Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uSerial: Added a null pointer check in gSerialsuspend Consider a scenario where gSerialdisconnect has already cleared gser-ioport. If gSerialsuspend is called afterward, it will lead to accessing gser-ioport, thereby...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: usb: asixdevices: add phymask for ax88772 mdio bus Without setting the phymask for the ax88772 mdio bus, the current driver may create at most 32 mdio PHY devices with PHY addresses ranging from 0x00 to 0x1f. The DLink...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fixed the double-free issue with interrupt buffer allocation. In lan78xxprobe, the buffer buf was freed twice: once implicitly through usbfreeurbdev-urbintr with the URBFREEBUFFER flag, and again explicitly...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Remove sndBUGON from sndusbmidioutputopen The function sndusbmidioutputopen includes a check for the NULL port, which involves calling sndBUGON. The use of sndBUGON was intended to prevent such issues from...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: xhci: Properly handling isoc Babble and Buffer Overrun events. xHCI 4.9 explicitly prohibits making assumptions that the xHC has released its ownership of a multi-TRB TD when an error occurs in one of the early TRBs. However,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: cdnsp: Fixed a NULL pointer dereference in cdnspendpointinit In cdnspendpointinit, the function cdnspringalloc is assigned to pep-ring. There is a dereference of this variable in cdnspendpointinit, which could lead to a NULL...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Stop parsing channel bits when all channels are found. If a USB audio device sets more bits than the number of channels it supports, it may write data outside of the map array...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fixed a deadlock in the usbdeauthorizeinterface function. Among the attribute file callback routines in drivers/usb/core/sysfs.c, the interfaceauthorizedstore function is the only one that acquires a device lock on an...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: cdc-acm: Check the control transfer buffer size before accessing it. If the first fragment is shorter than struct usbcdcnotification, we cannot calculate the expectedsize. Instead, log an error and discard the notification...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: USB: serial: quatech2: fix null-ptr-deref in qt2processreadurb This patch addresses a null-ptr-deref in qt2processreadurb due to an incorrect bounds check in the following code: c if newport serial-numports deverr&port-dev, “%s -...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Remove WARNON from functionfsbind This commit addresses an issue related to a kernel panic that occurs when paniconwarn is enabled. The issue is caused by the unnecessary use of WARNON in functionfsbind, which c...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed potential out-of-bounds accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usbgetconfiguration for allocating dev-config. This...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: A NULL pointer dereference has been fixed in tcpmpdsvdm. It is possible that typecregisterpartner returns ERRPTR upon failure. When port-partner results in an error, a NULL pointer dereference may occur, as show...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: HID: sony: Fixed a potential memory leak in sonyprobe. If an error occurs after a successful usballocurb call, usbfreeurb should be called...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: USB: Hub – Protection against access to uninitialized BOS descriptors Many functions in drivers/usb/core/hub.c and drivers/usb/core/hub.h access fields within udev-bos without checking whether they have been allocated and...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A issue was discovered in the Linux kernel before version 6.3.2. A use-after-free was found in the renesasusb3remove function in drivers/usb/gadget/udc/renesasusb3.c...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k: hifusb: A use-after-free issue has been fixed in ath9khifusbregincb. It is possible that the skb buffer is freed during ath9khtcrxmsg, and then usbsubmiturb fails. As a result, we try to free the skb buffer again,...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validating UAC3 power domain descriptors as well. The UAC3 power domain descriptors also need to be verified using their variable bLength, in order to avoid unexpected OOB access attempts by malicious firmware...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: userial: Fixed race condition in TTY wakeup A race condition occurs when gsstartio calls either gsstartrx or gsstarttx. These functions briefly release the portlock of usbepqueue. This allows gsclose and...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: rtl818x: Kill URBs before clearing the txstatusqueue In rtl8187stop, the call to usbkillanchoredurbs is moved before clearing the btxstatusqueue. This change prevents callbacks from using already freed skb because the ancho...