Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: fixed the issue of null pointer dereferencing on the pointer csdesc. The pointer csdesc is returned from sndusbfindclocksource; this pointer may be null, resulting in a potential null pointer dereferencing issue...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: perf/arm-cmn: Unsupported hardware configurations are now rejected. So far, we have been fairly lenient in accepting both unknown CMN models at least with a warning, as well as unknown versions of those models that we do know...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: Clear the scratchpt pointer in case of errors. Avoid triggering a dereference of an error pointer during cleanup in xevmfreescratch, by clearing any scratchpt error pointers. Selected from commit...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: “Revert ‘media: iris’: Add a sanity check for stopping streaming.” This change is reflected in the commit ad699fa78b59241c9d71a8cafb51525f3dab04d4. The check that previously skipped “stopstreaming” when the instance was in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: sfc: Fixed NULL dereferencing in ef100processdesignparam. Since the referenced commit, ef100probemain and therefore ef100checkdesignparams are executed before efx-netdev is created. As a result, we cannot use netifsettsomaxsiz...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net:mctp: taking ownership of skb in mctplocaloutput Currently, mctplocaloutput only takes ownership of the skb when it succeeds. In some cases where mctplocaloutput fails, we might leak the skb. Ownership of the skb is not...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: feem: Fixed a memory leak in eemunwrap The existing code did not handle the failure case of usbepqueue in the command path, potentially leading to memory leaks. Error handling was improved to free all allocated...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

A issue was discovered in the Linux kernel through version 6.1-rc8. The function dpucrtcatomiccheck in the file drivers/gpu/drm/msm/disp/dpu1/dpucrtc.c lacks a check for the return value of kzalloc. This issue may lead to a NULL Pointer Dereference...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: Fixed a panic that occurred during failed allocation of folio blocks. The commits 7e119cff9d0a „ocfs2: converting wpages to wfolios“ and 9a5e08652dc4b „ocfs2: using an array of folios instead of an array of pages“ fixed...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: mmc: rtsxusbsdmmc: Fix the return value check in mmcaddhost. The mmcaddhost function may return an error. If we ignore its return value, the memory allocated by mmcallochost will be leaked, leading to a kernel crash due to the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: brcmfmac: pcie: Firmware is released in the brmfipciesetup error path. This prevents memory leaks if the brmfichipgetraminfo function fails. Note that the CLM blob is released in the device removal path...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mctp: Fixed an error handling path in mctpinit. If mctpneighinit returns an error, the route resources should be released during the error handling path. Otherwise, some resources may be leaked...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Fixed a possible name leak in tcmloopsetuphbabus. If deviceregister fails in tcmloopsetuphbabus, the name allocated by devsetname needs to be freed. As commented in deviceregister, it should use putdevice t...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: dmstats: Check for and propagate the allocpercpu failure. Check the return value of allocprecpu, and return an error from dmstatsinit if it fails. Update allocdev to fail if dmstatsinit does. Otherwise, a NULL pointer dereferenci...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bpf, s390: Fixed a potential memory leak related to jitdata. Make sure that jitdata is freed through kfree in the error path...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ubi: ubicreatevolume: Fixed a use-after-free issue when volume creation failed. There is a use-after-free problem related to ‘ebatbl’ in the error handling code of ubicreatevolume. The relevant code is as follows:...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In md/raid10, there is a issue where memory leaks occur in the MD thread. In raid10run, if setupconf succeeds and raid10run fails before setting ‘mddev-thread’, then the variable ‘conf-thread’ is not freed. This issue can be fixe...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm, slub: fixed a potential memory leak in kmemcacheopen. In the error path, the randomseq of the slub cache might be leaked. This issue was fixed by using kmemcacherelease to release all relevant resources...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Addition of exception protection handling for vd in the axichanhandleerr function. Since there is no protection for vd, a kernel panic will be triggered in exceptional cases. You can refer to the handling of the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Lag – Check for LAG devices before creating debugfs. The function mlx5lagdevaddmdev may return 0 success even when an error occurs, but this error is handled gracefully. As a result, the initialization process proceeds ...