Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-pcm: do not use socpcmret on the .prepare callback. The commit 1f5664351410 states, “ASoC: lower the log severity when no backend DAIs are enabled for … Port.” This commit ignores the -EINVAL error message when using...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Driver: soc: xilinx: fixed a memory leak in xlnxaddcbfornotifyevent. The kfree function should be called when memory fails to be allocated for cbdata in xlnxaddcbfornotifyevent. Otherwise, a memory leak will occur; therefore,...

Astra Linux - уязвимость в ansible

Ansible versions 2.9.x before 2.9.1, 2.8.x before 2.8.7, and 2.7.x before 2.7.15 do not respect the “nolog” flag set to True when using Sumologic and Splunk callback plugins to send task result events to collectors. This could lead to the disclosure and collection of sensitive data...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: musb: Fixed hardware lockup issue when the first Rx endpoint request is made There is a possibility that the callback function for a request could be invoked from usbepqueue as shown in the call trace below, with missing cal...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: fec: Better handling of the case where pmruntimeget fails in .remove. In the unlikely event that pmruntimeget disguised as pmruntimeresumeandget fails, the remove callback returns an error early. The problem with this is tha...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/sched: Fixed the leak caused by referencing the fence’s reference count. The lastscheduledfence variable leaks when an entity is being terminated, and the cleanup callback fails. The reference count of prev should be...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always drain health during the shutdown callback. There is no point in performing recovery operations during device shutdown. If health-related tasks are initiated, one must wait until they are completed to avoid race...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: uacce: fixed the isolate/sysfs check condition. uacce supports the device isolation feature. If the driver implements the isolateerrthresholdread and isolateerrthresholdwrite callback functions, uacce will now create sysfs...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: s390/vfio-ap: fixed a memory leak in the vfioap device driver. The device release callback function calls the devgetdrvdata function to retrieve the pointer to the vfiomatrixdev object in order to free its memory. The problem ...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fixed a possible use-after-free in the async command interface The mlx5cmdcleanupasyncctx function should only return after all its callback handlers are completed. Before this patch, there was a race between...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: cpufreq: The exit callback is optional. The exit callback is optional, and it should not be called without first checking a valid pointer. Additionally, we must clear the freqtable pointer even if the exit callback is not present...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: NFSD: fixed a hang issue in nfsd4shutdowncallback. If nfs4client is in the courtesy state, there is no point in sending the callback. This causes nfsd4shutdowncallback to hang, as clcbinflight is not set to 0. This hang lasts...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: streamzap: Fixed a race condition between device disconnection and urb callback. Syzkaller has reported a general protection fault in the function irraweventstorewithfilter. This crash occurs due to a NULL pointer...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In the can:usb:etases58x module, the task of anchoring the urb data during the read bulk callback has been corrected. When submitting an urb using the anchoring mechanism, it must be anchored before submission. Otherwise, it coul...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: schedext: The deadlock caused by SCXKICKWAIT was fixed by deferring the wait until the target CPU’s kickSYNC progresses. The busy-waiting state in kickcpusirqworkfn uses smpCondLoadAcquire until the target CPU’s kickSYNC advances...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Added a check on the callback function pointer before calling it. In the dpucoreirqcallbackhandler callback function, the pointer pointing to the callback function is checked to be NULL. However, the callback functio...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Media: si470x: Fixed a use-after-free in si470xintincallback Syzbot reported a use-after-free in si470xintincallback 1. This indicates that urb-context, which contains a struct si470xdevice object, is freed when si470xintincallba...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: The can: usb: f81604 issue requires that the urb data be correctly anchored during the read bulk callback. When submitting an urb, if the anchor pattern is used, it must be anchored before submission. Otherwise, it could be leake...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: acpi: Fixed suspend with Xen PV The commit f1e525009493 "x86/boot: Skipping realmode init code when running as Xen PV guest" missed one code path that accessed the realmodeheader, leading to a NULL dereference during system...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ptp: Ensure that info-enable callback is always set. The ioctl and sysfs handlers call the -enable callback unconditionally. Not all drivers implement this callback, resulting in NULL dereferencing. Examples of affected drivers:...