Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: virtio-mmio: Do not break the lifecycle of vmdev. vmdev has a separate lifecycle because it has a struct device embedded within it. Therefore, having a release callback for it is correct. However, allocating the vmdev structure...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Range checks for the CHDBOFF and ERDBOFF registers. If the values read from the CHDBOFF and ERDBOFF registers are outside the range of the MHI register space, an invalid address may be calculated, which can later...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nullblk: Always check the queue mode setting from configfs. Make sure to check the device queue mode in the nullvalidateconf function, and return an error for NULLQRQ since we do not allow legacy I/O paths. Without this patch, we...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mtd: Fixed a device name leak when registering a device in addmtddevice. There is a kmemleak when registering a device fails: Unreferenced object 0xffff888101aab550 size 8: Command "insmod", PID 3922, jiffies 4295277753 age...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: vme: An error that was not caught in fakeinit has been fixed. In fakeinit, rootdeviceregister may fail, but this issue is ignored, which can cause the vmeroot not to be unregistered properly when the program exits. The error is...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Driver Core: Fixed a resource leak in deviceadd. When kobjectadd fails in deviceadd, it will call cleanupgluedir to free resources. However, in kobjectadd, dev-kobj.parent has been set to NULL. This will cause a resource leak. Th...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: serial: pch: Fixed the reference count leak in pchrequestdma. According to the comments on pcigetslot, it returns a pcidevice with its reference count increased. The caller must decrement the reference count by calling pcidevput...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mcb: mcb-parse: fixed an error in handling chameleonparsegdd. If mcbdeviceregister returns an error in chameleonparsegdd, the reference count of the bus and device names is exposed. This issue is addressed by calling putdevice to...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fixed a reference count leak in pprnotifier. According to the comments for pcigetdomainbusandslot, it returns a PCI device with a reference count that increments after use. The caller must decrement the reference count...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix NULL-pointer dereferences There are several situations in which the kernel can crash when requests are made to unbind the GPIO device and then system calls related to the GPIO character device’s anonymous file...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Fixed memory corruption when using the identity domain. The function zpcigetiommuctrs returns counter information that needs to be reported as part of device statistics. These counters are stored as part of the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/i915: Fixed the system suspension without fbdev being initialized. If fbdev is not initialized for some reason—in practice on platforms without a display—suspending fbdev should be skipped during system suspension. This...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: md: Do not dereference mddev after exportrdev Except for initial references, mddev-kobject is referenced by rdev-kobject. If the last rdev is freed, there is no guarantee that mddev is still valid. Therefore, mddev should no long...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: clk: Microchip – Fixed potential UAF in auxdev release callback. Similar to commit 1c11289b34ab “peci: CPU – Fixed use-after-free in adevrelease”, the auxiliary device is not removed in the correct order. If auxiliarydeviceadd...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Platform/x86/intel/pmt: Fixed an issue with NULL pointer access in crashlog. The use of intelpmtread for binary sysfs requires a pcidev. The current use of the endpoint value is only valid for telemetry endpoint usage. Without...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the net: libwx section, the Rx ring descriptor is properly reset after a device reset. When a device reset is triggered due to changes in features, such as toggling Rx VLAN settings, wx-doreset is called to reinitialize the Rx...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: wacom: Fixed a crash that occurred in wacomaesbatteryhandler. The commit fd2a9b29dc9c “HID: wacom: Remove AES powersupply after extended inactivity” introduced wacomaesbatteryhandler, which is scheduled as a delayed task...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: cxl/ras: Fixed the device confusion related to the CPER handler. Upon inspection, the cxlcperhandleproterr function makes several fragile assumptions that can lead to crashes: 1. It assumes that the endpoints identified in the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: imagination: A potential memory leak has been fixed in e5010probe. videodevicerelease has been added to release the memory allocated by videodevicealloc, in case of any issues...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: e1000: Moved cancelworksync to avoid deadlock. Previously, e1000down called cancelworksync for the e1000 reset task via e1000downandstop, which caused a RTNL condition. According to user reports and syzbot, a deadlock may occur i...