522980 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/erdma: Fixed a reference count leak in erdmammap. The function rdmausermmapentryget takes a reference; we should release that reference when it is no longer needed. Add the missing rdmausermmapEntryPut function in the err...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: crypto: qat – fix DMA transfer direction When CONFIGDMAAPIDEBUG is enabled, during the execution of the crypto self-test for QAT crypto algorithms, the function adddmaentry reports a warning indicating that overlapping mapping...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: drm/shmem-helper: The erroneous “put” operation has been removed from the error path. The drmgemshmemmmap function does not have a reference in the error code path, resulting in the dma-buf shmem GEM object being freed...
Astra Linux – Vulnerability in Qemu
QEMU prior to version 8.2.0 has an integer underflow issue, which can lead to a buffer overflow. This occurs due to a TI command, where a transfer length that is not a DMA transfer is processed, and the actual transfer length is shorter than the length of the available FIFO data. This issue arise...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Added a clamp function in scarlett2mixerctlput Ensured that the value passed to scarlett2mixerctlput is between 0 and SCARLETT2MIXERMAXVALUE, so that we do not attempt to access elements outside of...
Astra Linux – Vulnerability in hdf5
The HDF5 library from version 1.14.3 has a heap buffer overflow issue in the H5Omtimenewencode function within H5Omtime.c...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: ufs-qcom: Fixed the issue of null pointer dereferencing in ESI. ESI/MSI is a performance optimization feature that provides dedicated interrupts per MCQ hardware queue. This is an optional feature, and UFS MCQ should...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/meson: encoderhdmi: Fixed a reference count leak in mesonencoderhdmiinit. In the function ofgraphgetremotenode, the remote device nodepointer is returned with a incremented reference count. We should use ofnodeput on it after...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: usb:dwc3:st: fix probed platform device ref count on probe error path The probe function never performs any platform device allocation. Therefore, the error path “undoplatformdevalloc” is completely spurious. It simply reduces th...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net: mana: Fixed error handling in manacreatetxq/rxq’s NAPI cleanup Currently, the napidisable function is called during the cleanup of rxq and txq, even before napi is enabled and hrtimer is initialized. This causes kernel...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Abrupt exit when failing to load firmware in pspinitcapmicrocode. In the function pspinitcapmicrocode, an abrupt exit should occur when attempting to load firmware fails; otherwise, it may lead to invalid memory acces...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: arm64: ptrace: Fixed an issue with partial SETREGSET for the NTARMTAGGEDADDRCTRL register. Currently, the taggedaddrctrlset function does not initialize the temporary “ctrl” variable. A SETREGSET call with a length of zero will...
Astra Linux – Vulnerability in Linux
A vulnerability was discovered in the Linux kernel. In the function printerioctl, there is an attempt to access a printerdev instance that has been deallocated. However, a use-after-free issue arises because the memory was previously freed by the gprinterfree function...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Firmware: qcom: SCM: Fixed the missing read barrier in qcomscmgettzmempool. The commit 2e4955167ec5 “Firmware: qcom: SCM: Fixed scm and waitq completion variable initialization” introduced a write barrier in the probe function to...
Astra Linux - Vulnerability in Golang-1.19
The ParseAddressList function improperly handles comments text within parentheses within display names. Since this contradicts conforming address parsers, it can lead to different trust decisions being made by programs that use different parsers...
Astra Linux – Vulnerability in yaml-cpp
The SingleDocParser::HandleFlowMap function in yaml-cpp also known as LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service resource consumption and application crash through a crafted YAML file...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fixed an out-of-bounds access in parseintegerlimit. When configuring osnoisecpus using the write system call, the following KASAN issue may occur: BUG: KASAN: Out-of-bounds access in parseintegerlimit+0x103/0x130...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rvdso: In the vdsojointimens function, a NULL pointer was encountered when handling the vfork operation. The testing results are as follows in the kernel log: 6.838454 Unable to handle kernel access to user memory without uaccess...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: libceph: Potential out-of-bounds writes have been prevented in the handleauthsessionkey function. The len field originates from untrusted network packets. Boundary checks have been added to prevent potential out-of-bounds writes...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: xfs: fixed a UAF Use-After-Value issue in xattr repair. The xchksetupxattrbuf function can allocate a new value buffer; therefore, any reference to ab-value before the call could become a dangling pointer. This issue was fixed...