Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Media: si470x: Fixed a use-after-free in si470xintincallback Syzbot reported a use-after-free in si470xintincallback. This indicates that urb-context, which contains a struct si470xdevice object, is freed when si470xintincallback...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix for the memory leak in mlx5drcmdcreatereformatctx. When mlx5cmdexec fails in mlx5drcmdcreatereformatctx, the memory pointed to by ‘in’ is not released, which can lead to a memory leak. Move the memory release...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: uio: uiodmemgenirq: Fixed an issue where the unlock operation was missed in irq configuration. The commit b74351287d4b “uio: fixed a bug in uiodmemgenirqirqcontrol”. corrected the code so that disableirq was called without...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: IB/mad: Don't call to function that might sleep while in atomic context Tracepoints are not allowed to sleep, as such the following splat is generated due to call to ibquerypkey in atomic context. WARNING: CPU: 0 PID: 1888000 at...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: - fs: exported anoninodemakesecureinode and fixed the issue with secretmem LSM bypass. - The anoninodemakesecureinode function was exported to allow KVM guestmemfd to create anonymous inodes with proper security context. This...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fixed potential null pointer dereference issues. The amdgpurasgetcontext function may return NULL if the device does not support the RAS feature; therefore, a check must be performed before using this function...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: iouring/zctx: Check chained notification contexts. Send zc only when there are links available for requests coming from the same context. There are some ambiguous reports related to syz, so let’s examine the assumption regardi...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cfg80211: Calling cfg80211stopap when switching from P2PGO type If the user-space tools switch from NL80211IFTYPEP2PGO to NL80211IFTYPEADHOC via sendmsgNL80211CMDSETINTERFACE, it does not call the cleanup function cfg80211stopap...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: dsa: tag8021q: Avoid leaking ctx on the error path of dsatag8021qregister If dsatag8021qsetup fails, for example due to the inability of the device to install a VLAN, the tag8021q context of the switch will be leaked. Make...

Astra Linux - уязвимость в libde265

strukturag libde265 commit d9fea9d wa discovered to contain a segmentation fault via the component decodercontext::computeframedroptable...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: riscv: Rewrite kernelmappages to prevent sleeping in an invalid context. kernelmappages is a debugging function that clears the valid bit in page table entries for deallocated pages, thereby detecting illegal memory accesses to...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: “sched/fair: Make sure to try to detach at least one movable task” has been reverted. This reversion is associated with the commit b0defa7ae03ecf91b8bfd10ede430cff12fcbd06. The patch b0defa7ae03ec changed the load balancing logic...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: MIPS: cevt-r4k – Do not call getc0compareint if the timer irq is installed. This prevents a warning: 0.118053 BUG: A sleeping function was called from an invalid context at kernel/locking/mutex.c:283. The issue was caused by the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: Use a static NDP16 location within the URB. The original code allowed the start of NDP16 to be anywhere within the URB, based on the wNdpIndex value in NTH16. Only the start position of NDP16 was checked, which ma...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: amdkfd: The gangctxbo memory object is properly freed when attempting to initialize the user queue. The destructor of the gtt bo is declared as: void amdgpuamdkfdfreegttmemstruct amdgpudevice adev, void memobj; This function take...

Astra Linux – Vulnerabilities in Linux-6.1, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: gpio: rcar: Use rawspinlock to protect register access The rawspinlock is used to fix spurious messages about invalid context when spinlock debugging is enabled. The lock is only used to serialize register access. 4.239592...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed an invalid context error in the dml helper. Why “BUG: Sleeping function called from invalid context” error. After: drm/amd/display: Protection was added for the FPU in dml2validate/dml21validate. The...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: perf/amlogic: Replace smpprocessorid with rawsmpprocessorid in mesonddrpmucreate The Amlogic DDR PMU driver’s mesonddrpmucreate function incorrectly uses smpprocessorid, which assumes disabled preemption. This leads to kernel...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check debugtrapenable before writing dbgevfile. In interrupt context, the write dbgevfile operation will be executed via a work queue. This will cause the write dbgevfile operation to be executed after debugtrapdisabl...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mptcp: The “kern” flag was removed from fallback sockets. The mptcp ULP extension relies on sk-sksockkern being set correctly. It prevents the call to setsockoptfd, IPPROTOTCP, TCPULP, "mptcp", 6 from working for plain TCP socket...