO, whenever the SFQ perturb timer fires at the wrong time. The race occurs as follows: CPU 0 CPU 1 1: lock root 2: qdisctreeFlushBacklog 3: unlock...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed idx validation in i40evalidatequeuemap. Ensured that the idx value is within the range of active/initialized TC’s when iterating over vf-chidx in i40evalidatequeuemap...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: igc: The TX packet buffer size per queue has been reduced from 7KB to 5KB. The previous 7KB per queue caused issues with the TX unit during heavy timestamping operations. Reducing the size to 5KB avoids these issues and aligns wi...