Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: codecs: wcd-mbhc-v2: fixed resource leaks during component removal The MBHC resources must be released in case of component probe failures and removals; therefore, they cannot be tied to the lifetime of the component...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: pci: tw68: Fixed the nullptrderef bug in the buf prepare and finish steps. When the driver calls tw68riscbuffer to prepare the buffer, the function call dmaalloccoherent may fail, resulting in an empty buffer buf-cpu. Late...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: removed one synchronizenet call from ipv6mcdown. As discussed in previous discussions commit 2d3916f31891 “ipv6: fix skb drops in igmp6eventquery and igmp6eventreport”, the synchronizenet call in ipv6mcdown is not...

Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: rcu: Avoid stack overflow due to rcuirqenterchecktick being kprobed. Registering a kprobe for rcuirqenterchecktick can cause a kernel stack overflow. This issue can be reproduced by enabling CONFIGNOHZFULL and booting the kernel...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: block: Fixed a potential deadlock in blkiarangesysfsshow When reading a sysfs attribute, the attribute is already protected against removal due to the active reference counter of the kobject node. As a result, in...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fixed a possible memory leak if deviceadd fails. If deviceadd returns an error, the name allocated by devsetname needs to be freed. As noted in the comments for deviceadd, putdevice should be used to release the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: stm32-csi: The dereference operation was corrected before the NULL check. In stm32csistart, the variable csidev-ssubdev is dereferenced directly when assigning a value to srcpad. However, the same value is then checked...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: perf/core: Fixed a system hang caused by CPU-clock usage. CPU-clock usage by the async-profiler tool can trigger a system hang. This issue was fixed in the commit made by Octavia Togami: 18dbcbfabfff “perf: Fixed the POLLHUP...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: crypto: afalg – Fixed an issue where initialisation was missing, affecting gcm-aes-s390. Fixed the afalgallocareq function to initialize areq-firstrsgl.sgl.sgt.sgl to point to the scatterlist array in areq-firstrsgl.sgl.sgl...

Astra Linux - уязвимость в parsec

The vulnerability of the psaud utility within the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...

Astra Linux - уязвимость в parsec

The vulnerability of the macid utility in the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fixed possible out-of-bounds accesses to addldescptr. Sanitized possible out-of-bounds accesses to addldescptr in sesenclosuredataprocess...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Quota: Fixed a warning in dqgrab. The following issue occurs during fault injection: WARNING: CPU: 1 PID: 14870 at include/linux/quotaops.h:51 dquotdisable+0x13b7/0x18c0 Modules linked in: CPU: 1 PID: 14870 Comm: fsconfig Not...

Astra Linux - уязвимость в parsec

The vulnerability of the parsecmdlin function in the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: isdn: mISDN: hfcsusb: fixed a memory leak in hfcsusbprobe In hfcsusbprobe, the memory allocated for ctrlurb gets leaked when setupinstance fails with an error code. This issue was addressed by freeing the urb before freeing th...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: ARM: 9064/1: hwbreakpoint: Do not directly check the event’s overflowhandler hook The commit 1879445dfa7b “perf/core: Set event’s default ::overflowhandler” sets a default event-overflowhandler in perfeventalloc, and replaces the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: Thermal: Fix NULL pointer dereferencing in ofthermal functions. ofparsethermalzones parses the thermal-zone node and registers a thermalzone device for each subnode. However, if a thermal zone uses a thermal sensor, and that...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ALSA: emu10k1: Fixed an out-of-bounds access in sndemu10k1pcmchannelalloc The voice allocator sometimes begins allocating from near the end of the array, and then wraps around. However, the sndemu10k1pcmchannelalloc function...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ima: Avoid blocking in the RCU read-side critical section. A panic occurs in imamatchpolicy: BUG: Unable to handle a NULL pointer dereferencing in the kernel at 0000000000000010. PGD 42f873067 P4D 0 Oops: 0000 1 SMP NOPTI CPU:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: The line “Revert “block, bfq: honor already-setup queue merges”” has been removed. A crash occurred in conjunction with the commit 2d52c58b9c9b “block, bfq: honor already-setup queue merges”. This issue was later corrected by the...