Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/sched: schtaprio: properly canceled the timer from tapriodestroy There is a comment in qdisccreate regarding the fact that we do not call ops-reset in some cases. errout4: “Any broken qdisc instances that would require...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: Timer: Fix for the idafree call being called when the ID is not allocated. In the sndutimercreate function, if the kasprintf function returns NULL, the sndutimerputid function will be called, ultimately using idafree to fre...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Cancel the running BPF timer through kworker for PREEMPTRT During the update process, when overwriting an element in a pre-allocated htab, the freeing of oldelement is protected by the bucket lock. The reason why the bucket...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/vgem-fence: Fixed potential deadlock issues upon release. A timer that automatically releases a vgem fence after 10 seconds is now implemented. This is achieved by calling timerdeletesync from fence-ops.release, which is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Firewire: Core – Fix for race condition with the transaction list The list of transactions is enumerated without acquiring the card lock when processing the AR response event. This causes a race condition bug when processing the ...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Synchronize devfreqmonitorstart/stop There is a possibility that frequent changes to the governor, performed in a loop, can lead to corruption in the timer list. Specifically, the timer cancellation process, which...

Astra Linux - уязвимость в linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: “sh: push-switch: Reorder cleanup operations to avoid use-after-free bug” The original code placed “flushwork” before “timershutdownsync” in “switchdrvremove”. Although we use “flushwork” to stop the worker, it could be reschedul...

Astra Linux - уязвимость в linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ax25: Fixing use-after-free bugs caused by ax25dsdeltimer. When the ax25 device is being detached, the ax25devdevicedown function calls ax25dsdeltimer to clean up the slavetimer. When the timer handler is running, the...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: Timer – Setting a lower limit for the start tick time Currently, the ALSA timer does not have a lower limit for the start tick time. It allows a very small size, for example, 1 tick with a resolution of 1 nanosecond for the...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: tracing/timerlat: Fixed a race condition during cpuhp processing. There is another exception found: the “timerlat/1” thread was scheduled on CPU0, leading to timer corruption: ODEBUG: init active active state 0 object:...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a use-after-free of nreq in reqsktimerhandler. The referenced commit replaced inetcskreqskqueuedropandput with inetcskreqskqueuedrop and reqskput in reqsktimerhandler. As a result, oreq should be passed to reqskput...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mrp: Introduced active flags to prevent UAF when the applicant uninit occurs. The caller of deltimersync must prevent the timer from restarting. If we don’t have this synchronization, there is a small chance that the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: Timer: Do not take registermutex with copyfrom/touser. The infamous mmaplock taken during copyfrom/touser can often be problematic when it is called within another mutex, as this may lead to deadlocks. In the case of ALSA...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerabilities have been resolved: m68k: For mvme147 and mvme16x architectures, do not wipe the PCC timer configuration bits. Do not clear the timer 1 configuration bits when clearing the interrupt flag and counter overflow. As reported by Michael, “This result...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Watchdog: sc520wdt: A possible use-after-free occurred in wdtturnoff. The remove method of this module calls deltimer. However, that function does not wait until the timer handler is finished. This means that the timer handler ma...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Drivers: USB: Host: Fixed a deadlock in oxubussuspend There is a deadlock in oxubussuspend, as shown below: Thread 1 | Thread 2 | timeraction oxubussuspend | modtimer spinlockirq //1 | Wait for a while ... | oxuwatchdog...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: clockevents: Added missing resets to the nexteventforced flag. The mechanism used to prevent timer interrupts from being missed failed to reset the nexteventforced flag in several locations: - When the state of the clock event...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: atm: iphase: fixed a possible use-after-free in iamoduleexit The remove function of this module calls deltimer. However, that function does not wait for the timer handler to complete. This means that the timer handler may still b...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: posix-timers: A potential memory leak was identified in dotimercreate. When creating a posix timer with allocation of a specific timer ID, if there are issues with accessing the value in the user space, the function terminates...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: tty: serial: imx: disable Ageing Timer interrupt request irq There might be pending USR interrupts before requesting the IRQ. However, uartaddoneport has not been executed, which could lead to kernel panic. 0.795668 Unable to...