1965 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: The check for tiling flags during virtual display handling was bypassed. vkms utilizes the common amdgpu framebuffer creation mechanism. Additionally, since vkms does not support FB modifiers, there is no need to chec...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: tipc: fixed a kernel panic that occurred when enabling a bearer. When enabling a bearer on a node, a kernel panic was observed: 4.498085 RIP: 0010:tipcmonprep+0x4e/0x130 tipc ... 4.520030 Call Trace: 4.520689 4.521236...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Avoid overflow with array index The variable index is modified and reused as an array index when the EIOINTCENABLE register is modified. This can lead to an array index overflow issue...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rxrpc: The issue related to irqdisabled in localbhenable has been fixed. The rxrpcassessMTUsize function calls down into the IP layer to determine the MTU size for a route. When accepting an incoming call, this function is called...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: virtionet: Fixed an issue with error unwinding of XDP initialization. When initializing XDP in virtnetopen, some rq xdp initializations may encounter errors, resulting in failed network device openings. However, previous rqs have...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: btrfs: Fix the race condition between the quota enable operation and the quota rescan ioctl call. When enabling quotas, in the btrfsquotaenable function, after committing the transaction, we update fsinfo-quotaroot to point to th...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: It is necessary to check that sock is valid before assigning it to iscsisetparam. The validity of sock should be checked before assigning it to prevent incorrect values. The change introduced in commit 57569c37f0a...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Thermal: Intel: HFI – Added syscore callbacks for system-wide PM The kernel allocates a memory buffer and provides its location to the hardware, which uses it to update the HFI table. This allocation occurs during boot and remain...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Tracing: Ensure that traceeventfile has a ref counter. The following actions can cause the kernel to crash: cd /sys/kernel/tracing echo 'p:sched schedule' kprobeevents exec 5events/kprobes/sched/enable kprobeevents exec 5&- Th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In virtio, the virtiodevicerestore function uses virtiodeviceready. After waking up a suspended VM, the kernel prints the following trace for virtio drivers that do not directly call virtiodeviceready in .restore: PM: suspend exi...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: watchdog: rzg2lwdt: Fixed ‘BUG: Invalid wait context’ This patch fixes the issue ‘BUG: Invalid wait context’ during restart. It’s fixed by using clkprepareenable instead of pmruntimegetsync to turn on the clocks during restart...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed the bug in estreesearch Hulk Robot reported a BUG: kernel BUG at fs/ext4/extentsstatus.c:199! ... RIP: 0010:ext4esend fs/ext4/extentsstatus.c:199 inline RIP: 0010:estreesearch+0x1e0/0x260 fs/ext4/extentsstatus.c:21...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Networks: DSA: QCA8K: resetting the CPU port when the MTU changes. It was discovered that the documentation lacks a fundamental detail regarding how to correctly change the MAXFRAMESIZE of the switch. In fact, if the MAXFRAMESIZE...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: PM /devfreq: rk3399dmc: Disabled edev upon removal Otherwise, we encountered an unhandled enable-count when unbinding the DFI device: 1279.659119 ------------ Cut here ------------ 1279.659179 WARNING: CPU: 2 PID: 5638 at...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm – Requesting a reserved interrupt for the virtual function The device interrupt vector 3 is an error interrupt for physical functions, and it is also a reserved interrupt for virtual functions. However, the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Counter: rz-mtu3-cnt: prevents the counter from being toggled multiple times The runtime PM counter is incremented/decremented each time the sysfs enable file is written to. If a user writes 0 to the sysfs enable file multiple...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: coresight: prevents the deactivation of an active configuration while enabling the configuration. When enabling an active configuration via cscfgcsdevenableactiveconfig, the active configuration can be deactivated through configf...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: nvmet: fixed an out-of-bounds access in nvmetenableport. When attempting to enable a port for which no transport is currently configured, nvmetenableport uses NVMFTRTYPEMAX 255 to query the transports array, resulting in an...
WordPress Enable CORS plugin <= 2.0.3 - Backdoor vulnerability
Backdoor vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Enable CORS versions = 2.0.3...
Squid < 7.6 Heap-based Buffer Overflow
The version of Squid on the remote host is prior to 7.6. It is, therefore, affected by a heap-based buffer overflow vulnerability: - Due to an Improper Input Validation bug, Squid is vulnerable to a Heap-based Buffer Overflow attack against cache digests. This problem allows a trusted server to...