Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: arm/crc-t10dif: Fixed the use of an array that was used outside of its scope in crct10difarch. Fixed a silly bug where an array was used beyond its scope...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: A stack-out-of-bounds read occurred in the usbcheckintendpoints function. Syzbot1 identified a situation where a stack-out-of-bounds read of the epaddr array was performed by the hid-thrustmaster driver. Th...

Astra Linux - уязвимость в freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.1, the NDR array reader in RDPEAR did not perform bounds checking on the number of on-wire elements, and could write beyond the heap buffer allocated from hints, resulting in a heap buffer overflow in...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Use variable length arrays instead of fixed-size ones. The issue with the “smatch warning” should be fixed: Error in ntfssetlabel: builtinmemcpy’s ‘uni-name’ is too small 20 vs 256...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: qlogic/qede: A potential out-of-bounds read vulnerability exists in qedetpacont and qedetpaend. The loops in qedetpacont and qedetpaend iterate over cqe-lenlist using only a zero-length terminator as the stopping condition. ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fpga: m10bmc-sec: Fixed probe rollback issues. Properly handled probe error rollbacks to avoid leaks...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: clk: samsung: exynos-clkout: Assign .num before accessing .hws The commit f316cdff8d67 annotated the hws member of the struct clkhwonecelldata with countedby. This informs the bounds sanitizer UBSANBOUNDS about the number of...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check for a potential null return from kmallocarray. Since kmallocarray may return null, the use of 'eventwaitersi.wait' could lead to a null pointer derefrence. Therefore, it is better to check the return value of...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: jfs: added a check to prevent array-index-out-of-bounds in dbAdjTree. When the value of lp is 0 at the beginning of the for loop, it will become negative during the next assignment, and we should take appropriate measures to avoi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fpga: Integer overflow has been prevented in dflfeatureioctlsetirq. The multiplication hdr.count sizeofs32 can cause integer overflow on 32-bit systems, leading to memory corruption. Use arraysize to fix this issue...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 exploits by preventing gadget constructions in sysrtas. Smatch warning: Arch/powerpc/kernel/rtas.c:1932 dosysrtas warning: potential Spectre issue with ‘args args’ r local variable. The nargs and...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ath9khtc: fixed uninitialized values issues Syzbot reported 2 KMSAN bugs in ath9k. All of these bugs are caused by missing field initialization. In htcconnectservice, svcmetalen and pad are not initialized. Based on the code, ...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: jfs: fixed an array-index-out-of-bounds issue in diAlloc. Currently, there is no check for the agnno of the iag when allocating new inodes to avoid fragmentation problems. The check has been added, which is necessary...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: iouring/zcrx: fixed the page array leak. d9f595b9a65e “iouring/zcrx: fixed the issue of leaked pages during sg initialization failure” fixed a page leakage issue; however, the page array was not freed either...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: jfs: Fixed an array-index-out-of-bounds read in addmissingindices. stbl is a signed 8-bit value, but its offset must be within a range of 0 to 127. A bound check was added for this error, and if the check fails, the error code -E...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: rtw88: The array overrun in rtwgettxpowerparams has been fixed. When using the kernel with the Undefined Behaviour Sanity Checker UBSAN enabled, the following array overrun was logged:...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: The issue of protecting the fetch of -fdfd in dodup2 from mispredictions has been addressed. Both callers have ensured that fd is not greater than -maxfds; however, a misprediction might lead to the speculative execution of tofre...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bpf,perf: Fixed an invalid progarray access in perfeventdetachbpfprog. Syzbot reported a crash that occurs in the following tracing scenario: - Create a tracepoint with attr.inherit=1, attach it to the process, and set the BPF...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev Syzkaller reported the following issue: UBSAN: array-index-out-of-bounds in fs/jfs/jfsdmap.c:1965:6 The index -84 is out of range for the type ‘s8341’. CPU: 1 PID:...

PT-2026-42175

Name of the Vulnerable Software and Affected Versions Twig affected versions not specified Description The column filter passes input directly to the native PHP array column function. When array elements are objects, array column reads properties directly, which bypasses the...