Astra Linux - уязвимость в wireshark

A crash occurred in the USB HID protocol dissector, and possibly in other dissectors in Wireshark versions 3.4.0, 3.2.0 to 3.2.8. This issue allows for denial of service through packet injection or with crafted capture files...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerabilities have been resolved: USB: usbfs: Do not issue a WARN message regarding excessively large memory allocations. Syzbot discovered that the kernel generates a WARN message if the user attempts to perform a bulk transfer using usbfs with a buffer that ...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: can: mcbausb: fixed a memory leak in mcbausb Syzbot reported a memory leak in the SocketCAN driver for the Microchip CAN BUS Analyzer Tool. The problem occurred in unfreeing the usbcoherent object. In the mcbausbstart function...

Astra Linux - уязвимость в qemu

A flaw was discovered in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. This flaw occurs when dropping packets during a bulk transfer from a SPICE client, due to the packet queue being full. A malicious SPICE client could exploit this flaw to call the free function in...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: musb: tusb6010: check return value after calling platformgetresource This vulnerability could lead to a nullptrderef error if platformgetresource returns NULL. Therefore, we need to check the return value of this function...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: xhci-plat: Fix for crashes when suspending if remote wake-up is enabled Crashes occurred on the i.mx8qm platform when suspending if remote wake-up was enabled. Internal error: Synchronous external abort: 96000210 1 PREEMPT S...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Fixed out-of-bounds accesses in RX fixup The function aqc111rxfixup contains several out-of-bounds accesses that can be triggered by a malicious or defective USB device. Specifically: - The metadata array...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: Staging: rtl8712: fixed an issue with uninit-value in usbread8 and related functions. When r8712usbctrlvendorreq returns a negative value, the “data” obtained from usbread8,16,32 will not be initialized. Bug: KMSAN: uninit-val...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: usb: isp1760: Fixed out-of-bounds array access issues Running the driver through KASAN reveals the following issues: BUG: KASAN: Global out-of-bounds access in isp1760register+0x180/0x70c Reading a size of 20 bytes from addr...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbopen/close: fixed a memory leak. The gsusb driver appears to have a problem common to many USB CAN adapter drivers. It performs usballoccoherent to allocate a number of USB Request Blocks URBs for reception, and...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Check that the endpoint is valid before dereferencing it When the host controller is not responding, all URBs User-Randomized Block Structures queued for all endpoints need to be terminated. This can cause a kernel pan...

Astra Linux - уязвимость в linux-5.15

A use-after-free flaw was discovered in lan78xxdisconnect in drivers/net/usb/lan78xx.c within the network sub-component, net/usb/lan78xx, in the Linux kernel. This flaw allows a local attacker to cause the system to crash when the LAN78XX USB device is disconnected...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: USB: dummy-hcd: Fix interrupt synchronization error This fixes an error in synchronization in the dummy-hcd driver. The error has a somewhat complex history. The synchronization mechanism was introduced in commit 7dbd8f4cabd9...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: phy: fsl-imx8mq-usb: set platformdriverdata The missing platformsetdrvdata function has also been added, as the data will be used in the remove function...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: GPIB: LPVOUSB – Fixed a memory leak that occurred when USB devices were disconnected. The driver iterates over the registered USB interfaces during GPIB attachment and takes a reference to their USB devices until a match is found...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Return queued buffers on startstreaming failure Buffers are returned if streaming fails to start due to a uvcpmget error. This bug may be responsible for the warning that I encountered during testing. The issue...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: usb: gadget: uether: Fixed a NULL pointer dereference in ethgetdrvinfo. The commit ec35c1969650 “usb: gadget: fncm: Fixed the netdevice lifecycle with devicemove” re-parents the gadget device to /sys/devices/virtual during...

Astra Linux - уязвимость в qemu

A flaw was discovered in the USB redirector device usb-redir of QEMU. Small USB packets are combined into a single, large transfer request, in order to reduce overhead and improve performance. The combined size of the bulk transfer is used to dynamically allocate a variable length array VLA on th...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: phy: fsl-usb: Fixed a use-after-free issue during delayed work when removing a device. The delayed work item, otgevent, is initialized in fslotgconf and scheduled under two conditions: 1. When a host controller binds to the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Thunderbolt: Fixed a memory leak in margining. The memory associated with usb4-margining needs to be released for the upstream port of the router. This issue also affects the debugfs directory when the router device is removed...