Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/via: Avoid potential array out-of-bound access in addsecretdacpath The sndhdagetconnections function may return a negative error code. This could lead to accessing the ‘conn’ array at a negative index. This issue was...

Astra Linux - уязвимость в chromium

A heap buffer overflow in UMA in Google Chrome prior to version 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fixed a null pointer dereference in ext4raw inode If ext4getinodeloc fails e.g., if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattr inodedecrefall lacks error checking, this will lead to a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Ring-buffer: Fixed the possibility of dereferencing an uninitialized pointer. There is a pointer called headpage in the function rbmetavalidateevents. This pointer is not initialized at the beginning of the function. This pointer...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: safexcel – Add error handling for dmamapsg calls The macro dmamapsg function may return 0 in the event of an error. This patch enables checks in case of a macro failure and ensures that previously mapped buffers are...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeed: A NULL pointer check was added in astvhubinitdev. The variable d-name, returned by devmkasprintf, could potentially be NULL. A pointer check was added to prevent potential NULL pointer dereferencing. This is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: tools/powerturbostat: Fixed the file pointer leak. Currently, if the fscanf function fails, an early return causes a leak of the open file pointer. This issue was fixed by closing the file before returning from the function. This...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: s390/bpf: Fixed pointer arithmetic in bpfplt. Kui-Feng Lee reported a crash on the s390x architecture, triggered by the dummystops/dummyinitptrarg test 1: 0x2 bpfstructopstestrun+0x156/0x250 sysbpf+0xa1a/0xd00...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: PCI: kirin – A buffer overflow issue was addressed in kirinpcieparseport. Within kirinpcieparseport, the value of pcie-numslots is compared to pcie-gpioidreset.size which is equal to MAXPCISLOTS. This comparison is correct;...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: qlogic: qlcnic: Fixed a NULL pointer dereference in qlcnic83xxaddrings. In qlcnic83xxaddrings, the indirect function ahw-hwops-allocmbxargs is called to allocate memory for cmd.req.arg. There is a dereference of this variabl...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: cihdrcimx: fix usbmisc handling usbmisc is an optional device property; therefore, it is completely valid for the corresponding data-usbmiscdata to have a NULL value. This check must be performed before dereferenci...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: Fixed the issue where corrupted pointer deletion occurred in cases of region creation failures. In cases where region creation fails in ipcdevlinkcreateregion, the previously created regions are deleted using a...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: traceeventshist: A check was added to ensure that the return value of createhistfield is checked. The function createhistfield is called recursively at line 1954 of traceeventshist.c, and it may return a NULL value. Therefore, we...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: Topology: Fixed a potential overflow in amufiesetup. The cpufreqgetHWmaxfreq function returns the maximum frequency in kHz as an unsigned int, while freqinvsetmaxratio receives this frequency in Hz as a u64 type. Multiplyi...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: A NULL pointer dereferencing was addressed in amdgpudmconnectoraddcommonmodes. In amdgpudmconnectoraddcommonmodes, amdgpudmcreatecommonmode assigns mode to mode, and mode is directly passed to drmmodeprobedadd...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed NULL checks for adev-dm.dc in amdgpudmfini. Since adev-dm.dc in amdgpudmfini might turn out to be NULL before the call to dcenabledmubnotifications, checks were performed beforehand to ensure that there wil...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Media: wl128x – Fix for atomicity violation in fmcsendcmd An atomicity violation occurs when the fmcsendcmd function is executed simultaneously with the modification of the fmdev-respskb value. Consider a scenario where, after...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: vmci: Speculation leaks were prevented by sanitizing the eventdata parameter in the eventdeliver function. Coverity identified that the eventmsg is controlled by user-space. The eventmsg-eventdata.event is passed to eventdeliver...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: A potential buffer overflow issue has been fixed in nisetmcspecialregisters. The last case label can write two buffers, mcregaddressj and mcdataj, where the offset of ‘j’ equals SMCNISLANDSMCREGISTERARRAYSIZE. Since...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: qed/qedsriov: protection against NULL references from qediovgetvfinfo We must ensure that the information returned by the helper function is valid before using it. This issue was identified by the Linux Verification Center...