Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed an issue where the index out of bounds occurred in the DCN30 degamma hardware format translation. This commit addresses a potential index out of bounds issue in the cm3helpertranslatecurvetodegammahwformat...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fixed a potential bug in endbufferasyncwrite According to a syzbot report, endbufferasyncwrite, which handles the completion of block device writes, may detect abnormal conditions of the asyncwrite flag and cause a BUGON...

Astra Linux - уязвимость в squid

Squid is a caching proxy for the web that supports HTTP, HTTPS, FTP, and other protocols. Due to a Buffer Overread bug, Squid is vulnerable to a Denial of Service attack targeting the Squid HTTP message processing mechanism. This bug has been fixed in Squid version 6.5. Users are advised to...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/hns: Fixed a soft lockup that occurred during the loop that allocates BT pages. The driver executes a for-loop when allocating BT pages and mapping them with buffer pages. When a large buffer e.g., an MR of over 100GB is...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iiosimplydummybuffer: fixed the information leak in the triggered buffer. The data array is allocated using kmalloc, and it is used to push data to user space from the triggered buffer. However, it does not set values...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: wifi: iwlwifi: mvm: Fixed handling of response in iwlmvmsendrecoverycmd 1. The size of the response packet was not validated. 2. The response buffer was not freed. These issues can be resolved by switching to...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer. Since the report buffer is used by various drivers in various ways, let’s initialize it to zero during allocation, so that it cannot ever be used to leak kernel memory through special...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: vertexcom: mse102x: Fixed a possible double-free of TXskb The scope of TXskb is broader than just mse102xtxframespi; therefore, if the TXskb memory needs to be expanded, we should free the temporary skb instead of the origin...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: PCI: kirin – A buffer overflow issue was addressed in kirinpcieparseport. Within kirinpcieparseport, the value of pcie-numslots is compared to pcie-gpioidreset.size which is equal to MAXPCISLOTS. This comparison is correct;...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nilfs2: Handling of inconsistent states in nilfsbtnodecreateblock. Syzbot reported that an inconsistency in the buffer state was detected in nilfsbtnodecreateblock, which triggered a kernel bug. It is not appropriate to consider...

Astra Linux - уязвимость в linux-5.15, linux-6.1, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Check that bova-bo is not NULL before using it. The call to radeonvmclearfreed may clear bova-bo, so we must check this before dereferencing it...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: iio: pressure: zpa2326: fix information leak in triggered buffer The “sample” local struct is used to push data to user space from a triggered buffer. However, there is a flaw in this structure regarding the values of temperature...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: r8169: Fixed potential ring buffer corruption due to fragmented Tx packets. An issue was identified on the RTL8125b when transmitting small, fragmented packets. Invalid entries were inserted into the transmit ring buffer, resulti...

Astra Linux - уязвимость в libxml2

A flaw was discovered in the xmlBuildQName function of libxml2. Integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue may result in memory corruption or a denial of service when processing malicious input...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix tx.buf use-after-free in isotpsendmsg isotpsendmsg only uses cmpxchg on so-tx.state to serialize access to so-tx.buf. isotprelease waits for ISOTPIDLE via waiteventinterruptible, then calls kfreeso-tx.buf. If a...

Astra Linux - уязвимость в qtimageformats-opensource-src

A buffer overflow in Nomacs v3.15.0 allows attackers to cause a denial of service DoS attack through a specially crafted MNG file...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Ice: The logic for copying the last block was omitted in icegetmoduleeeprom. icegetmoduleeeprom is broken since the commit e9c9692c8a81 “Ice: Reimplement module reads used by ethtool”. In this refactoring, icegetmoduleeeprom read...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Staging: rtl8723bs: Fixed a potential memory leak in rtwinitcmdpriv. In rtwinitcmdpriv, if pcmdpriv-rspallocatedbuf is allocated incorrectly, then pcmdpriv-cmdallocatedbuf will not be released properly. Additionally, since there...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iio: fixed a potential out-of-bound write issue. The buffer is set to 20 characters. If a caller writes more characters, the count is truncated to the maximum available space in “simplewritetobuffer”. To prevent access by OoB,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Disabling INVLPGB on Zen2 AMD Cyan Skillfish Family 17h, Model 47h, Stepping 0h has a issue that causes system errors and panics when performing TLB flush using INVLPGB. However, the problem arises because the machin...