1904 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: GPIO: sysfs: fix the issue where removing a chip with GPIOs exported through sysfs occurs. Currently, if we export a GPIO through sysfs and unbind the parent GPIO controller, the exported attribute will remain under...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: amdgpu/pm: prevented array underflow in vega20odneditdpmtable In the PPODEDITVDDCCURVE case, the “inputindex” variable is capped at 2, but its negative values are not checked, resulting in an out-of-bounds read. This value comes...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: The commit test for ctx always results in memory deallocation. The damonctx used to test online DAMON parameters commits inputs only after the test fails. This means that memory is leaked for every successful onli...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: catch commit test ctx allocation failure The patch series “mm/damon/sysfs: fix commit test damonctx deallocation” addresses this issue. The DAMON sysfs interface dynamically allocates and uses a damonctx object to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: cxl/region: Fixed leakage in constructregion. The first call to sysfsupdategroup requires explicitly freeing the resource, as it is too early for cxlregioniomemrelease to be called...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: Protect references to superblock parameters exposed in sysfs The superblock buffers of nilfs2 can not only be overwritten at runtime for modifications/repairs, but they are also regularly swapped, replaced during resizing...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm, slub: fixed the potential use-after-free in slabdebugfsfops. When sysfsslabadd fails, we should not call debugfsslabadd for s, because s will be freed soon. Moreover, slabdebugfsfops will use s later, leading to a...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Firmware: dmi-sysfs: Fixed a memory leak in dmisysfsregisterhandle. kobjectinitandadd takes a reference even when it fails. According to the documentation for kobjectinitandadd: If this function returns an error, kobjectput mu...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: iio: trigger: sysfs: fix use-after-free on remove Ensure that the irqwork has completed before the trigger is freed. ================================================================== BUG: KASAN: use-after-free in irqworkrunli...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Block: Do not delete a queue kobject before its child kobjects are deleted. Kobjects are not supposed to be deleted before their child kobjects are deleted. Apparently, this is usually harmless; however, a warning will be trigger...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: blktrace: Fixed a UAF in the blkTraceAccess function after removal by sysfs. There is a use-after-free issue triggered by the following process: bash P1sda P2sdb echo 0 /sys/block/sdb/trace/enable blkTraceRemoveQueue...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: platform/x86: int3472: Check if adev is NULL. Not all devices have an ACPI companion fwnode; therefore, adev might be NULL. This can, for example theoretically, occur when a user manually binds one of the int3472 drivers to anoth...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: A sysfs leak was fixed in allociommu. The iommudevicesysfsadd function is called before this, so it must be cleaned up in subsequent errors...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Check for null before removing sysfsattrs. If coretempaddcore encounters an error, pdata-coredataindx is already NULL and has been freed. Do not pass this value to sysfsremovegroup, as it will cause a crash in...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisysfs: Fixed an issue where the function deviceadd was called multiple times. The function deviceadd should not be called multiple times, as stated in its documentation: “Do not call this routine or deviceregister...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: fixed a memory leak in ocfs2stackglueinit The ocfs2tableheader should be freed in ocfs2stackglueinit if ocfs2sysfsinit fails; otherwise, kmemleak will report a memory leak. BUG: Memory leak Unreferenced object...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15, and Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: create sysfs nodes as driver’s default device attribute group The sysfs nodes related to the DisplayPort driver may be available to the user space before typecaltmodesetdrvdata completes in...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: net-sysfs: added a check to ensure netdevice is present before using speedshow. When disabling the netdevice or during system shutdown, a panic may occur when accessing the sysfs path, because the device has already been removed...
CVE-2026-52905
A flaw was found in the Linux kernel's Data Access MONitor DAMON core. The damonstart function, when used via the DAMON sysfs interface, failed to properly validate the minregionsz parameter. This allowed non-power of two values, which could lead to unaligned DAMON region address ranges and...
CVE-2026-52905 mm/damon/core: disallow non-power of two min_region_sz on damon_start()
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: disallow non-power of two minregionsz on damonstart Commit d8f867fa0825 "mm/damon: add damonctx-minszregion" introduced a bug that allows unaligned DAMON region address ranges. Commit c80f46ac228b "mm/damon/core:...