5326 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ksmbd: A possible reference count leak in smb2open has been fixed. The reference count of ACLs will cause a leak when memory allocation fails. This issue has been addressed by adding the missing posixaclrelease function...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rtc: gamecube: Fixed a refcount leak in gamecubertcreadoffsetfromsram. The offindcompatiblenode function returns a node pointer whose refcount is incremented. We should use ofnodeput on it after processing. Also, add the missing...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: i2c: designware: use casting of u64 in clock multiplication to avoid overflow In functions i2cdwscllcnt and i2cdwsclhcnt, there may be an overflow issue due to the reliance on the values of the given parameters, including icclk...
Astra Linux - Vulnerability in linux-5.10
A vulnerability was discovered in the btrfsgetrootref function in fs/btrfs/disk-io.c within the Btrfs filesystem of the Linux kernel, caused by a double decrement of the reference count. This issue could allow a local attacker with user privileges to crash the system or lead to the disclosure of...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Fuse: A missing copyfinish function in the fuse-over-io-uring argument copies. This issue causes a possible reference count leak of payload pages during these copies. Joanne: Simplified error cleanup...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: xfrm: fixed the refcount leak in xfrmmigratepolicyfind Syzkaller reported a memory leak in xfrmpolicyalloc: BUG: Memory leak Unreferenced object: 0xffff888114d79000 size 1024 Source: comm “syz.1.17”, pid 931 …...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: hwrng: amd – Fix the PCI device reference count leak foreachpcidev is implemented through pcigetdevice. The comment for pcigetdevice states that it will increase the reference count of the returned pcidev, and also decrease th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: rpmsg: Fixed a possible refcount leak in rpmsgregisterdeviceoverride. rpmsgregisterdeviceoverride must call putdevice to free the vch when driversetoverride fails. This issue was fixed by adding a call to putdevice in the erro...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ipv6/addrconf: fixed a potential refcount underflow for idev. In addrconfmodrstimer, the reference to idev depends on whether rstimer is not pending. Therefore, the timeout of rstimer was modified. There is a time gap in 1 during...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: fs, fix UAF in flow counter release Fix a kernel issue 1 caused by releasing an HWS action of a local flow counter in mlx5cmdhwsdeletefte. In this case, the HWS action refcount and mutex were not initialized, and the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Tracing: The WARNON message in tracingbuffersmmapclose has been fixed. When a process forks, the child process copies the parent’s virtual memory addresses, but the usermapped reference count is not incremented. As a result, when...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/hwpoison: Clearing MFCOUNTINCREASED before retrying getanypage Hulk Robot reported a panic in putpagetestzero when testing madvice with MADVSOFTOFFLINE. The bug is triggered when retrying getanypage. This occurs because the...
Astra Linux – Vulnerability in Wayland
An internal reference count is maintained on the buffer pool; this count increments every time a new buffer is created from the pool. The reference count is stored as an integer. On LP64 systems, this can lead to an overflow if the client creates a large number of wlshm buffer objects, or if it...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: tipc: fixed a possible refcount leak in tipcskcreate Free sk in case tipcskinsert fails...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: remoteproc: Fixed the count check in rproccoredumpwrite. The check for the count being 0 was corrected to avoid a potential underflow. The check is identical to that in rprocrecoverywrite...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Fixed error handling in mt8195mt6359rt1019rt5682devprobe. The devicenode pointer is returned by ofparsephandle, with the refcount incremented. We should use ofnodeput on it after the function is completed...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: core – Ensure that the LLD module reference count is set after the SCSI device is released. The SCSI host release is triggered when the SCSI device is freed. We must ensure that the low-level device driver module is not...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: fixed the gart.bo pincount leak. gmcv9,100gartdisable is not called when there’s no corresponding gartenable function in the SRIOV case. This will result in a gart.bo pincount leak when the driver is unloaded...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: padata: Do not leak the reference count in reorderwork. A recent patch that addressed a UAF introduced a reference count leak: The reference count of paralleldata is incremented unconditionally, regardless of the return value of...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: Net layer: dsa: fixed a crash if -getssetcount fails. If ds-ops-getssetcount fails, then the “count” value is a negative error code, such as -EOPNOTSUPP. Since “i” is a unsigned int, the negative error code is type-promoted to a...