Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Null checks for ‘stream’ and ‘plane’ were added before dereferencing them. This commit adds null checks for the ‘stream’ and ‘plane’ variables in the dcn30applyidlepoweroptimizations function. These variables wer...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Tracing: Build event generation tests are now performed only as modules. The kprobes and synth event generation test modules add events and lock them get a reference to those event files in the module initialization function,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ICE: Fixed NULL pointer dereferencing in iceunplugauxdev when resetting. Issuing a reset command while the driver is loaded without RDMA support will result in a crash, as the function attempts to remove a nonexistent auxbus...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: irqchip/realtek-rtl: The refcount leak in mapinterrupts has been fixed. The offindnodebyphandle function returns a node pointer with a incremented refcount. We should use ofnodeput on it when there is no longer a need for it. Thi...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fixed potential null pointer dereference issues. The amdgpurasgetcontext function may return NULL if the device does not support the RAS feature; therefore, a check must be performed before using this function...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fixed a race condition involving VMA iteration and mmstruct teardown. The exitmmap function will tear down the VMAs and the maple tree, provided that the mmaplock is held in write mode. Ensure that the maple tree remains...

Astra Linux – Vulnerability in GhostScript

Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in the sampleddatasample function called from sampleddatacontinue and interp...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog. The qdisctreereducebacklog function only notifies the parent qdisc if the child qdisc becomes empty. Therefore, we need to reduce the backlog of the child qdisc before calli...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: Fixed a kernel panic that occurs when the host sends an invalid H2C PDU length. If the host sends an H2CData command with an invalid DATAL value, the kernel may crash in the nvmettcpbuildpduiovec function. The...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: PCI: mediatek – Fixed a refcount leak in mtkpciesubsyspowerup. The offindcompatiblenode function returns a node pointer whose refcount has been incremented. We should use ofnodeput on it after processing. Also, add the missing...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ata: pataocteoncf: Fixed the refcount leak in octeoncfprobe. The function offinddevicebynode takes a reference; we should use putdevice to release it when there is no longer a need for it. Added the missing putdevice call to avoi...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: powerpc/smp: Do not decrement the preempt count of the idle task when the CPU is offline. With PREEMPTCOUNT=y, when a CPU is offline and then brought back online, we encounter the following issue: BUG: Scheduling while atomic:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: mp: Fix for double-divider clock rate readback When support for double-divider clocks was introduced, the P-divider offset was left out of the .recalcrate readback function. This caused the clock rate to become...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Input: iforce – waits to complete the command after clearing the IFORCEXMITRUNNING flag. syzbot reports a hung task at inputunregisterdevice, with iforceclose waiting in waiteventinterruptible, while dev-mutex is held. This...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double-free caused by devm The clock obtained through devmclkgetenabled is automatically managed by devres. It will be disabled and freed when the driver is detached. Manual calls to clkdisableunprepare in th...

Astra Linux – Vulnerability in libxml2

In libxml2 versions before 2.12.10 and 2.13.x, before 2.13.6, there is a NULL pointer dereferencing in the xmlPatMatch function in pattern.c...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Block: Initialize the integrity buffer to zero before writing it to the media. The metadata added by biointegrityprep uses the plain kmalloc function, which results in random kernel memory being written to the media. For PI...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: tipc: fixed a possible memory leak in tipcbuf.Append. The skblinearize function does not free the skb when it fails. Therefore, move 'buf = NULL' after skblinearize, so that the skb can be freed on the error path...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Added error handling to pairdevice. The hciconnparamsadd function never checks for a NULL value, which could lead to a NULL pointer dereferencing and resulting in a crash. This issue has been fixed by adding erro...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Use the correct type in nvidiasmmucontextfault This issue was overlooked due to the use of function pointers for indirection. nvidiasmmucontextfault is also defined as an irq function, and the type ‘void ’ was...