51419 matches found
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Driver Core: Fixed a potential nullptrderef in deviceadd. I encountered the following nullptrderef during fault injection testing: BUG: NULL pointer dereferencing in the kernel. Address: 0000000000000058 CPU: 2 PID: 278 Comm:...
Astra Linux – Vulnerability in GhostScript
In Artifex Ghostscript version 10.01.2, the gdevijs.c file in GhostPDL can lead to remote code execution through crafted PostScript documents. This occurs because the IJS device can be switched, or the IjsServer parameter can be changed, after SAFER has been activated. NOTE: It is a documented ri...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: phy: ralink: mt7621-pci: add sentinel to quirks table By fixing socdevattr to register the SOC as a device, the kernel will encounter an OOPs error in socdevicematchattr. This quirks test was introduced in the staging driver in t...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix a possible memory leak in iiosysfsTrigInit The devsetname function allocates memory for the device name. This memory needs to be freed when deviceadd fails. After calling putdevice, the reference held by...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: - media: meson: vdec: fixed a possible refcount leak in vdecprobe - v4l2deviceunregister must be called to reset the refcount obtained by v4l2deviceregister when vdecprobe fails or vdecremove is called...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed an incorrect match in devargsmatchdevice. Syzkaller discovered a failed assertion: “Assertion failed: args-devid != u64-1 || args-missing”, in fs/btrfs/volumes.c:6921. This issue can occur when we set devid to u64-1...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Input: i8042 – fixed the issue of leaking the platform device when the module was removed. Avoid resetting the i8042platformdevice pointer that is shared across modules in i8042probe or i8042remove. This ensures that the device c...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ata: libata-transport: fixed error handling in atatlinkadd In atatlinkadd, the return value of transportadddevice is not checked. As a result, a nullptrdereference exception occurs when removing the module, because...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: mhi: Fixed a memory leak in mhinetdellink. The MHI driver registers the network device without setting the needsfreenetdev flag, and does not call freenetdev when unregistering the network device. This results in a memory...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mISDN: fixed an issue involving misuse of putdevice in mISDNregisterdevice. We should not release references to putdevice before calling deviceinitialize...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: The issue occurs when testing as follows: a Using syscallNRSocket, 0x10ul, 3ul, 0 to create a netlink socket. b Using syscallNRSendMsg, ... to create a bond link device and a vxcan link device, and binding the vxcan device to the...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Avoid device tree lookups in rtasosterm. rtasosterm is called during panic. Its behavior depends on several conditions in the /rtas node of the device tree; traversing these nodes involves locking and changes to loc...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: dm cache: Fixed the issue where uninitialized delayedwork objects were flushed during a cachectr error. An unexpected WARN message may occur when cache creation fails, caused by destroying the uninitialized delayedwork object ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: devlink: Report devlinkporttypewarn source device. devlinkporttypewarn is intended to be reported for ports that do not have a port type set. However, it is not easy to determine which device driver does not have a devlink por...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: jfs: Prevent copying of nlink with a value of 0 from the disk inode. syzbot reported a deadlock in diFree. 1 When calling “ioctl$LOOPSETSTATUS64”, the offset value passed in is 4, which does not match the mounted loop device...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: usb: aqc111: Check the packet for fixup for true limits. If a device sends a packet that lies between 0 and sizeofu64, the value passed to skbtrim as the packet length will wrap around, resulting in a very large value. The driver...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/i915: Fixed the system suspension without fbdev being initialized. If fbdev is not initialized for some reason—in practice on platforms without a display—suspending fbdev should be skipped during system suspension. This...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Input: powermate – fixed a use-after-free in powermateconfigComplete. Syzbot has identified a use-after-free bug 1 in the powermate driver. This occurs when the device is disconnected, causing memory data related to the...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Team: Fix null-ptr-deref when the team device type is changed. The null-ptr-deref bug occurs as follows with a reproducer 1. Bug: Kernel NULL pointer dereferencing. Address: 0000000000000228… … RIP:...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: The issue of the refcount leak in the PCI device during radeonatrmgetbios has been fixed. According to the comments on pcigetclass, it returns a pcidevice with its refcount being incremented. Additionally, the refcoun...