Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drbd: fixed a null pointer dereferencing issue during local read operations In drbdrequestendio, READCOMPLETEDWITHERROR is passed to reqmod with a NULL peerdevice: reqmodreq, what, NULL, &m; The READCOMPLETEDWITHERROR handler...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: gpio: Resource leaks were fixed in cases where an error occurred in gpiochipadddatawithkey. Since the commit aab5c6f20023 "gpio: setting the device type for GPIO chips", gdev-dev.release is not set. As a result, the reference...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: A bug was fixed regarding accessing an array out of bounds. When an error occurs during the parsing of JPEG data, the slot may not be properly acquired. This could be due to the default value MXCMAXSLOTS. If the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: suppress non-changes to the tagging protocol The way that dsatreechangetagproto works is as follows: When dsatreenotify fails, it does not know whether the operation failed midway through a multi-switch tree, or ...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Fixed the incorrect assignment of a signed error value to unsigned fwlevel. Although the acpifindlastcachelevel function always returns a signed value, and the documentation states that it will return any errors...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: watchqueue: Fixed NULL dereference in error cleanup. In watchqueuesetsize, the error cleanup code does not take into account that freepage cannot handle a NULL pointer when trying to free buffer pages that have been allocated. Th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: avoid dereferencing ERRPTR in tcfidrinfodestroy. The syzbot report indicated a crash in tcactinHW during the netns teardown process. In this scenario, tcfidrinfodestroy passed a value of ERRPTR-EBUSY as a point...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fixed a memory leak in the error path. If, for some reason, the speedbin length is incorrect, then there is a memory leak in the error path, as we never free the speedbin buffer. This commit fixes this issue by...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp – Fixed the issue of dereferencing an uninitialized error pointer. Fixed the warnings related to smatch. drivers/crypto/ccp/sev-dev.c:1312 sevplatforminitlocked Error: We previously assumed that ‘error’ could be null...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed a possible crash in bnxthwrmsetcoal During the error recovery sequence, the rtnllock is not held for the entire duration, and some data structures may be freed during this process. Instead of checking netifrunning,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iomap: Also allocates sdiodonewq for async reads. Since commit 222f2c7c6d14 “iomap: always run error completions in user context”, read error completions are deferred to sdiodonewq. This means that the workqueue also needs to be...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: isdn: mISDN: hfcsusb: fixed a memory leak in hfcsusbprobe In hfcsusbprobe, the memory allocated for ctrlurb gets leaked when setupinstance fails with an error code. This issue was addressed by freeing the urb before freeing th...

Astra Linux - уязвимость в tiff

A null source pointer passed as an argument to the memcopy function within TIFFFetchStripThing in tifdirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to a Denial of Service attack through a crafted TIFF file. For users who compile libtiff from source code, this fix is available in the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu/amdgpucs: fixed the reference count leak of a dmafence object. This issue occurs in an error path within amdgpucsfencetohandleioctl. When info-in.what falls under the default case, the function simply returns...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: target: pscsi: Fixed bioput for error cases As of commit 066ff571011d “block: turning biokmalloc into a simple kmalloc wrapper”, a memory block allocated by biokmalloc must be freed using biouninit and kfree. This process i...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: A memory leak has been fixed in ocfs2mountvolume. There is a memory leak reported by kmemleak: - Unreferenced object: 0xffff88810cc65e60 size: 32 - Command: “mount.ocfs2”, PID: 23753, Jiffies: 4302528942 Age: 34735.105s...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: wifi: ipw2200: fixed a memory leak in ipwwdevinit. In the error handling path of ipwwdevinit, an exception value is returned, and the memory allocated for this function is not released. Additionally, the memory is not released in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hciconn: now returns ERRPTR instead of NULL when there is no link. hciconnectsco currently returns NULL when there is no link i.e., when hciconnlink returns NULL. scoconnect expects ERRPTR in case of any error see...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: added retry logic in net6rtnotify inet6rtnotify can only be called under RCU protection. This means that the route may be changed concurrently, and rt6fillnode may return -EMSGSIZE. Resize the skb when this occurs and...

Astra Linux - уязвимость в linux, linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: rtnetlink: corrected the error logic for writing back the IFLABRIDGEFLAGS flags. In the commit d73ef2d69c0d “rtnetlink: added support for rtnlbridgesetlink checks of IFLABRIDGEMODE length”, an adjustment was made to the old loop...