2016 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: powerpc/bpf: Fixed the detection of BPF atomic instructions. The commit 91c960b0056672 “bpf: Rename BPFXADD and prepare to encode other atomic instructions in .imm” changed BPFXADD to BPFATOMIC and added a mechanism to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed kernel address leakage in atomic fetch The change in commit 37086bfdc737 “bpf: Propagates stack bounds to registers in atomic operations with BPFFETCH” regarding the handling of checkmemaccess is flawed. This flaw allo...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/siw: Fixed a refcounting leak in siwcreateqp. The atomicinc function needs to be paired with an atomicdec function in the error handling path...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: PM: domains: Fixed a sleep-in-atomic bug caused by genpddebugRemove When a genpd with GENPDFLAGIRQSAFE is removed, the following sleep-in-atomic bug will occur, as genpdDebugRemove will be called with a spinlock held. 0.029183 BU...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Firmware: Xilinx: Do not perform sleepable memory allocations from an atomic context. The following issue was discovered using lockdep: 6.691371 BUG: A sleeping function is called from an invalid context at...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Fix scheduling while atomic The driver makes a call to the midlayer function fcremoteportdelete, which can put the thread in a sleep state. The thread that originates the call is in an interrupt context. The...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: RISCV: Fixed a race condition when vmap stack overflow occurs. Currently, when detecting vmap stack overflow, RISCV first switches to the so-called shadow stack, and then uses this shadow stack to call getoverflowstack, in order ...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: dm-crypt, dm-verity: Disable tasklets Tasklets have an inherent problem with memory corruption. The taskletactioncommon function calls tasklettrylock, then it calls the tasklet callback, and then it calls taskletunlock. If the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Added a null pointer check for dpuencoderneedsmodeset. The drmatomicgetnewconnectorstate function may return NULL if the connector is not part of the atomic state. A check was added to prevent a NULL pointer...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A race condition was detected in the Linux kernel’s DRM/Exynos device driver, specifically in the exynosdrmcrtcatomicdisable function. This can lead to a null pointer dereferencing issue, which may potentially cause a kernel panic or a denial of service condition...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: i2c: core: Perform atomic i2c transfers when !preemptible is set. Since bae1d3a05a8b, i2c transfers are not atomic if preemption is disabled. However, non-atomic i2c transfers require preemption e.g., during waitforcompletion, wh...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Sysv: Do not call sbbread with pointerlock held. syzbot reports sleep in atomic context in the SysV filesystem 1. For sbbread, the function is called with rwspinlock held. A bug involving a “deadlock due to...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fixed the issue to cover normal cluster writes using cprwsem. When we overwrite a compressed cluster with a normal cluster, we should not unlock cprwsem during f2fswriterawpages. Otherwise, data will be corrupted ...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/rxe: Returns a CQE error if an invalid lkey is provided. RXE fails to update the WQE status in cases of LOCALwrite failures. This caused the following kernel panic if someone performed an atomic operation with an explicit...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: led: qcom-lpg: Fixed sleeping in atomic operations The lpgh brightnessset function can enter a sleeping state, while the led’s brightnessset callback must be non-blocking. The LPG driver should use brightnesssetblocking instea...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: Avoid corrupting the page-mapping in hugetlbmcopyatomicpte. In the MCOPYATOMICCONTINUE case with a non-shared VMA, the pages in the page cache are stored in the ptes. However, hugepageaddnewanonrmap is called for thes...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: Added an atomiccheck to bridge operations. In the DRM committails function, if both conditions for disabling the downstream crtc/encoder/bridge are required, and crtc-active is set before pushing a new frame downstrea...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: net/iucv: Fixed the issue where iucvsockclose was used after memory was freed. The iucvseverpath function is called from both process context and thread context. The iucv-path variable is used to indicate whether someone else ...
Astra Linux – Vulnerability in Linux, Linux 5.10
There is a bug in /net/nfc/netlink.c that allows an attacker to crash the Linux kernel by simulating an NFC device from user-space...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: octeontx2-pf: Fixed the use of GFPKERNEL in atomic contexts for rt. The commit 4af1b64f80fb “octeontx2-pf: Fixed the lmtst ID used in aurafree” uses get/putcpu to protect the usage of percpu pointers in the -aurafreeptr...