73452 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: smb/server: The function ksmbdsessionrpcclose is called on the error path in the createsmb2pipe function. When the ksmbdiovpinrsp function fails, we should call ksmbdsessionrpcclose...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: Net: Atlantic: Eliminated double-free operations in error handling logic. The driver has a logic flaw in ring data allocation/free. In this flaw, the aqringfree function may be called multiple times within the same ring. If th...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ubi: A possible null-ptr-deref occurred in ubifreevolume. This issue will occur in the following scenario: uifinit ubiaddvolume cdevadd – If this function fails, it will call killvolumes. deviceregister killvolumes – If...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fixed an issue where the HCAPORTS component was unregistered twice. Clear the hcadevcomcomp field in the device’s private data after unregistering it during the LAG teardown. Otherwise, a slightly delayed second pass...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Check kzalloc in lpfcsli4cgnparamsread If kzalloc fails in lpfcsli4cgnparamsread, then we rely on lpfcreadobject’s routine to perform a NULL check on pdata. Currently, an early return error is thrown from lpfcreadobje...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: socinfo: Added kfree call for kstrdup. Added kfree in the subsequent error handling to avoid memory leaks...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS – Fixed a memory leak in the hwspoolbuddyinit error path. In the error path of hwspoolbuddyinit, the buddy allocator cleanup does not free the allocator structure itself, resulting in a memory leak. Added the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fixed a potential use-after-free issue in airohanpuget. np-name was being used after calling ofnodeputnp, which releases the node and could lead to a use-after-free bug. Previously, ofnodeputnp was called...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: rapidio: fixed possible name leaks when rioadddevice fails. The patch series is titled “rapidio: fix three possible memory leaks”. This patchset addresses three name leaks during error handling. – Patch 1 fixes two name leaks...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/amdkfd: Fixed error handling in kfdprocessdeviceinitvm. It is recommended to only destroy the ibmem and let the process cleanup worker free the outstanding BOs. Reset the pointer in the pdd-qpd structure to avoid NULL...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ipv4: A reference count leak was addressed when using error routes with nexthop objects. When a nexthop object is deleted, it is marked as “dead”, and then fibtableFlush is called to flush all routes that use the dead nexthop. Th...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: lan966x: Fixed error handling for pagepool in lan966xfdmarxallocpagepool. pagepoolcreate may return an ERRPTR upon failure. This return value is used unconditionally in the subsequent loop. The error pointer is passed throug...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Add length check when parsing nlattrs There are three places where qla4xxx parses nlattrs: - qla4xxxsetchapentry - qla4xxxifacesetparam - qla4xxxsysfsddbsetparam Each of these functions converts nlattr to a specifi...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: clk: clocking-wizard: Fixed an error in clkwzrdregisterdivider. A match was detected for a potential error of dereferencing the pointer in clkwzrdregisterdivider. If devmclkHWRegister fails, it sets “hw” to an error pointer, and...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/plane: Fixed the return value of createinformatblob createinformatblob is supposed to return a valid pointer or an error; it should never return NULL. The caller will dereference the blob if there is no error, and thus will...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: tracing/userevents: Ensure that the write index cannot be negative. The write index indicates which event the data corresponds to and accesses a per-file array. This index is passed by user processes during write calls as the fir...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: Fixed a crash that occurred when freeing an invalid crypto compressor. When cryptoallocacomp fails, it returns an ERRPTR value instead of NULL. The cleanup code in savecompressedimage and loadcompressedimage...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Preventing interrupt storms due to Host Controller Errors HCE The xHCI controller reports a Host Controller Error HCE in UAS Storage during device plug/unplug scenarios on Android devices. HCE is checked in the xhciirq...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ipvs: Fixed the NULL dereference in the error path of ipvsaddservice. When ipvsbindscheduler successfully calls ipvsaddservice, the local variable sched is set to NULL. If ipvsstartestimator subsequently fails, the cleanup code...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: tty: serial: 8250: serialcs: Fixed a memory leak in the error handling path In the probe function, if the serialconfig function fails, resources are being leaked. Add a resource handling mechanism to free up this memory...