522693 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: return fail if interface is down in bnxtqueuememalloc The bnxtqueuememalloc function is called to allocate new queue memory when a queue is restarted. It internally accesses the rx buffer descriptor corresponding to th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: vfio: Fixed NULL pointer dereferencing caused by uninitialized group-iommufd. group-iommufd is not initialized for the iommufdctxput function. 20018.331541 BUG: NULL pointer dereferencing in the kernel, address: 00000000000000...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: ti: icssgprueth: Fixed NULL pointer dereferencing in pruethprobe. In the pruethprobe function, if one of the calls to emacPhyConnect fails because of ofPhyConnect returning NULL, then the subsequent call to phyattachedinfo...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Block layer: Fixed corruption of q-blkglist during disk rebinding. Multiple instances of the gendisk function can be allocated/added for a single request queue during disk rebinding. As a result, blkg may still remain in q-blkgli...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: iio: adc: aspeed: Fixed the refcount leak in aspeedadcsettrimdata. The function offindnodebyname returns a node pointer with a refcount incremented; we should use ofnodeput on it after processing. Added the missing ofnodeput...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: dm raid: fixed access issues beyond the end of the raid member array. When the dm-raid table is loaded using raidctr, dm-raid allocates an array rs-devsrs-raiddisks for the raid device members. rs-raiddisks is determined by the...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: tomoyo: Fixed the UAF write bug in tomoyowritecontrol. Since tomoyowritecontrol updates head-writebuf when the write function is called for long lines, we need to retrieve head-writebuf after holding head-iosem. Otherwise,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: nsfs: Permission checks for ns iteration ioctls have been tightened. Even privileged services should not necessarily be able to access the namespaces of other privileged services, so that they cannot leak information to each othe...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: pmdomain: arm: scmi: Fixed the issue of a memory leak caused by the failure to remove generic power domains when the ofgenpdaddprovideronecell function fails during probing. If the ofgenpdaddprovideronecell function fails during...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed a lockup issue caused by a race condition between inode eviction and inode caching. There is a race condition between inode eviction and inode caching that can cause a live struct btrfsinode to be missing from the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fixed a deadlock between rcutaskstrace and eventmutex. Fixed the following deadlock: - CPU A: - freeevent - perfkprobedestroy - mutexlock&eventmutex - perfTraceEventUnreg - synchronizercutaskstrace There are several paths...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices The probe function is only used for the DP83822 PHY; the private data pointer remains uninitialized for the smaller DP83825/26 models. While all uses of the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: fix reference leak in gpiompsseprobe error paths The reference to usbgetdev is not released during the gpiompsseprobe error paths. This issue was fixed by using device-managed helper functions. Additionally, the...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Added a null check for the ‘afb’ variable in the amdgpudmplanehandlecursorupdate function v2. This commit moves the null check for the ‘afb’ variable to the line where it is actually used in the...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: xsk: Fixed a race condition in socket teardown Fixed a race condition in the xsk socket teardown code that could lead to a NULL pointer dereferencing. The current xskunbindcode in xskunbinddev starts by setting xs-state to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: - ice: fixed the issue where calls to PF PTP cleanup iceptpcleanuppf function and the ‘pslock’ mutex deinitialization were missed during error paths involving driver removal. The cleanup process for releasing PTP resources...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: virtio-vdpa: Fixed a cpumask memory leak in virtiovdpafindvqs Free the cpumask allocated by createaffinitymasks before returning from the function...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: usb: ax88179178a: Fixed out-of-bounds accesses in RX fixup The ax88179rxfixup function contains several out-of-bounds accesses that can be triggered by a malicious or defective USB device. Specifically: - The metadata array...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fixed an SError in ufshcdrtcwork during UFS suspend. In ufshcdwlsuspend, canceldelayedworksync is called to cancel the UFS RTC work. However, this function is called after ufshcdvopssuspendhba, pmop, POSTCHANGE...
Astra Linux – Vulnerability in Firefox
The NSCDeriveKey function inadvertently assumed that the phKey parameter was always non-NULL. When the parameter was passed as NULL, a segmentation fault occurred, resulting in crashes. This behavior conflicts with the PKCS11 v3.0 specification, which allows phKey to be NULL for certain mechanism...