Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/mediatek/lvtsthermal: Fixed a memory leak in the error handling path. If devmkrealloc fails, then ‘efuse’ is leaking memory. Therefore, it should be freed to avoid the memory leak...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: exynos-ppmu: Fixed a refcount leak in the ofgetdevfreqevents function. The ofgetchildbyname function returns a node pointer with a refcount incremented. We should use ofnodeput on this pointer after execution. This...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: HWS, fixed the issue where complex rule rehash operations failed. Moving rules from one matcher to another should not fail. However, if it does fail due to various reasons, the error handling mechanism should allow t...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Tracing/histogram: Fixed a potential memory leak in kstrdup. The kfree function is not called in the error path, resulting in the memory allocated by kstrdup not being freed properly. p = param = kstrdupdata-paramsi, GFPKERNEL...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error states in the block data length handler When a block read returns an invalid length, such as zero or I2CSMBUSBLOCKMAX, the length handler sets the state to IMXI2CSTATEFAILED. However, i2cimxmasterisr...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: iris: Fixed NULL pointer dereferencing. A warning reported by smatch indicated a potential NULL pointer dereferencing issue, where one of the arguments to the API “irishfigen2handlesystemerror” might sometimes be null. To...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fixed a memory leak in the error path. If, for some reason, the speedbin length is incorrect, then there is a memory leak in the error path, as we never free the speedbin buffer. This commit fixes the error path so...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ceph: fix crash after fscryptencryptpagecacheblocks error The function movedirtyfolioinpagearray was created by the commit ce80b76dd327 "ceph: introduce cephprocessfoliobatch method". The code for this function was moved from...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: A retry logic was added in net6rtnotify. inet6rtnotify can only be called under RCU protection. This means that the route may be changed concurrently, and rt6fillnode might return -EMSGSIZE. The skb should be resized whe...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Only send -ENOTCONN status if the client driver is available. For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if the client driver is available. Otherwise, it will result in a null...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Let probe fail when workqueue cannot be enabled The workqueue is enabled when the appropriate driver is loaded and disabled when the driver is removed. When the driver is removed it assumes that the workqueue was...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: misc: tifm: fixed a possible memory leak in tifm7xx1switchmedia If the deviceregister function returns an error in tifm7xx1switchmedia, the name of the kobject allocated by devsetname called during deviceadd may be leaked. Do not...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: bcd2000 – Fixed a UAF bug in the error path of probing. When the driver fails in sndcardregister during probing, it will free the bcd2k-midiouturb before terminating it, which could lead to a UAF bug. The following log can...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: moved xesvminit earlier. In xevmcloseandput, we need to be able to call xesvmfini. However, during vm creation, we can call this function on the error path, before actually initializing the svm state. This leads to...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Purge error queues in socket destructors When TX timestamping is enabled via SOTIMESTAMPING, SKBs may be queued into skerrorqueue and will remain there until they are consumed. If userspace never gets to read the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: mdio: Check the regmap pointer returned by devicenodetoregmap The call to devicenodetoregmap in airohamdioprobe may return an ERRPTR if the regmap initialization fails. Currently, the driver stores the pointer without...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fixed error handling in slot reset. If the device does not recover after the slot reset is called, it proceeds to the out label for error handling. There, it may make decisions based on uninitialized hive pointers,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix device management cmd timeout flow In the UFS error handling flow, the host will send a device management command NOP OUT to the device to recover the link. If this command times out and clearing the device...

Astra Linux – Vulnerability in Parsec

The vulnerability of the psaud utility within the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nvme-rdma: fixed a possible use-after-free in the transport errorrecovery process. While nvmerdmasubmitasynceventwork checks the ctrl and queue states before preparing the AER command and scheduling iowork, this check is...