2600 matches found
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden the getcpuforacpiid function to prevent errors when a missing CPU entry is used. During a review discussion of the changes to support vCPU hotplug, it was noted that a check was added to ensure the GICC Global...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: efi: ssdt: Do not free memory if the ACPI table was successfully loaded. Amadeusz reported errors due to KASAN use-after-free, introduced by commit 3881ee0b1edc “efi: avoid the efivars layer when loading SSDTs from variables”. Th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ACPI: Processor – Fixed the previous issue in acpiprocessorerratapiix4 After the patch provided by commi f132e089fe89 “ACPI: Processor – Fixed NULL-pointer dereference in acpiprocessorerratapiix4”, device pointers may be...
Astra Linux – Vulnerability in grub2
A flaw was discovered in grub2 in versions prior to 2.06, where it incorrectly enabled the use of the ACPI command when Secure Boot was enabled. This flaw allows an attacker with privileged access to create a Secondary System Description Table SSDT containing code that can overwrite the Linux...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: acpi: typec: ucsi: Introduced a -pollcci method For the ACPI backend of UCSI, the UCSI “registers” are merely a memory copy of the register values in an opregion. The ACPI implementation in the BIOS ensures that the contents of t...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fixed warnings during S3 suspension The enablegpewakeup function calls acpienableallwakeupgpes, and this function may also call the preemptschedulecommon function. This results in a thread switch, causing the CPU to be...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ACPICA: fixed cache leaks in “acpiparse” and “parseext”. ACPICA commit: 8829e70e1360c81e7a5a901b5d4f48330e021ea5 The actual ACPI cache leak points are as follows: 0.360101 ACPI: Added OSIModule Device 0.360101 ACPI: Added...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: acpi: nfit: fixed the narrowing conversion in acpinfitctl Syzkaller reported a warning in tonfitbusuuid: “Only secondary bus families can be translated”. This warning is emitted if the argument equals NVDIMMBUSFAMILYNFIT == 0...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: - acpi: nfit: vmalloc-out-of-bounds read in acpinfitctl A issue detected by syzbot with KASAN has also been fixed: BUG: KASAN: vmalloc-out-of-bounds in cmdtofunc, drivers/acpi/nfit/core.c:416 inline BUG: KASAN:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Updated the intermediate power state for SI. Updated the current state to the boot state during dpm initialization. During subsequent initialization, setpowerstate is called to transition to the final power state...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: tpm: acpi: Calling acpiputtable to fix a memory leak. The size of the event log area is obtained from the TPM2 or TCPA table. Therefore, we call acpigettable to retrieve ACPI information. However, acpigettable should be used in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ACPI: Processor – Check for a null return value from devmkzalloc in fchmiscsetup The devmkzalloc function may fail, and clkdata-name may be NULL. This could lead to a NULL pointer dereferencing later. rjw: Subject and changelog...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ACPI: LPIT – Avoid u32 multiplication overflow. In the function lpitupdateresidency, there is a possibility of overflow during multiplication, if tsckhz is large enough UINTMAX/1000. The multiplication operation should be replace...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ACPICA: Check for a null return value from ACPIALLOCATEZEROED in acpidbconverttopackage. ACPICA commit number: 4d4547cf13cca820ff7e0f859ba83e1a610b9fd0 The ACPIALLOCATEZEROED function may fail; the elements involved may be NULL,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: irqchip/gic-v3-its: Quirk probing for ACPI-based systems has been restored. While refactoring the way ITSs are probed, the handling of quirks applicable to ACPI-based platforms was lost. As a result, systems like HIP07 lose...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fixed the use of memory after it was freed in mt7921acpiread. Do not dereference “sarroot” after it has been freed...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ACPICA: Reverted the behavior where “ACPICA: Avoid Info: mapping multiple BARs. Your kernel is fine.” This issue was addressed by removing the requirement for memory mappings for operation regions to overlap page boundaries, as...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: tpm: tpmtis: Added the function acpiputtable to prevent a memory leak. In checkacpitpm2, we obtain the TPM2 table just to ensure that it exists and isn’t used after initialization. Therefore, the acpiputtable function should be...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: Fixed an oops error when removing custom query handlers. When removing custom query handlers, the handler may still be used within the EC query workqueue. This could lead to a kernel oops if the module that holds the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: tpm: Changed to kvalloc in eventlog/acpi.c The following failure was reported on HPE ProLiant D320: 10.693310 T1 tpmtis STM0925:00: 2.0 TPM device-id 0x3, rev-id 0 10.848132 T1 ------------ Cut here ------------ 10.853559 T1...