4299 matches found
Astra Linux - уязвимость в linux-5.15
A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw exists in the processing of SMB2TREEDISCONNECT commands. The issue arises due to the lack of proper locking when performing operations on an object. An attacker can exploit...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: phy: Fix for accessing an empty array when the phygetinternaldelay function is called, provided that the driver calls phygetinternaldelay without defining delayvalues, and rx-internal-delay-ps or tx-internal-delay-ps is...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Avoid device tree lookups in rtasosterm. rtasosterm is called during panic. Its behavior depends on several conditions in the /rtas node of the device tree; traversing these nodes involves locking and changes to loc...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: amba: bus – fix refcount leak The commit 5de1540b7bc4 from drivers/amba: create devices from device tree increases the refcount of ofnode, but does not release it in ambadevicerelease. This results in a refcount leak. By using...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Networks: Bridges – Fix for use-after-free due to bypassing the port’s state during MST processing. 1 A use-after-free was reported by syzbot. This issue occurs when deleting an expired fdb. It arises due to a race condition...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Net: DSA: Fix for a panic upon shutdown if the multi-chip tree fails to probe. DSA probing is atypical because the device tree must probe all devices at once. Thus, out of N switches that call dsatreesetuproutingtable during...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fork: Invoke khugepaged and ksm hooks only if there is no error. There is no reason to invoke these hooks early on an MM that is in an incomplete state. The change in commit d24062914837 “fork: use mtdup to duplicate the maple tr...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: - clk: tegra20: Fixed a refcount leak in tegra20clockinit. - offindmatchingnode returns a node pointer with a refcount incremented. We should use ofnodeput on it when there is no longer a need for it. Add the missing ofnodeput...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerability has been resolved: nilfs2: Fix potential null-ptr-deref in nilfsbtreeinsert The patch series “nilfs2: Fix potential issues with empty b-tree nodes” addresses three potential issues with empty b-tree nodes that can occur with corrupted filesystem...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: replaced BUGON with error handling in updaterefforcow. Instead of using BUGON, simply return an error, log an error message, and abort the transaction if we encounter an extent buffer belonging to the relocation tree th...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: PCI: Keystone: Fixed a NULL pointer dereferencing issue in case of a DT error in kspciesetuprcapp regs. If IORESOURCEMEM is not provided in the Device Tree due to any error, resourcelistfirsttype will return NULL, and...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: gpio: davinci: Validate the obtained number of IRQs The value of pdata-gpiounbanked is retrieved from the Device Tree. If the Device Tree is corrupted due to any error, this value can be arbitrary. Without this value validation,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-tegra: Reading the IOMMU Stream ID from the device tree Nvidia’s Tegra MGBE controllers require the IOMMU “Stream ID” SID to be written to the MGBEWRAPAXIASID0CTRL register. The current driver is hardcoded to u...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMPDUMMY ETDM2INBE and ETDM1OUTBE are defined as COMPEMPTY, in the case where the codec dainame will be null. This prevents a crash if the device tree does not assign a codec to...
Astra Linux - уязвимость в sqlite3
SQLite 3.30.1 improperly handles certain parser-tree rewrites, related to files expr.c, vdbeaux.c, and window.c. This issue is caused by incorrect error handling in the sqlite3WindowRewrite function...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: btrfs: A sanity check was added for the btrfs root in btrfssearchslot. Syzbot reports a nullptrderef issue in btrfssearchslot. The reproducer uses rescue=ibadroots, and the extent tree root is corrupted, resulting in an empty...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Memory leaks have been fixed when rejecting a non-SINGLE data profile without an RST. At the end of btrfsloadblockgroupzoneinfo, the first thing we do is to ensure that if the mapping type is not a SINGLE one and there is ...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Do not cause overflow in the peek function. When we started assigning new inode numbers to most of the 64-bit inode space, it triggered some edge-case bugs, particularly some integer overflows related to...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: - regulator: pfuze100 – Fixed the refcount leak in pfuzeparseregulatorsdt. - ofnodeget now returns a node with the refcount incremented. - calling ofnodeput to drop the reference when it’s no longer needed...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: fs/proc: fixed a UAF in procreaddirde. The pde is erased from the subdir rbtree through rberase, but the node is not set to EMPTY, which may lead to UAF access. We should use RBCLEARNODE to set the erased node to EMPTY. Then,...