6174 matches found
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: serial: max3100: Update uartdriverregistered upon driver removal. The removal of the last MAX3100 device triggers the removal of the corresponding driver. However, the code does not update the respective global variable. After th...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Fixed null pointer access to epfile after ep enable. A race condition occurs when ffsfuncepsenable runs concurrently with ffsdatareset. The ffsdataclear function called in ffsdatareset sets ffs-epfiles to NULL...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: HID: hid-thrustmaster: A warning was fixed in thrustmasterprobe by adding an endpoint check. syzbot has identified a type mismatch between a USB pipe and the transfer endpoint, which is triggered by the hid-thrustmaster driver...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: USB: Gadget: pxa27xudc: fixed a memory leak that occurred when using debugfslookup. When calling debugfslookup, the result must be processed by calling dput, otherwise memory leaks may occur over time. To simplify matters, simply...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imondisconnect Syzbot reports a KASAN issue as follows: BUG: KASAN: use-after-free in createpipe include/linux/usb.h:1945 inline BUG: KASAN: use-after-free in sendpacket+0xa2d/0xbc0...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: fbdev: smscufx: Fixed several use-after-free bugs. Several types of UAFs Use-After-Free errors can occur when physically removing a USB device. The function ufxopsdestroy has been added to the .fbdestroy of the fbops structure...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: serial: imx: Introduced a timeout when waiting for the transmitter to become empty By waiting for at most 1 second until the USR2TXDC is set, we avoid a potential deadlock. In the event of a timeout, there’s not much we can do;...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: carl9170 – added a proper sanity check for endpoints. Syzkaller reports that a warning was triggered due to the presence of an incorrect endpoint type during the URB processing stage. Although a check was performed for a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: host – Fixed the dereference issue in the DDMA completion flow. The dereference issue in the DDMA completion flow has been addressed...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: serial: protect uartportdtrrts in uartshutdown as well. The commit af224ca2df29 serial: core: Preventing unsafe access to UART ports, part 3 added several uport == NULL checks. One such check was added to uartshutdown, so the...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Staging: greybus: uart: fixed the issue where tty was used after it was freed. The user space can keep a tty open indefinitely, and tty drivers must not release the underlying structures until the last user has left. We have...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: NFS: Check the TLS certificate fields in nfsmatchclient If the TLS security policy is of type RPCXPRTSECTLSX509, then the certserial and privkeyserial fields also need to match, as they define the client’s identity, as presented ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: serial: Fixed the race condition where tty-port wasn’t set. The commit bfc467db60b7 “serial: removed redundant ttyportlinkdevice” was reverted because ttyportlinkdevice isn’t redundant at all. We need to configure tty-port before...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: serial: sprd: Fixed the DMA buffer leak issue. Release the DMA buffer when probe returns an error to avoid memory leaks...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: spi: imx: Do not skip cleanup in the error path of the remove function Returning early in the remove callback of a platform driver is incorrect. In this case, the DMA resources are not released during the error path. This issue i...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: USB: chipidea – fixed a memory leak that occurred when using debugfslookup. When calling debugfslookup, the result must also contain a call to dput; otherwise, memory will leak over time. To simplify things, simply call...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: USB: bcm63xxudc: fixed a memory leak that occurred when using debugfslookup. When calling debugfslookup, the result must be processed by calling dput; otherwise, a memory leak will occur over time. To simplify things, simply call...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: USB: isp1362 – A memory leak was fixed by using debugfslookup. When calling debugfslookup, the result must be processed with dput, otherwise a memory leak will occur over time. To simplify things, simply call...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix for panic due to PSLVERR When the PSLVERRRESPEN parameter is set to 1, the device generates an error response if an attempt is made to read an empty RBR Receive Buffer Register while the FIFO is enabled. In...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: tty: serial: sh-sci: fix RSCI FIFO overrun handling The receive error handling code is shared between RSCI and all other SCIF port types. However, for RSCI, the “overrunreg” is specified as a memory offset. For other SCIF types, ...