10862 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Check the A-MSDU format more carefully. If it seems that there is another subframe within the A-MSDU, but the header is not fully present, we may end up reading data outside its expected range, which would then ne...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: isdn: mISDN: hfcsusb: fixed a memory leak in hfcsusbprobe In hfcsusbprobe, the memory allocated for ctrlurb gets leaked when setupinstance fails with an error code. This issue was addressed by freeing the urb before freeing th...
Astra Linux – Vulnerability in Linux 5.10
Due to a vulnerability in the iouring subsystem, it is possible for kernel memory information to be leaked to the user process. timensinstall calls currentissinglethreaded to determine whether the current process is single-threaded. However, this call does not take into account iouring’s ioworker...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ubi: Fixed the UAF Use-After-Free issue in the wear-leveling entry of eraseblkcountseqshow. The wear-leveling entry could be freed during an error-prone path, and this entry might be accessed again in eraseblkcountseqshow, for...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: ima: Avoid blocking in the RCU read-side critical section. A panic occurs in imamatchpolicy: BUG: Unable to handle a NULL pointer dereferencing in the kernel at 0000000000000010. PGD 42f873067 P4D 0 Oops: 0000 1 SMP NOPTI CPU:...
Astra Linux – Vulnerability in Linux
The vgacon subsystem in the Linux kernel before version 5.8.10 mishandles software scrollback operations. There is an out-of-bounds read in vgaconscrolldelta, also known as CID-973c096f6a85...
Astra Linux – Vulnerability in Parsec
The vulnerability of the pdp-ls utility in the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fixed possible out-of-bounds accesses to addldescptr. Sanitized possible out-of-bounds accesses to addldescptr in sesenclosuredataprocess...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix use after free on context disconnection Upon module loading, a kthread is created that targets the pvr2contextthreadfunc function. This function may call pvr2contextdestroy, thereby calling kfree on the contex...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds When we run syzkaller, we encounter an out-of-bound error. The specific error message is: “KASAN: slab-out-of-bounds Read in regcacheflatread” The backtrace of the issue i...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: md: Fixed a deadlock between mddevsuspend and flushbio. A deadlock occurs when mddev is suspended while some of the flushbio operations are still in progress. This is a complex issue. T1: The first flush occurs at the end of t...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: cxl/mem: Fix for the shutdown order Ira reports that removing the cxlmockmem causes a crash with the following error message: BUG: Kernel NULL pointer dereference, address: 0000000000000044 .. RIP: 0010:...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fixed a potential null-ptr-deref in ip6tablenattableinit. ip6tablenattableinit accesses net-gen-ptrip6tablenatnetops.id, but this function is exposed to user space before the entry is allocated via...
Astra Linux – Vulnerability in Linux, Linux 5.10
A use-after-free flaw was discovered in the Linux kernel’s sound subsystem. This flaw occurs when a user triggers concurrent calls to the PCM hwparams function. The hwfree ioctls or similar race conditions occur within ALSA PCM for other ioctls. This flaw allows a local user to crash the system o...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
A stack overflow flaw was discovered in the Linux kernel’s SYSCTL subsystem regarding how a user modifies certain kernel parameters and variables. This flaw allows a local user to crash the system or potentially escalate their privileges on the system...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Rejecting out-of-bounds values in sndsocputvolsw We currently do not validate whether the values being set are within the range that we have announced to userspace as valid. Instead, we reject any values that are out o...
Astra Linux – Vulnerability in Linux
A NULL pointer dereference flaw was discovered in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem, regarding the way the user terminates the LR-WPAN connection. This flaw allows a local user to crash the system. The greatest threat posed by this vulnerability is to system...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ALSA: oss: Fixed an issue where PCM OSS buffer allocation might overflow. We have received reports of situations where INTMAX overflow occurs during memory allocation using vmalloc, specifically in the function sndpcmplugalloc...
Astra Linux – Vulnerability in Parsec
The vulnerability of the hashinitialize function in the PARSEC security subsystem is related to the assignment of a null pointer. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux – Vulnerability in Parsec
The vulnerability of the psaud utility within the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...