Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nftables: nftdynset: fixed a possible stateful expression memory leak in the error path. If cloning the second stateful expression in the element via GFPATOMIC fails, then the first stateful expression remains in place without...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the net: stream module, the purge skerrorqueue operation in skstreamkillqueues has been fixed. Changheon Lee reported TCP socket leaks, with a detailed reproduction guide. It appears that we encounter TCP socket leaks in the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Tracing: Fixed a null pointer dereference in the tracingerrlogopen function. This issue occurs when the function does not call seqopen if the file is opened only with write permissions. As a result, file-privatedata remains...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed DMA mapping leaks During the reallocation of RX buffers, new DMA mappings are created for those buffers. Reproduction steps: While doing the following: Do For i=0; i=8160; i=i+32 Do ethtool -G enp130s0f0 rx $i tx $...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ubifs: A memory leak was fixed in allocwbufs. kmemleak reported a series of memory leaks, as follows: - Unreferenced object 0xffff8881575f8400 size 1024: Command: “mount”, PID: 19625, Jiffies: 4297119604 Age: 20.383 seconds He...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ubi: A possible null-ptr-deref occurred in ubifreevolume. This issue will occur in the following scenario: uifinit ubiaddvolume cdevadd – If this function fails, it will call killvolumes. deviceregister killvolumes – If...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: removed gfxv110cpeccerrorirqfuncs The gfx.cpeccerrorirq has been removed from gfx11. In gfxv110hwfini, amdgpuirqput is still used to disable this interrupt, which caused the call trace in this function. 102.873958...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: Add missing pmruntimeputsync pmruntimegetsync will increase the rumtime PM counter even when it returns an error. Thus a pairing decrement is needed to prevent refcount leak. Fix this by replacing this API with...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: qlcnic: Prevent “dbc use-after-free” in qlcnicdcbenable. The “adapter-dcb” pointer would be silently freed within qlcnicdcbenable if qlcnicdcbattach returns an error—something that always occurs under OOM conditions. This could...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: slimbus: qcom-ngd: cleanup in the probe error path Added a proper error path in the probe function to clean up resources that were previously acquired/allocated, in order to fix warnings that appear during probe deferral: The...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Thermal: Intel: quarkdts: fixed error pointer dereference. If allocsocdts fails, we can simply return. Trying to free “socdts” will result in a Oops error...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ceph: fix inode reference leakage in cephgetsnapdir The cephgetinode will search for or insert a new inode into the hash for the given vino, and return a reference to it. If new is non-NULL, its reference is consumed. We should...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k – Fixed handling of MSDU buffer types in the RX error path. Currently, packets received on the REO exception ring from unassociated peers are of MSDU buffer type, while the driver expects link descriptor type packets...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp – Fixed the issue of dereferencing an uninitialized error pointer. Fixed the warnings related to smatch. drivers/crypto/ccp/sev-dev.c:1312 sevplatforminitlocked Error: We previously assumed that ‘error’ could be null...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tracing/userevents: Ensure that the write index cannot be negative. The write index indicates which event the data corresponds to and accesses a per-file array. This index is passed by user processes during write calls as the fir...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nvme-tcp: fixed a possible use-after-free issue in the transport errorrecovery process. While nvmetcpsubmitasynceventwork checks the ctrl and queue states before preparing the AER command and scheduling iowork, this check is...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mmc: mmcspi: fixed error handling in mmcspiprobe If mmcaddhost fails, there is no need to call mmcremovehost; otherwise, it may cause a null-ptr-deref issue, due to deleting a device that was not properly added in mmcremovehost. ...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: A sysfs leak was fixed in allociommu. The iommudevicesysfsadd function is called before this, so it must be cleaned up in subsequent errors...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Block: A check was added to ensure that the partition size must be aligned with the block size. Before calling the add partition or resize partition functions, there was no check to verify whether the partition size was aligned...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Do not allow userspace to trivially trigger kernel warnings. Userspace can either deliberately pass in a too-small numfences value, or the required number can legitimately increase between the two calls to the...