10863 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Thermal: Fix for double-free on unregistration Since commit 3d439b1a2ad3 “thermal/core: Alloc-copy-free the thermal zone parameters structure”, the thermalzonedeviceregister function allocates a copy of the tzp argument and frees...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fixed a possible null-ptr-deref issue when initializing hardware. The result of the avsdaifindpathtemplate function must be verified before being used. Since the ‘template’ is already known when...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm: Do not allow userspace to trigger kernel warnings in drmgemchangehandleioctl Since GEM bo handles are of type u32 in the uapi, and the internal implementation uses idralloc, which uses integer ranges. Passing a new handle th...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: HID: appleir: Fixed potential NULL dereference at the raw event handle. Syzkaller reported a NULL pointer dereference issue in inputevent. BUG: KASAN: NULLptrderef in instrumentatomicread, include/linux/instrumented.h:68 inlin...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ALSA: emu10k1: Fixed an out-of-bounds access in sndemu10k1pcmchannelalloc The voice allocator sometimes begins allocating from near the end of the array, and then wraps around. However, the sndemu10k1pcmchannelalloc function...
Astra Linux – Vulnerability in Linux
A use-after-free occurred in the function hcisockboundioctl of the Linux kernel’s HCI subsystem. This issue arises when the user calls ioct HCIUNBLOCKADDR, or when the call to hciunregisterdev triggers a race condition, along with the calls hcisockblacklistadd, hcisockblacklistdel, hcigetconninfo...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb: ucsi: Fixed a NULL pointer dereferencing in ucsiconnectorchange. When ucsiinit fails, ucsi-connector is NULL. However, in the case of ucsiacpi, we may still receive events that cause the ucsacpi code to call...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: thermal/int340xthermal: handles datavault when the value is ZEROSIZEPTR. In some cases, GDDV returns a packet with a buffer of zero length. This causes kmemdup to return ZEROSIZEPTR 0x10. As a result, datavaultread encounters a...
Astra Linux – Vulnerability in Linux, Linux 5.10
The FireWire subsystem in the Linux kernel up to version 5.14.13 has a buffer overflow issue related to the drivers/media/FireWire/firedtv-avc.c and drivers/media/FireWire/firedtv-ci.c files. This issue arises due to improper handling of bounds checking by the avccapmt function...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rcu: Avoid stack overflow due to rcuirqenterchecktick being kprobed. Registering a kprobe for rcuirqenterchecktick can cause a kernel stack overflow, as shown below. This issue can be reproduced by enabling CONFIGNOHZFULL and...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mtd: Fixed a device name leak when registering a device in addmtddevice. There is a kmemleak when registering a device fails: Unreferenced object 0xffff888101aab550 size 8: Command "insmod", PID 3922, jiffies 4295277753 age...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: stm32-csi: The dereference operation was corrected before the NULL check. In stm32csistart, the variable csidev-ssubdev is dereferenced directly when assigning a value to srcpad. However, the same value is then checked...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek – Add an interface release flow when USB is disconnected. MediaTek claims that there is a special USB interface for ISO data transmission. This interface must be released before unregistering an HCI...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: The process of initializing wiphywork before allocating rfkill fails. The issue was reported as a syzbort: an error in cfg80211devfree. When the allocation of rfkill fails, the wiphywork initialization process wil...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-pcm: Added a NULL check in BE reparenting. A NULL check was also added to the dpcmbereparent API, to handle kernel NULL pointer dereferencing errors. This issue occurred during fuzzing tests...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: mmc: rtsxpci: fixed the return value check in mmcaddhost The mmcaddhost function may return an error. If we ignore its return value, the memory allocated by mmcallochost will be leaked, leading to a kernel crash due to the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Do not finalize the CSA in IBSS mode if the state is disconnected. When we are not connected to a channel, sending the “switch” announcement doesn’t make any sense. The BSS list is empty in that case. This causes...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in cfg80211connectresult If the ssid-datalen is greater than IEEE80211MAXSSIDLEN 32, it could lead to memory corruption. Therefore, bounds checking has been added...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: md: Avoid repeated calls to delgendisk. There is a UAF Uninitialized Address Fault issue that was detected during case 23rdev-lifetime. Oops: General Protection Fault; likely due to a non-canonical address of 0xdead000000000122...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: coresight: ETR: Fixed the “use-after-free” issue with ETR buffer usage When ETR is enabled as CSMODESYSFS, if the buffer size is changed and the feature is re-enabled, currently, sysfsbuf will point to the newly allocated memory...