Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Check the A-MSDU format more carefully. If it seems that there is another subframe within the A-MSDU, but the header is not fully present, we may end up reading data outside its expected range, which would then ne...

Astra Linux - уязвимость в linux-5.10, linux

A out-of-bounds read flaw was discovered in the Linux kernel’s TeleTYpe subsystem. The issue arises when a user triggers a race condition using ioctls TIOCSPTLCK, TIOCGPTPEER, TIOCSTI, and TCXONC, accompanied by memory leakage in the flushtoldisc function. This flaw allows a local user to crash t...

Astra Linux - уязвимость в linux

A NULL pointer dereference flaw was discovered in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem, regarding the way the user terminates the LR-WPAN connection. This flaw allows a local user to crash the system. The greatest threat posed by this vulnerability is to system...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix use after free on context disconnection Upon module loading, a kthread is created that targets the pvr2contextthreadfunc function. This function may call pvr2contextdestroy, thereby calling kfree on the contex...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix refcount issue when LOGO is received during TMF A hung task trace was observed during LOGO processing. 974.309060 0000:00:00.0: qedfehdevicereset:868: 1:0:2:0: LUN RESET issued… 974.309065 0000:00:00.0:...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: cfg80211: Values of NL80211ATTRTXQQUANTUM are restricted. syzbot can trigger soft lockups by setting NL80211ATTRTXQQUANTUM to 2^31. We had a similar issue in schfq; it was fixed in the commit d9e15a273306 “pktsched: fq: ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Audit: Fixed an out-of-bounds read in auditcomparednamepath. When a watch on dir=/ is combined with an fsnotify event for a single-character name directly under / e.g., creating /a, an out-of-bounds read can occur in...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: atm: Fix NULL pointer dereference When MPOAcacheimposrcvd receives the msg, it can trigger the Null Pointer Dereference Vulnerability if both entry and holdingtime are NULL. Because there is only for the situation where entry is...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: fixed a double-free issue during the unloading of the amdgpu module Flexible endpoints use DIGs from available inflexible endpoints; therefore, only the encoders of inflexible links need to be freed. Otherwise...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/csdspctl: Use privatefree for controlling cleanup. Use the privatefree callback to free the associated data structures. This ensures that the memory will not leak, regardless of how the control objects are destroyed. Th...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: configfs: Fix a race condition in configfs,unregistersubsystem. When configfsregistersubsystem or configfsunregistersubsystem is executing linkgroup or unlinkgroup, it is possible that two processes add or delete elements from th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: md: making rdevaddable usable for rcu mode. Our testcase triggered a panic: BUG: Kernel NULL pointer dereferencing, address: 00000000000000e0 … Oops: 0000 1 SMP NOPTI CPU: 2 UID: 0 PID: 85 Comm: kworker/2:1 Not tainted 6.16.0+ 94...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: croseccodec: Fixed a refcount leak in croseccodecplatformprobe. The function ofparsephandle returns a node pointer with a refcount incremented. We should use ofnodeput on it when there is no longer a need for it. Add the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: coresight: ETR: Fixed the “use-after-free” issue related to ETR buffer usage When ETR is enabled as CSMODESYSFS, if the buffer size is changed and the feature is re-enabled, currently, sysfsbuf will point to the newly allocated...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iio: imu: adis: Fixed NULL pointer dereferencing in adisinit. The adisinit function dereferences adis-ops to check whether the individual function pointers write, read, reset are NULL. However, it does not first check whether...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: soc-compress: Repositioned and added pcmmutex. If paniconwarn is set and the compress stream DPCM is initiated, then a kernel panic occurs because card-pcmmutex is not properly locked. In the following functions, a warni...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds When we run syzkaller, we encounter an out-of-bound error. The specific issue is “KASAN: slab-out-of-bounds Read in regcacheflatread”. The backtrace of the issue is as...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: Mediatek: Added an intf release flow when the USB connection is disconnected. Mediatek claims that there is a special USB interface for ISO data transmission. This interface must be released before unregistering...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: - Media: Rockchip: RGA: Fixed a possible dereference of the ERRPTR parameter in rgabufinit. - RGAgetframe: Can return ERRPTR -EINVAL when the buffer type is unsupported or invalid. rgabufinit does not check the return value an...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: md: Avoid repeated calls to delgendisk. There is a UAF Uninitialized Address Fault issue that was detected during case 23rdev-lifetime. Oops: General Protection Fault; likely due to a non-canonical address of 0xdead000000000122...