2473 matches found
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: kcm: An annotation was added for the data-race around kcm-rxwait. kcm-rxpsock can be accessed without a read lock in kcmrfree. The read and write operations should be annotated accordingly. syzbot reported: BUG: KCSAN: A...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fixed a possible null-pointer dereference due to a data race in sndhdacregmapsync The variable codec-regmap is often protected by the lock codec-regmaplock when it is accessed. However, it is accessed without holding t...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a data race around the sysctltcpthinlineartimeouts function. When reading sysctltcpthinlineartimeouts, it can be changed concurrently. Therefore, we need to add READONCE to its reader...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ip: Fixed data races related to sysctlipfwdupdatepriority. When reading sysctlipfwdupdatepriority, it can be changed concurrently. Therefore, we need to add READONCE to its readers...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: ipv4: Fixed a data race around the sysctlfibsyncmem function. When reading sysctlfibsyncmem, it can be changed concurrently. Therefore, we need to add READONCE to avoid the data race...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: mm: kmem: fixed a NULL pointer dereference in objstockflushrequired KCSAN identified an issue in objstockFlushRequired: stock-cachedobjcg can be reset between the check and dereference...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ICMP: Fixed data races related to sysctlicmpechoenableprobe. When reading sysctlicmpechoenableprobe, it can be changed concurrently. Therefore, we need to add READONCE to its readers...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed issues related to data races around sysctltcpfastopen. When reading sysctltcpfastopen, it can be changed concurrently. Therefore, we need to add READONCE to its readers...
Astra Linux – Vulnerability in Linux, Linux 5.10
A data race flaw was discovered in the Linux kernel, between the allocation of the con variable and the setting of con-sock. This issue results in a NULL pointer dereferencing when accessing con-sock-sk in the net/tipc/topsrv.c file within the tipc protocol in the Linux kernel...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed issues related to data races around sysctltcpbasemss. When reading sysctltcpbasemss, it can be changed concurrently. Therefore, we need to add READONCE to its readers...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: cipso: Fixed data races related to sysctl. When reading sysctl variables, they can be changed concurrently. Therefore, we need to add READONCE to avoid data races...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/irdma: Fixed a data race on CQP completion statistics. CQP completion statistics is locked when used in irdmawaitevent and irdmacheckcqpprogress. However, it can also be updated in the completion thread irdmascccqgetcqein...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a data race around the sysctltcpprobethreshold function. When reading sysctltcpprobethreshold, it can be changed concurrently. Therefore, we need to add READONCE to its reader...
Astra Linux – Vulnerability in Chromium
In Google Chrome, a data race in audio functionality prior to version 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fixed a potential data race in the PCM memory allocation helpers The PCM memory allocation helpers include a sanity check to prevent too many buffer allocations. However, this check is performed without proper locking,...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a data race around sysctltcpmtuprobefloor. When reading sysctltcpmtuprobefloor, it can be changed concurrently. Therefore, we need to add READONCE to its reader...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Wireguard: Receive: Annotated data-race around receivingcounter.counter. Syzkaller with KCSAN identified a data-race issue when accessing keypair-receivingcounter.counter. Use READONCE and WRITEONCE annotations to mark the dat...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: fs/netfs/fscachecookie: added a check for the missing “naccesses” parameter. This fix addresses a NULL pointer dereference bug caused by a data race. The details of the bug are as follows: BUG: NULL pointer dereference in the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix data race in CPU latency PM QoS request handling The cpulatencyqosadd/remove/updaterequest interfaces lack internal synchronization by design, requiring the caller to ensure thread safety. The current...
Astra Linux – Vulnerability in Firefox
If two Workers were simultaneously initializing their CacheStorage, a data race could occur in the ThirdPartyUtil component. This vulnerability affects Firefox versions less than 106...