Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed an DFS traversal error without CONFIGCIFSDFSUPCALL. When compiled with CONFIGCIFSDFSUPCALL disabled, cifsdfsdautomount is NULL. The logic for mapping CIFSFATTRDFSREFERRAL attributes to SAUTOMOUNT and corresponding...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: nvme-rdma: fixed a possible use-after-free in the transport errorrecovery process. While nvmerdmasubmitasynceventwork checks the ctrl and queue states before preparing the AER command and scheduling iowork, this check is...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nilfs2: The OOB issue in nilfssetdetype has been fixed. The size of the nilfstypebymode array in the fs/nilfs2/dir.c file is defined as “SIFT SSHIFT”. However, the nilfssetdetype function, which uses this array, specifies the ind...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Potential use-after-free issues have been avoided in hcierrorreset. When handling the HCIEVHARDWAREERROR event, if the underlying BT controller is not responding, the GPIO reset mechanism will free the hcidev, leading ...

Astra Linux - уязвимость в linux-5.15

A issue was discovered in the net/ceph/messengerv2.c file within the Linux kernel before version 6.4.5. There is an integer signedness error, which leads to a buffer overflow and remote code execution via the HELLO command or one of the AUTH frames. This occurs due to an untrusted length value...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Media: MediTech; vcodec: Cannot set dstbuffer to done when a late decoding error occurs. The core thread will call v4l2m2mbufdone to set the dstbuffer as done for the late architecture. If v4l2m2mbufdoneandjobfinish is called lat...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/lbr: Fixed an unchecked MSR access error on HSW. The fuzzer triggers the following trace: 7763.384369 Unchecked MSR access error: WRMSR to 0x689 attempted to write 0x1fffffff8101349e at rIP: 0xffffffff810704a4...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fixed the bug: KASAN: null-ptr-deref in rxeqpdocleanup. The function rxecreateqp calls rxeqpfrominit. If an error occurs, the error handler for rxeqpfrominit will set both scq and rcq to NULL. Then, rxecreateqp calls...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: iavf: Fixed error handling related to adminq. iavfallocasqbufs/iavfallocarqbufs allocate memory for VF mailbox using dmaalloccoherent. DMA regions are freed for both ASQ and ARQ in case an error occurs during the configuration...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: igc: Restored the IGCREMOVED logic and implemented it correctly. The initially merged version of the igc driver code via commit 146740f9abc4, “igc: Add support for PF” contained the following IGCREMOVED checks in the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Fixed the error code in iwlopmodedvmstart The error code should be preserved if iwlsetupdeferredwork fails. The current code returns ERRPTR0 which is NULL at this point. I believe that the missing error code could...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: virtio-crypto: fixed a memory leak in virtiocryptoalgskcipherclosesession The variable 'vcctrlreq' is allocated in virtiocryptoalgskcipherclosesession, and should be freed in the invalid ctrlstatus-status error handling case...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: reset: gpio: fix double free in resetaddgpioauxdevice error path When auxiliarydeviceadd fails, resetadd gpioauxdevice calls auxiliarydeviceuninitadev. The device release callback resetgpioauxdevicerelease frees adev, but the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Do not allow userspace to trivially trigger kernel warnings. Userspace can either deliberately pass in a too-small numfences value, or the required number can legitimately increase between the two calls to the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: eth: mlx4: Fixed the issue where a NULL check was used instead of an ISERR check in the mlx4encreaterxring function. After calling pagepoolcreate, the NULL check was replaced with an ISERR check because this function returns erro...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: da7219: Fixed an error handling path in da7219registerdaiclks. If clkhwregister fails, the corresponding clk should not be unregistered. To handle errors from loops, partial iterations should be cleaned up before performing...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: fix memleak on platformdeviceadd fails No error handling is performed when platformdeviceadd fails. Error processing should be added before returning from the function, and the return value has been modified...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Fixed resource leaks that occur during errors in lineinfochangednotify. During error handling, lineinfochangednotify does not free the allocated resources, resulting in leaks. This issue has been fixed...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: brwifi: brcmfmac – Fixed a potential kernel error when the probe function fails. When the probe of the sdio brwifi brcmfmac device fails for certain reasons e.g., missing firmware, the sdiodev-bus is set to “error” instead ...

Astra Linux - уязвимость в linux-5.10, linux

In nftablesupdtable, if nftablestableenable returns an error, nfttransdestroy is called to free the transaction object. nfttransDestroy calls listdel, but the transaction was never placed on a list—the list head contains only zeros, which results in a NULL pointer being dereferenced...