51305 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: Fixed the order of DT parsing and pinctrl registration. The order of operations has been changed—DT parsing is performed before pinctrl registration. This ensures that device tree parsing is done before...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Check the device memory pointer before using it. Add a NULL check before accessing device memory to prevent a crash if the dev-dm allocation in mlx5initonce fails...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: PCI: pnvphp: Clean up allocated IRQs on unplug When the root of a nested PCIe bridge configuration is unplugged, the pnvphp driver leaks the allocated IRQ resources for the child bridges’ hotplug event notifications, resulting in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: appletalk: Fixed a device reference count leak in atrtrcreate. When updating an existing route entry in atrtrcreate, the old device reference was not released before assigning the new device. This led to a device reference...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drbd: Added krefget to the handlewriteconflicts function. With “two-primaries” enabled, DRBD attempts to detect “concurrent” writes and handle write conflicts. This ensures that even if you write to the same sector simultaneously...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: i2c: tegra: check msg length in SMBUS block read For SMBUS block read, do not continue reading if the message length passed from the device is ‘0’ or greater than the maximum allowed bytes...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: HID: core: Do not bypass hidhwrawrequest The hidhwrawrequest function is actually useful for ensuring that the provided buffer and length are valid. Directly calling this function in the low-level transport driver bypassed those...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed to avoid out-of-boundary access in devs.path - touch /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - truncate -s $102410241024 \ /mnt/f2fs/012345678901234567890123456789012345678901234567890123 -...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: aoe: The cleandevicerqlist function in aoedevdowndev was corrected. The rqlist of an AOE device contains accepted block requests that are waiting to be transmitted to the AOE target. This queue was added as part of the transition...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: media: cxusb: No longer judges rbuf when the write fails syzbot reported a uninit-value in cxusbi2cxfer. Only when the write operation of usbbulkmsg in dvbusbgenericrw succeeds and rlen is greater than 0, the read operation of...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: fbdev: The issue was fixed by correcting fbsetvar to prevent a null-ptr dereference in fbvideomodetovar. If fbaddvideomode in fbsetvar fails to allocate memory for fbvideomode, it may lead to a null-ptr dereference in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fixed the initialization of the device object in vmbusdeviceregister. Initialized the device’s dmamask,parms pointers and the device’s dmamask value before invoking deviceregister. This issue was addressed in...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: dm integrity: Memory corruption occurs when tagsize is less than digestsize. It is possible to configure dm-integrity in such a way that the tagsize parameter is smaller than the actual digestsize. In this case, a portion of the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: mdiobus: fix unbalanced node reference count I encountered the following issue during the devicemscc-miim load test, with CONFIGOFUNITTEST and CONFIGOFDYNAMIC enabled: - ERROR: Memory leak; the expected reference count was 2...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: staging: media: zoran: move videodevalloc. Some code has been moved out of zr36057init, and new functions have been created to handle zr-videodev. This allows for easier code reading and fixes a memory leak related to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net/smc: Fixed NULL pointer dereferencing in smcvlanbytcpsk. Coverity reports a possible NULL dereferencing issue: - In smcvlanbytcpsk: - 6. returnednull: netdevlowergetnext returns NULL checked 29 out of 30 times. - 7...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: mISDN: A possible memory leak in mISDNregisterdevice has been fixed. After committing 1fa5ae857bb1 "driver core: get rid of struct device’s busid string array", the name of the device is allocated dynamically. The putdevice...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: The issue occurs when testing as follows: a Using syscallNRSocket, 0x10ul, 3ul, 0 to create a netlink socket. b Using syscallNRSendMsg, ... to create a bond link device and a vxcan link device, and binding the vxcan device to the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: core: Fixed a use-after-free in sndsocexit. KASAN reported a use-after-free: BUG: KASAN: Use-after-free in devicedel+0xb5b/0xc60. A read of size 8 at address ffff888008655050 was performed by the task rmmod/387. CPU: 2;...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: siox: fixed a possible memory leak in sioxdeviceadd. If deviceregister returns an error in sioxdeviceadd, the name allocated by devsetname needs to be freed. As noted in the comments for deviceregister, it should use putdevice to...