Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: bamdma: Fixed error handling for num-channels/ees When there is no clock specified in the device tree, there is no way to ensure that the BAM is enabled. This often occurs for remotely controlled or remotely...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm: adv7511: A use-after-free issue has been fixed in adv7533attachdsi. The hostnode pointer was assigned and freed in adv7533parsedt. Later, adv7533attachdsi uses the same pointer. This use-after-free issue can be fixed by...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: pinctrl: canaan: k230: added a NULL check in DT parsing. A NULL check was also added for the return value of ofgetproperty when retrieving the “pinmux” property in the group parser. This prevents a potential NULL pointer...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: pinctrl: pinconf-generic: Fixed a memory leak in pinconfgenericParseDtconfig In pinconfgenericParseDtconfig, if parseDtCfg fails, it returns directly. This bypasses the cleanup logic, resulting in a memory leak of theCfg buffer...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: The release path was called before initializing the extent tree in btrfsreadlocked inode. In btrfsreadlocked inode, we call btrfsinitfileextenttree while holding a lock on a read-locked leaf of the subvolume tree...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Fixed an issue related toracy under the cocurrent smb2 tree disconnect scenario. There is a UAF issue under the cocurrent smb2 tree disconnect scenario. This patch introduces TREECONNEXPIRE flags for tcon to avoid...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: net/sched: Restricted conditions were added for adding duplicate netems into a qdisc tree. The duplication prevention logic of netemenqueue breaks when a netem resides in a qdisc tree along with other netems. This can lead to ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed an incorrect return value after changing the leaf in lookupextentdataref After commit 1618aa3c2e01 “btrfs: simplified return variables in lookupextentdataref”, the err and ret variables were merged into a single ret...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed a mid leak that occurred during reconnection after a timeout threshold. When the number of responses with the status STATUSIOTIMEOUT exceeds a specified threshold NUMSTATUSIOTIMEOUT, we reconnect the connection...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iio: adc: adi-axi-adc: Fixed a refcount leak in adiaxiadcattachclient. The ofparsephandle function returns a node pointer with a refcount incremented. We should use ofnodeput on it when there is no longer a need for it. Add the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid cycles in the h-tree A maliciously corrupted filesystem can contain cycles in the h-tree stored inside a directory. This can easily lead to the kernel corrupting tree nodes that have already been verified during...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Validating the session ID and tree ID in compound requests. The function smb2getmsg in smb2getksmbdtcon and smb2checkusersession always returns the first command in a compound request’s header. If SMB2TREECONNECTHE is the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: cihdrcimx: Also search for ‘phys’ handle. When passing ‘phys’ in the device tree to describe the USB PHY handle which is the recommended approach according to Documentation/devicetree/bindings/usb/ci-hdrc-usb2.txt,...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: - In the net:sched section, there is a fix for the order of qlen adjustment. - Changes to sch-q.qlen related to qdisctreereducebacklog need to occur before a call to that function. Otherwise, it may fail to notify the parent...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: – The faulty behavior of the mm:resolvefaultymmapregion function has been fixed. The mmapregion function is quite problematic; its control flow is complex and messy, and there are numerous ways in which issues can arise. This...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: jfs: Upper bound check of the tree index in dbAllocAG When calculating the tree index in dbAllocAG, we never check whether we are out of bounds relative to the size of the tree. This could occur in a scenario where the filesystem...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fix for an assertion failure when building the free space tree. When building the free space tree with the block group tree feature enabled, an assertion failure may occur as follows: BTRFS info device loop0 state M:...

Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: schhfsc: made hfscqlennotify idempotent. hfscqlennotify itself is not idempotent, and it is not friendly to its callers, like fqcodeldequeue. We need to make it idempotent to ease the work of qdisctreereducebacklog callers: 1...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: The backend for setting the DEAD bit was changed to use the GC transaction API. The GC transaction API replaces the old and buggy gc API and the busy mark approach. No set elements are removed from async...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net/sched: fixed an issue with lockdep in qdisctreereducebacklog qdisctreereducebacklog is called with the qdisc lock held, not RTNL. We must use qdisclookuprcu instead of qdisclookup syzbot reported: WARNING: suspicious RCU...