19115 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/gud: fixed NULL fb and crtc dereferences on USB disconnection. When the connection is disconnected, the function drmatomichelperdisableall is called, which sets both the fb and crtc for a plane to NULL before performing the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: can: isotp: sanitize CAN ID checks in isotpBind. Syzbot created an environment that led to a state machine status that cannot be reached with a compliant CAN ID address configuration. The provided address information consisted of...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: “Revert ‘drm/amd/pm: resolve reboot exception for si oland’” This fix is reflected in commit e490d60a2f76bff636c68ce4fe34c1b6c34bbd86. This issue causes hangs on SI when DC is enabled, and errors occur during driver-related reboo...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: hardening the detection of controllers. The existing code currently sets a pointer to an ACPI handle before checking whether it is indeed a SoundWire controller. This can lead to issues where the proces...
Astra Linux – Vulnerability in Qemu
A issue was discovered in QEMU versions 7.1.0 through 8.2.1. In hw/pci/pciesriov.c, the registervfs function does not set NumVFs to PCISRIOVTOTALVF, resulting in improper interaction with hw/nvme/ctrl.c...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mmc: toshsd: fixed the return value check in mmcaddhost The mmcaddhost function may return an error. If we ignore its return value, the memory allocated in mmcallochost will be leaked, leading to a kernel crash due to the...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: mips: bmips: BCM6358: disabled RAC flush for TP1 RAC flush causes kernel panics on BCM6358 with EHCI/OHCI when booting from TP1: 3.881739 usb 1-1: new high-speed USB device number 2 using ehci-platform 3.895011 Reserved...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Prevention of certain integer underflows My static checker reports the following issue: drivers/infiniband/hw/irdma/ctrl.c:3605 irdmascceqinit Warning: Can subtract underflow for ‘info-dev-hmcfpmmisc.maxceqs’? It seem...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: spi: cadence-qspi: Remove system-wide suspend helper calls from runtime PM hooks. The -runtimesuspend and -runtimeresume callbacks are not expected to call spicontrollersuspend and spicontrollerresume. Remove these calls from the...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: xhci: Fixed null pointer dereferencing when the host dies. Ensure that xhcifreedev and xhcikillendpointurbs do not race with each other, and thus avoid null pointer dereferencing when the host suddenly dies. The USB core may...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm – Requesting a reserved interrupt for the virtual function The device interrupt vector 3 is an error interrupt for physical functions, and it is a reserved interrupt for virtual functions. However, the driver...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: i2c: rtl9300 – ensure that the data length is within the supported range. A explicit check for the transfer length should be added to ‘rtl9300i2cconfigxfer’ to ensure that the data length is not within the supported range. In...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Fixed a race condition between concurrent call paths that invoke dwc3removerequests. This patch addresses a race condition caused by unsynchronized execution of multiple call paths that invoke dwc3removerequests, leadi...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fixed the kernel data leak caused by ioctl calls. It is possible to view the data of kernel pages by providing a larger insize value in struct croseccommand1 when invoking EC host commands. This...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: USB: dwc3 – A memory leak was fixed by using debugfslookup. When calling debugfslookup, the result must also have dput called upon it; otherwise, memory will leak over time. To simplify this, simply call debugfslookupandremove,...
Astra Linux - уязвимость в linux-5.15
A buffer overflow vulnerability was discovered in the Linux kernel’s Intel iSMT SMBus host controller driver. This vulnerability allows a local user to crash the system by triggering the I2CSMBUSBLOCKDATA function with malicious input data. source-iocs-preserved const=I2CSMBUS...
Astra Linux – Vulnerability in Linux
The file net/bluetooth/hcirequest.c in the Linux kernel, up to version 5.12.2, contains a race condition related to the removal of the HCI controller...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: xhci: sideband: do not dereference a freed ring when removing a sideband endpoint. xhcisidebandremoveendpoint incorrectly assumes that the endpoint is running and has a valid transfer ring. Lianqin reported a crash during...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: spi: Fixed a use-after-free issue with devmspialloc. We cannot rely on the contents of the devres list during spiunregistercontroller, as the list is already cleared when we call devmspireleasecontroller. This causes devices...
Astra Linux – Vulnerability in Samba
A vulnerability was discovered in Samba’s “rpcecho” development server, a non-Windows RPC server used to test Samba’s DCE/RPC stack components. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the “rpcecho” service operates with only one...