745 matches found
EUVD-2026-39900
In the Linux kernel, the following vulnerability has been resolved: mailbox: add sanity check for channel array Fail gracefully if there is no channel array attached to the mailbox controller. Otherwise the later dereference will cause an OOPS which might not be seen because mailbox controllers...
CVE-2026-53295
CVE-2026-53295 (Linux kernel) : The mailbox subsystem contains a missing sanity check for the channel array on a mailbox controller. If no channel array is attached, subsequent dereferencing can trigger an OOPS, potentially not visible because mailbox controllers may initialize very early. The fi...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: “Revert ‘f2fs: fix to do sanity check on extent cache correctly’” The syzbot reports a bug in f2fs as follows: UBSAN: Array-index-out-of-bounds in fs/f2fs/f2fs.h:3275:19 Index 1409 is out of range for type ‘le32923’ aka ‘unsigned...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: f2fs: a fix was made to avoid potential memory corruption in updateiostatlatency. A sanity check for iotype was added to prevent potential memory corruption. This fixes the compile error reported below: fs/f2fs/iostat.c:231...
Astra Linux – Vulnerability in Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: f2fs: A sanity check was added for the F2FSInlineDATA flag in the inode during garbage collection GC. The syzbot reports the following f2fs bug: ------------ Cut here ------------ Kernel BUG: At fs/f2fs/inline.c:258 CPU: 1 PID: 3...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed the sanity check on summary information As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 BUG: KASAN: use-after-free in recoverdata+0x63ae/0x6ae0 f2fs Read of size 4 at addr...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fixed invalid data access in ath12kdprxhundecapnwifi. In certain cases, hardware may generate packets with a length greater than the maximum native Wi-Fi header length. This can lead to accessing and modifying field...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: A fix was made to perform a sanity check on the destination blkaddr during recovery. As Wenqing Liu reported in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 loop5: A change in capacity was detected, from 0...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: asihpi: Fixed potential OOB array access The ASIHPI driver stores certain values in a static array in response to a driver’s request. The index of this array depends on the firmware. We should not trust this information...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/msm/dp: fixed memory corruption due to too many bridges. Added a missing sanity check on the bridge counter to prevent corruption of data beyond the fixed-sized bridge array, in case there are more than eight bridges...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: md/bitmap: Do not set sb values if the sanity check fails. If the bitmap area contains invalid data, the kernel will crash, and mdadm will trigger a “Segmentation fault”. This is a bug specific to cluster-md. In non-clustered...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/cxgb4: A potential null-ptr-deref occurred in passestablish. If getepfromtid fails to find a non-NULL value for ep, ep will be dereferenced later, regardless of whether it is empty. This patch adds a simple sanity check to f...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ath5k: The OOB issue in ath5keepromreadpcalinfo5111 has been fixed. The bug was discovered during fuzzing. The stack trace indicates that the issue lies in ath5keepromconvertpcalinfo5111. When no curve is selected in the loop, th...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: f2fs: A sanity check was added for the block address in the f2fsdozerorange function. As reported by Yanming in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215894 I have encountered a bug in the F2FS file system in the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: media: imon: fix access to invalid resources for the second interface The imon driver probes two USB interfaces. When probing the second interface, the driver assumes blindly that the first interface was bound to the same imon...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: qca: fixed an issue where information was leaked when retrieving the board ID. A missing sanity check was added when retrieving the board ID to prevent the leakage of slab data when requesting the firmware later...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: Squashfs: sanity check for symbolic link sizes Syzkiller reports a bug named “KMSAN: uninit-value in picklink”. This issue is caused by an uninitialized page, which ultimately results from reading a corrupted symbolic link siz...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fslupm: A bug in the funexecop function was fixed; a “off-by-one” test was corrected. The “op-cs” values are copied into “fun-mchipnumber”, which is used to access the “mchipoffsets” and “rnbgpio” arrays. These arra...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: btrfs: A sanity check for the btrfs root has been added in btrfssearchslot. Syzbot reports a nullptrderef issue in btrfssearchslot. The reproducer uses rescue=ibadroots, and the extent tree root is corrupted; as a result, the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Nilfs2: Rejects invalid file types when reading inodes. To prevent inodes with invalid file types from causing malfunctions or assertion failures, a missing sanity check should be added when reading an inode from a block device. ...