Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Cleaning up a dangling pointer on the bind error path The mtkdrmBind function may fail, in which case drmdevPut is called, destroying the drmdevice object. However, a pointer to that object was still being held by t...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm/shmem-helper: The erroneous “put” operation has been removed from the error path. The drmgemshmemmmap function does not have a reference in the error code path, resulting in the dma-buf shmem GEM object being freed...

Astra Linux - уязвимость в gst-plugins-good1.0

Before version 1.18.4, GStreamer might access already-freeed memory in error code paths when demuxing certain malformed Matroska files...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ima: A memory leak was fixed in imainodehash. The commit f3cc6b25dcc5 “ima: always measure and audit files in policy” allows measurement or auditing to occur even when the file digest cannot be calculated. As a result, iint-imaha...

Astra Linux - уязвимость в tomcat9

The issue involves a vulnerability in the generation of error messages containing sensitive information in Apache Tomcat. This issue affects Apache Tomcat versions starting from 8.5.7 through 8.5.63, and from 9.0.0-M11 through 9.0.43. Other, end-of-life versions may also be affected. It is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: venus: vdec: A possible memory leak issue has been fixed. The implementation of venushelperallocdpbbufs allows for an early return on an error path when checking the ID from idaallocmin. This would prevent the earlier buff...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Clear XSTATEBVi in the guest XSAVE state whenever XFDi=1 When loading the guest XSAVE state via KVMSETXSAVE, and when updating XFD in response to a guest WRMSR, clear the XFD-disabled features in the saved or to be...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: efivarfs: fixed error propagation in efivarentryget The efivarentryget function always returns a success value, even if the underlying efivarentryget function fails, thereby masking errors. This may result in uninitialized heap...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: spi: qup: Do not skip cleanup in the error path of the remove function. Returning early in the remove callback of a platform driver is incorrect. In this case, the DMA resources are not released during the error path. This issue ...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Drivers: hv: vmbus – Fixed a memory leak in vmbusaddchannelkobj. kobjectinitandadd takes a reference even when it fails. According to the documentation for kobjectinitandadd: If this function returns an error, kobjectput must ...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: caif: A memory leak has been fixed in cfctrllinkuprequest. When linktype is unknown, or kzalloc fails in cfctrllinkuprequest, pkt is not released. Add a release process to the error handling logic...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Enhanced sanity check during attribute list generation. The nicreateattrlist function uses WARNON to catch error cases during attribute list generation. Currently, it only prints the stack trace, which may not be...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: erofs: set fileio bio failed in short read case For file-backed mounts, IO requests are handled by vfsiocbiterread. However, this process can be interrupted by a SIGKILL signal, resulting in the return of the number of bytes...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: a potential memory leak has been fixed in mlx5einitreprx. The memory pointed to by the priv-rxres pointer is not freed during the error-prone execution of mlx5einitreprx, which can lead to a memory leak. This issue has...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: mmc: atmel-mci: fixed the return value check in mmcaddhost The mmcaddhost function may return an error. If we ignore its return value, it will cause two issues: 1. The memory allocated in mmcallochost may be leaked. 2. In the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/sunrpc: fixed potential memory leaks in rpcsysfsxprtstatechange. This issue occurs during certain error-handling paths. When the function fails to retrieve the object xprt, it simply returns 0, without decreasing the referenc...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: clk: tegra: tegra124-emc: Fixed a potential memory leak. The tegra and tegra variables need to be freed during the error handling process; otherwise, the issue may be exposed...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: PCI: microchip: The refcount leak in mcpcieinitirqdomains has been fixed. The ofgetnextchild function returns a node pointer whose refcount is incremented. Therefore, we should use ofnodeput on it when we no longer need it. The...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xfs: Check for deleted cursors when revalidating two btrees. The free space and inode BTree repair functions will rebuild both btrees at the same time. After that, it is necessary to evaluate both btrees to confirm that the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fixed the error handling for regmap init. The devmregmapinitmmio function returns an ERRPTR upon error, instead of NULL. The error check has been fixed, and the error message has also been corrected. The...