Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Fix idafree call while not allocated In the rprocalloc function, when an error occurs, the putdevice&rproc-dev call is made, leading to the invocation of the rproctyperelease function. An error can occur before...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: sound/virtio: Fixed warnings related to cancelsync on uninitialized workstructs. Betty reported encountering the following warning: 8.709131 T221 WARNING: CPU: 2 PID: 221 at kernel/workqueue.c:4182 ... 8.713282 T221 Call trace:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: virtio-net: A memory leak occurs in the virtnetxskpoolenable function when freeing the xskbuffs. The selftests added to our CI by Bui Quang Minh recently revealed that there is a memory leak in the error path of...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed the RX consumer index logic in the error path. In bnxtrxpkt, the RX buffers are expected to complete in order. If the RX consumer index indicates an out-of-order buffer completion, it means we are encountering a...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ipmi: ssif: Initialize ssifinfo-client early. During the probe process, ssifinfo-client is dereferenced in a faulty path. However, it is set after some error checking has already been performed. This causes a kernel crash if an...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/siw: Fixed a refcounting leak in siwcreateqp. The atomicinc function needs to be paired with an atomicdec function in the error handling path...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: xprtrdma: fixed pointer dereferencing in error cases of rpcrdmaepcreate. If there are failures, we must not leave non-NULL pointers with error values. Otherwise, rpcrdmaepDestroy will be confused and try to free those pointers...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Unmarking an inode as in use in error paths If an error occurs, the inode will be marked as “in use”. If the flag indicating that an inode is in use leaks during the cachefilesopenfile function, Cachefiles will report...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix memory leak why Resource release is needed on the error handling path to prevent memory leak. how Fix this by adding kfree on the error handling path...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm/shmem-helper: The erroneous “put” operation has been removed from the error path. The drmgemshmemmmap function does not have a reference in the error code path, resulting in the dma-buf shmem GEM object being freed...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: NTB: Fixed a possible name leak in ntbregisterdevice. If deviceregister fails in ntbregisterdevice, the device name allocated by devsetname should be freed. According to the comment in deviceregister, callers should use putdevice...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k: The affinity hint was cleared before calling ath12kpcifreeirq in the error path. If a shared IRQ is used by the driver due to platform limitations, then the IRQ affinity hint is set correctly after the allocation of...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: regulator: raa215300 – Fixed resource leak in case of errors The clkregisterclkdev function allocates memory by calling vclkdevalloc, and this memory is not freed in the error path. Similarly, resources allocated by...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: Add missing pmruntimeputsync pmruntimegetsync will increase the rumtime PM counter even when it returns an error. Thus a pairing decrement is needed to prevent refcount leak. Fix this by replacing this API with...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: slimbus: qcom-ngd: cleanup in the probe error path Added a proper error path in the probe function to clean up resources that were previously acquired/allocated, in order to fix warnings that appear during probe deferral: The...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: i2c: cadence: cdnsi2cmasterxfer: Fixed a runtime PM leak on the error path. The cdnsi2cmasterxfer function acquires a runtime PM reference when it is executed. This reference is released when the function exits. Currently, there ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: moved xesvminit earlier. In xevmcloseandput, we need to be able to call xesvmfini. However, during vm creation, we can call this function on the error path, before actually initializing the svm state. This leads to...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/msm: Another leak in the submit error path has been fixed. putunusedfd does not free the allocated file if we have already performed fdinstall. Therefore, we also need to free the syncfile. Patchwork:...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fixed a reference count leak in dmardevscopeinit. The function foreachpcidev is implemented by pcigetdevice. The comment accompanying pcigetdevice states that it will increase the reference count of the returned pcide...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Tracing/histogram: Fixed a potential memory leak in kstrdup. The kfree function is not called in the error path, resulting in the memory allocated by kstrdup not being freed properly. p = param = kstrdupdata-paramsi, GFPKERNEL...