530110 matches found
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: liquidio: The handling of NULL pointers in liovfrepcopypacket was adjusted. In liovfrepcopypacket, pginfo-page is compared to a NULL value, but it is then unconditionally passed to skbaddrxfrag, which seems strange and could lead...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Do not leave a dangling sk pointer after an error in l2capsockcreate. The btsockalloc function allocates the sk object and attaches it to the provided sock object. If an error occurs in l2capsockalloc, the sk...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: nfsd: Ensure that exp remains active before calling svcexportshow. The function eshow was called with protection from RCU. This only ensures that exp will not be freed. As a result, the reference count of exp can drop to zero,...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't query the device logical block size multiple times Devices block sizes may change. One of these cases is a loop device by using ioctl LOOPSETBLOCKSIZE. While this may cause other issues like IO being rejected, in t...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ubi: fastmap: Fixed duplicate slab cache names during attachment Since commit 4c39529663b9 “slab: Warns about duplicate cache names when DEBUGVM=y”, duplicate slab cache names can be detected, and a kernel warning is issued. In t...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: iouring/rw: fixed the omission of the NOWAIT check for ODIRECT write operations. When iouring initiates a write operation, it calls kiocbstartwrite, which triggers the super block rwsem. This prevents any freezes from occurring...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioedgeport: fix use after free in debug printk The line “devdbg&urb-dev-dev, …” occurs after the function usbfreeurburb. This is a use after free of the “urb” pointer. To avoid this issue, store the “dev” pointer at...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Networks: Ethernet: lantiqetop – fixed memory disclosure issues. When padding packets, the buffer is not zeroed, resulting in memory disclosure. The affected data is visible on the network. This patch uses skbputpadto to properly...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: Fixed an issue where the index out of bounds occurred in the DCN30 color transformation. This commit addresses a potential index out of bounds issue in the cm3helpertranslatecurvetoHWformat function within the...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: vhostvdpa: The irqbypassunregisterproducer function must correctly assign the token. Previously, we used irqbypassunregisterproducer in vhostvdpasetupvqirq, which was problematic because we had no way of knowing whether the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: seeq: Fixed the use-after-free vulnerability in the ether3 Driver due to race conditions. In the ether3probe function, a timer is initialized using a callback function called ether3ledoff, which is bound to &prevdev-timer...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: rtw88 – Always wait for both firmware loading attempts. In the function rtwwaitfirmwarecompletion, always wait for both regular and wowlan firmware loading attempts. Otherwise, if the rtwusbintfinit function fails in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: igb: A potential invalid memory access issue has been fixed in igbinitmodule. The pciregisterdriver function may fail. When this occurs, the dcanotifier needs to be unregistered. Otherwise, the dcanotifier can be called when igb...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net: hns3: fixed a kernel crash that occurred when uninstalling the driver. When the driver is uninstalled and the VFs are disabled concurrently, a kernel crash occurs. The reason is that both actions call the function...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: pxafb: Fixed possible use after free in pxafbtask. In the pxafbprobe function, it calls the pxafbinitfbinfo function. After that, &fbi-task is associated with pxafbtask. Moreover, within this pxafbinitfbinfo function, the...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: dma: Fixed the call order in dmamfreecoherent. dmamfreecoherent frees a DMA allocation, making the freed vaddr available for reuse. Then, it calls devresDestroy to remove and free the data structure used to track the DMA...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: kobjectuevent: Fixed issues related to OOB access within zapmodaliasenv. The zapmodaliasenv function incorrectly calculates the size of the memory block to be moved. This can lead to OOB out-of-band memory access issues if the...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
A use-after-free vulnerability in the Linux kernel’s net/sched:clsRoute component can be exploited to achieve local privilege escalation. When the route4change function is called on an existing filter, the entire tcfresult struct is always copied into the new instance of the filter. This creates ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: regmap: slimbus: Fix the buscontext pointer in regmap init calls The commit 4e65bda8273c “ASoC: wcd934x: Fix error handling in wcd934xCodecParsedata” revealed the issue in the slimbus regmap. This commit causes audio playback ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Input: pegasus-notetaker – fixed potential out-of-bounds access issues. In the pegasusnotetaker driver, the pegasusprobe function allocates the URB transfer buffer using the wMaxPacketSize value from the endpoint descriptor. An...