Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: gpio: mockup: Fixed potential resource leakage when registering a chip. If the creation of a software node fails, the locally allocated string array remains unleased. It should be freed during the error handling process...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/panel: ili9341: fix optional regulator handling If the optional regulator lookup fails, reset the pointer to NULL. Other functions such as mipidbipoweronconditional only perform a NULL pointer check; otherwise, they will...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: pm8001: Fix tag leaks on error In functions like pm8001chipsetdevstatereq, pm8001chipfwflashupdatereq, pm80xxchipPhyCTLreq, and pm8001chipregdevreq, missing calls to pm8001tagfree were added to free the allocated tags wh...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: nfc: st21nfca: fixed memory leaks in EVTTRANSACTION handling Error paths do not free the previously allocated memory. Add devmkfree to those failure paths...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/cm: Fixed a memory leak in ibcminsertlisten. The function cmallocidpriv allocates resources for the cmidpriv. When cminitlisten fails, it does not free those allocated resources, resulting in a memory leak. Added missing...

Astra Linux - уязвимость в linux-5.10, linux

In nftablesupdtable, if nftablestableenable returns an error, nfttransdestroy is called to free the transaction object. nfttransDestroy calls listdel, but the transaction was never placed on a list—the list head contains only zeros, which results in a NULL pointer being dereferenced...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: rgb: Fixed the missing clkput in the error handling code for tegradcrgbprobe. If the call to clkgetsys..., "plld2out0" fails, the call to clkgetsys must be undone. Added the missing clkput function and a new label...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Register devlink first under the devlink lock. If the device encounters a non-fatal firmware error during the probe, the driver will report the error to the user via devlink. This will trigger a WARN, since mlx5 calls...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: phy: Fixed a null-ptr-deref issue when the probe function failed. I received a report of a null-ptr-deref issue during the fault injection test. Bug: NULL pointer dereferencing in the kernel. Address: 0000000000000058 Oops:...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Fixed a possible name leak in tcmloopsetuphbabus. If deviceregister fails in tcmloopsetuphbabus, the name allocated by devsetname needs to be freed. As commented in deviceregister, it should use putdevice t...

Astra Linux - уязвимость в protobuf

Dereferencing a null pointer when a null char is present in a prototype symbol. The symbol is parsed incorrectly, resulting in an unchecked call into the name of the prototype file during the generation of the resulting error message. Since the symbol is incorrectly parsed, the file value is...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ila: Do not generate empty messages in ilaxlatnlcmdgetmapping. ilaxlatnlcmdgetmapping generates an empty skb, triggering a recent sanity check. Instead, an error code should be returned so that it can be handled by the user...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Potential use-after-free issues have been avoided in hcierrorreset. When handling the HCIEVHARDWAREERROR event, if the underlying BT controller is not responding, the GPIO reset mechanism will free the hcidev, leading ...

Astra Linux - уязвимость в firefox

When a network error occurred during page loading, the previous content could remain visible, accompanied by a blank URL bar. This could be used to disguise a spoofed website. This vulnerability affects Firefox versions earlier than 126...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: brwifi: brcmfmac – Fixed a potential kernel error when the probe function fails. When the probe of the sdio brwifi brcmfmac device fails for certain reasons e.g., missing firmware, the sdiodev-bus is set to “error” instead ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: If the queue update fails, do not reserve bo. The error handling path should unreserve bo and then return a failure message. Selected from the commit c24afed7de9ecce341825d8ab55a43a254348b33...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Firmware: armscmi: Fixed a NULL dereference on the notify error path. Since the commit b5daf93b809d1 “Firmware: armscmi: Avoid notifier registration for unsupported events”, the call chains leading to the helper...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm/vma: Fixed a memory leak in mmapregion. The commit 605f6586ecf7 “mm/vma: No memory leak occurs when .mmapprepare swaps the file” handled the success case by skipping the getfile call via filedoesntneedget, but missed the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ublk: Fixed NULL pointer dereferencing in ublkctrlsetsize. The ublkctrlsetsize function dereferes ub-ubdisk unconditionally through setcapacityandnotify, without checking whether ub-ubdisk is NULL. ub-ubdisk becomes NULL befor...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: reset: gpio: fix double free in resetaddgpioauxdevice error path When auxiliarydeviceadd fails, resetadd gpioauxdevice calls auxiliarydeviceuninitadev. The device release callback resetgpioauxdevicerelease frees adev, but the...