8149 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioedgeport: fix use after free in debug printk The line “devdbg&urb-dev-dev, …” occurs after the function usbfreeurburb. This is a use after free of the “urb” pointer. To avoid this issue, store the “dev” pointer at...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: dma-debug: Do not call dmaentryalloccheckleak under freeEntriesLock. dmaEntryallocCheckleak calls into printk, which results in serial console output qcom GenI. It also grabs portLock under freeEntriesLock. This involves a...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: scsi: scsi.debug: Do not call kcalloc if size argument is zero. If the size argument to kcalloc is zero, it returns ZEROSIZEPTR. Therefore, for the subsequent NULL pointer check to work on the returned pointer, kcalloc must no...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: A kernel oops occurs when the debug level is greater than 2. A null dereference or oops exception will eventually occur when the qla1280.c driver is compiled with DEBUGQLA1280 enabled and when qldebuglevel is great...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: – The faulty behavior of the mm:resolvefaultymmapregion function has been fixed. The mmapregion function is quite problematic; its control flow is complex and messy, and there are numerous ways in which issues can arise. This...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: hdmi: Avoid a system hang caused by debug registers when suspended. Attempting to read /sys/kernel/debug/dri/1/hdmi1 regs when the HDMI connection is disconnected results in a fatal system hang. This issue arises due to...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fixed a memory leak when CONFIGDEBUGOBJECTS=y is enabled. After a pcidoetask completes, its workstruct needs to be destroyed to avoid a memory leak when CONFIGDEBUGOBJECTS=y is set...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi – Fix the order of debug actions. The order in which debug actions were performed was incorrectly implemented. Now, we have implemented a split dump process and perform the FW reset only at the middle of the dump...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: cifs: Avoid NULL pointer dereferencing in debug calls. The cifsserverdbg function assumes that the server variable is non-NULL; therefore, move the call under conditions that prevent NULL pointer dereferencing. Identified by t...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: orangefs: The issue with memory leaks in orangefskernel,clientdebuginit was fixed. When the orangefs module is inserted or removed, memory leaks occur as follows: unreferenced object 0xffff88816b0cc000 size 2048: comm "insmod", p...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: mptcp: handles DDS corruption consistently. The buggy peer implementation can send corrupted DSS options, consistently causing several warnings in the data path. Use DEBUGNET assertions to avoid errors on some builds and to handl...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Fixed a deletion race condition A system crash occurred when using the debug kernel due to corruption of the link list. The cause of the link list corruption was that session deletion was allowed to be queued...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: s390/vmem: Split pages when debug pagealloc is enabled. Since commit bb1520d581a3 “s390/mm: Start kernel with DAT enabled”, the kernel crashes early during boot when debug pagealloc is enabled. Symptoms: - Memory initialization:...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Load DR6 with the guest value only before entering the .vcpurun loop. The conditional loading of hardware DR6 with the guest’s DR6 value is moved out of the core .vcpurun loop to fix a bug where KVM may load hardware wi...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: locking/spinlock/debug: Fixed a data race in dorawwritelock. KCSAN reports: BUG: KCSAN: Data race in dorawwritelock/dorawwritelock. The following events occurred: Write marked as 0xffff800009cf504c, 4 bytes by task 1102 on CPU...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: In the bpf code, the spacketpullreason function may trigger a “splat” instruction. This issue occurs frequently in syzkaller builds where CONFIGDEBUGNET=y is enabled. We want to retain this debug check because it might indicate...
Astra Linux - уязвимость в etcd
An authentication vulnerability has been discovered in Etcd-io v.3.4.10. This vulnerability allows remote attackers to escalate privileges through the debug function...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: scs: A wrong parameter was fixed in scsmagic. The scsmagic function requires a void variable, but a struct taskstruct is provided instead. taskscstsk represents the starting address of the task’s shadow call stack, and...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check debugtrapenable before writing dbgevfile. In an interrupt context, the write dbgevfile operation will be executed via a work queue. This causes the write dbgevfile operation to be executed after debugtrapdisable...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: mm: slub: Avoid waking up kswapd in settrackprepare settrackprepare may cause lock recursion. The issue arises when it is called from hrtimerstartrangens, which holds percpuhrtimerbasesn.lock. However, when CONFIGDEBUGOBJECTSTIME...