Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-Switch – Fixed an error in error handling code. The error handling code dereferenced “vport”. There is nothing we can do if it is an error pointer; the only option is to return the error code...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Do not free the IRQ if it was not requested. Since the msmdrmuninit function is called from the msmdrminit error path, additional care is necessary to avoid calling freeirq for the IRQ that was not requested. This issue...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdkfd: Ensure that the list is non-empty before using listfirstentry in kfdtopology.c. Before using listfirstentry, make sure that the list is not empty; if the list is empty, return -ENODATA. The following issues have al...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/handshake: The destructor was restored after a submission failure. The handshakereqsubmit function replaces sk-skdestruct, but never restores it when the submission fails before the request is hashed. As a result,...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Prevent out-of-bounds memory access The testtag test triggers an unhandled page fault: ./testtag 130.640218 CPU 0 Unable to handle kernel paging request at virtual address ffff80001b898004, era == 9000000003137f7c...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: da7219: Fixed an error handling path in da7219registerdaiclks. If clkhwregister fails, the corresponding clk should not be unregistered. To handle errors from loops, partial iterations should be cleaned up before performing...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: can:mcan:mcanreadfifo: fix memory leak in error branch In mcanreadfifo, if the second call to mcanfiforead fails, the function jumps to the outfail label and returns without calling mcanreceiveskb. This means that the skb...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: soundwire: bus: Fix unbalanced pmruntimeput causing usage count underflow This issue is addressed by the commit 443a98e649b4 “soundwire: bus: use pmruntimeresumeandget”. The calls to pmruntimeresumeandget are changed back to...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fixed a memory leak in vkmsinit. A memory leak was reported after the vkms module installation failed. Unreferenced object 0xffff88810bc28520 size 16: Command: modprobe, PID 9662, Jiffies: 4298009455 Age: 42.590 seconds...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: xen/privcmd: fixed the error exit of privcmdioctldmop The error exit of privcmdioctldmop calls unlockpages, potentially with pages being NULL, leading to a NULL dereference. Additionally, lockpages does not check whether...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed a possible crash in bnxthwrmsetcoal During the error recovery sequence, the rtnllock is not held for the entire duration, and some data structures may be freed during this process. Instead of checking netifrunning,...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: In the net:sock section, the issue of a “hardened usercopy panic” in sockrecverrqueue has been fixed. The skbufffclonecache structure was created without defining a usercopy region. Unlike the skbuffheadcache, which properly...

Astra Linux – Vulnerability in binutils

A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in GNU Binutils 2.31. An invalid memory access exists in bfdzalloc in opncls.c. Attackers could exploit this vulnerability to cause a denial of service application crash through a crafted ELF fil...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nftables: nftdynset: fixed a possible stateful expression memory leak in the error path. If cloning the second stateful expression in the element via GFPATOMIC fails, then the first stateful expression remains in place without...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the net: stream module, the purge skerrorqueue operation in skstreamkillqueues has been fixed. Changheon Lee reported TCP socket leaks, with a detailed reproduction guide. It appears that we encounter TCP socket leaks in the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Tracing: Fixed a null pointer dereference in the tracingerrlogopen function. This issue occurs when the function does not call seqopen if the file is opened only with write permissions. As a result, file-privatedata remains...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed DMA mapping leaks During the reallocation of RX buffers, new DMA mappings are created for those buffers. Reproduction steps: While doing the following: Do For i=0; i=8160; i=i+32 Do ethtool -G enp130s0f0 rx $i tx $...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Platform/x86: asus-wmi: Fixed incorrect registrations. The function asuswmiregisterdriver may be called from multiple drivers simultaneously, which can lead to incorrect list operations. Eventually, this can corrupt memory and...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ubifs: A memory leak was fixed in allocwbufs. kmemleak reported a series of memory leaks, as follows: - Unreferenced object 0xffff8881575f8400 size 1024: Command: “mount”, PID: 19625, Jiffies: 4297119604 Age: 20.383 seconds He...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ubi: A possible null-ptr-deref occurred in ubifreevolume. This issue will occur in the following scenario: uifinit ubiaddvolume cdevadd – If this function fails, it will call killvolumes. deviceregister killvolumes – If...