51293 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: “drm/msm: Add missing check and destroy for allocorderedworkqueue” This change reverts to the previous behavior in commit 643b7d0869cc7f1f7a5ac7ca6bd25d88f54e31d0. A recent patch attempted to fix the issues related to msmdrminit,...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: The sun4iCan driver’s ndochangemtu function needs to be updated to prevent buffer overflows. Sending a PFPACKET message allows bypassing the CAN driver’s logic and directly reaching the xmit function of the CAN driver. The only...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: FSI: Occ: Prevent use after freeing. Use getdevice and putdevice in the open and close functions to ensure that the device does not become free while a file descriptor is open. Additionally, lock around the freeing of the device...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: In md/raid10, there is a issue where memory leaks occur in the MD thread. In raid10run, if setupconf succeeds and raid10run fails before setting ‘mddev-thread’, then the variable ‘conf-thread’ is not freed after the failure. This...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: nbd: The defer config unlock in nbdgenlconnect has been fixed. There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect: nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb-v2: gl861: Fix nullptrderef in gl861i2cmasterxfer In gl861i2cmasterxfer, msg is controlled by the user. When msgi.buf is null and msgi.len is zero, previous checks on msgi.buf will still be performed. Malicious dat...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/vc4: Fixed deadlock issues during DSI device attachment The attachment of a DSI device to a DSI host is performed while the host device’s lock is held. Unregistering the host device in the “device attachment” error path...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Free IRQs before removing the device. In the pciendpointtestremove function, freeing the IRQs after removing the device creates a small race window during the test process. This allows IRQs to be received b...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fixed a crash that occurred during the transportportremove function, by using iocinfo. During this function, messages were logged via devprintk regarding &mpt3sasport-port-dev. At this point, the SAS transport devi...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ipv6/sit: Use DEVSTATSINC to avoid data races. syzbot/KCSAN reported that multiple CPUs are updating dev-stats.txerror concurrently. This occurs because sit tunnels use NETIFFLLTX, which means their ndostartxmit function is not...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: dm: A NULL pointer dereference occurred in dmsuspend. There is a race condition between the suspension of the dm device and the loading of data into the table, which can lead to a NULL pointer dereference. This issue occurs when...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Backlight: led-bl: Added devlink to the supplier LEDs The LED Backlight is a consumer of one or multiple LED class devices. However, devlink currently cannot create the correct supplier-producer links when the supplier is a LED...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drivers: dio: A possible memory leak has been fixed in dioinit. If deviceregister returns an error, the dev object and its associated name need to be freed. Add a release function, and then call putdevice in the error handling...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fixed a UAF race condition between device unplugging and FW event processing. The panthorfwunplug function will free the FW memory sections. The issue is that there may still be pending FW events that have not been...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: always set shared-phydev for LAN8814 Currently, during the LAN8814 PTP probe, shared-phydev is only set if the PTP clock is actually set. Otherwise, the function returns before setting it. This is a problem...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: dm rq: Do not queue the request to blk-mq during DM suspension. DM uses blk-mq's quiesce/unquiesce to stop/start the device mapper queue. However, blk-mq's unquiesce may be triggered by external events, such as changes in the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: Fixed IPsec cleanup over MPV devices When we call mlx5edetachnetdev, we ultimately disable the blocking event notifier. Among these events are IPsec MPV events from the IB to the core. Therefore, before disabling tho...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: mtk-cci: Fixed the potential error pointer dereferencing in the probe function. The drv-sramreg pointer could potentially be set to ERRPTR-EPROBEDEFER, which would lead to an error pointer dereferencing. Use...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: exynos: Fixed the programming of HCIUTRLNEXUSTYPE. On the Google gs101, the number of UTP transfer request slots is 32. In this case, the driver incorrectly programs UTRLNEXUSTYPE as 0. This occurs because the left sid...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Rejected duplicate devices during updates. It is possible for a chain/flowtable update to include duplicate devices within the same batch. Unfortunately, the netdev event path only removes the first device...