Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: bus: fsl-mc: Do not assume that child devices are all fsl-mc devices Changes in VFIO caused a pseudo-device to be created as a child of fsl-mc devices, resulting in a crash when attempting to bind a fsl-mc device to VFIO. This...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: nvidia-shield: Reference to hiddevice for devm allocation of the inputdev name. Using hiddevice for devm allocation of the inputdev name helps prevent use-after-free issues. inputunregisterdevice will trigger the cleanup of...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: perf/dwcpcie: fixed duplicate PCIDEV devices. During the platformdeviceregister function, the incorrect use of structdevice as platformdata resulted in a kmemdup operation on the PCIDEV device. Even worse, accessing the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k: fixed a memory leak in ath12kpciremove The issue was reported as follows: unreferenced object 0xffff1c165cec3060 size 32: comm "insmod", pid 560, jiffies 4296964570 age 235.596s backtrace:...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: The process of initializing wiphywork before allocating rfkill fails. The issue was reported as a syzbort: an error in cfg80211devfree. When the allocation of rfkill fails, the wiphywork initialization process wil...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Staging: GPIB – Fixed an Oops after disconnection in niusb. If the USB dongle is disconnected, subsequent calls to the driver will cause a NULL dereference Oops, as the businterface is set to NULL upon disconnection. This issue w...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nfs/blocklayout: Do not attempt unregistration for invalid block devices Since the commit d869da91cccb “nfs/blocklayout: Fix premature PR key unregistration”, unmounting a pNFS SCSI-layout-enabled NFS may cause a NULL blockdevice...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ptp: vmclock: The driver data must be set before it is used. If vmclockptpregister fails during probing, vmclockremove is called to clean up the ptp clock and misc devices. This function uses devgetdrvdata to access the vmclock...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Block: Fixed the issue where queues could freeze during storage operations in sysfs. The queueattrstore function always freezes the device queue before performing the attribute storage operation. For attributes that control...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Platform/x86: delluartbacklight: Fixed the race condition involving serdev. The delluartblserdevprobe function calls devmserdevdeviceopen before setting the client ops using serdevdevicesetclientops. This ordering can lead to a...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Input: raydiumtsi2c – fixed a memory leak in raydiumi2csend A kmemleak occurs when testing raydiumi2cts using the bpf mock device: Unreferenced object 0xffff88812d3675a0 size 8: Comm “python3”, PID 349, Jiffies 4294741067 Age...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: bigbenff: prevent null pointer dereference When emulating the device through UHID, there is a possibility that we do not have output reports, and as a result, reportfield is set to null...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: i2c: acpi: fixed a resource leak in device addition during reconfiguration. The acpii2cfindadapterbyhandle function calls busfinddevice, which takes a reference to the adapter. This reference is never released, resulting in a...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fixed the issue of null pointer dereference on the pointer edp. The pointer dev is initialized, and the edp is dereferenced before edp is checked for being null. This could lead to a null pointer dereference issue. This...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: dmbtreeremove: Assign newroot only when the removal succeeds. The removeraw function in dmbtreeremove may fail due to IO read errors e.g., failure to read the content of the origin block during shadowing. Additionally, the value ...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: hns: Fixed a possible memory leak in hnaeaeregister. When a fault is injected during module probing, if deviceregister fails, but the refcount of the kobject is not decreased to 0, the name allocated in devsetname may be...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: misc: tifm: fixed a possible memory leak in tifm7xx1switchmedia If the deviceregister function returns an error in tifm7xx1switchmedia, the name of the kobject allocated by devsetname called during deviceadd may be leaked. Do not...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nbd: The issue of task hanging when the signal interrupt nbdstartdeviceioctl occurs has been fixed. The following program is a simplified version of the reproducer function: c int mainvoid int sv2, fd; if socketpairAFUNIX,...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: md: Replace snprintf with scnprintf The current code produces a warning when the total number of characters in the constituent block device names, plus the slashes, exceeds 200. snprintf returns the number of characters generated...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: PNP: The memory leak caused by the name of devices being allocated dynamically has been fixed in pnpallocdev. After the commit 1fa5ae857bb1 “Driver core: get rid of struct device’s busid string array”, the name of devices is now...