73413 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: cxl/acpi: Fixed a use-after-free in cxlparsecfmws KASAN and KFENCE detected a use-after-free in the CXL driver. This occurs in the cxldecoderadd function’s failure path. KASAN prints the following error: BUG: KASAN:...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: HID: hyperv: fixed a possible memory leak in mousevscprobe If hidadddevice returns an error, it should call hiddestroydevice to free the hiddev that was allocated in hidallocatedevice...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: DCCP: Fixed an out-of-bounds access in the DCCP error handler. There was a previous attempt to fix an out-of-bounds access in the DCCP error handlers, but that fix assumed that the error handlers only wanted to access the first 8...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Firmware: armscmi: Fixed a NULL dereference on the notify error path. Since the commit b5daf93b809d1 “Firmware: armscmi: Avoid notifier registration for unsupported events”, the call chains leading to the helper...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp – Fix use-after-free on error path In the error path of sevtsminitlocked, the code dereferences t after it has been freed with kfree. The prerr statement attempts to access t-tioen and t-tioinitdone after the memory h...
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: cassini: Fixed a memory leak in the error handling path of casinitone. cassaturnfirmwareinit allocates some memory using vmalloc. This memory is freed in the .remove function, but not in the error handling path of the probe...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: usbnet: fixed a memory leak in error cases. usbnetwritecmdasync: misused which buffers that need to be freed in which error cases. v2: added a Fixes tag. v3: fixed an issue with an uninitialized buf pointer...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fixed an error in the unwind process of rxecreateqp. In the function rxecreateqp, rxeqpfrominit is called to initialize the qp. Internally, things like the spin locks are not set up until rxeqpinitreq is called. If an...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: iris: Fixed NULL pointer dereferencing. A warning reported by smatch indicated a potential NULL pointer dereferencing issue, where one of the arguments to the API “irishfigen2handlesystemerror” might sometimes be null. To...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: net: netsec: fixed error handling in netsecregistermdio. If phydeviceregister fails, phydevicefree must be called to reset the reference count; thus, the memory associated with the phy device and its name can be freed in the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/meson: Fixed the reference count leak in mesonencoderhdmiinit. The function offinddevicebynode takes a reference; we should use putdevice to release it when there is no longer a need for it. Add the missing putdevice in the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: rpmsg: Fixed a possible refcount leak in rpmsgregisterdeviceoverride. rpmsgregisterdeviceoverride needs to call putdevice to free the vch when driversetoverride fails. This issue was fixed by adding a call to putdevice in the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: Purge error queues in socket destructors When TX timestamping is enabled via SOTIMESTAMPING, SKBs may be queued into skerrorqueue and remain there until they are consumed. If userspace never gets to read the...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs: Fixed error handling in mxssgtl5000probe. This function only calls ofnodeput in the regular path. However, it will cause a refcount leak in error-prone paths. For example, when codecnp is NULL, saifnp0 and saifnp1 are...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: solo6x10: fix possible memory leak in solosysfsinit If deviceregister returns an error in solosysfsinit, the name allocated by devsetname needs to be freed. As noted in the comments for deviceregister, it should use...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: cxl/ras: Fixed the device confusion in the CPER handler. Upon inspection, the cxlcperhandleproterr function makes several fragile assumptions that can lead to crashes: 1. It assumes that the endpoints identified in the record...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: gpio: qixis-fpga: Fixed error handling for devmregmapinitmmio. devmregmapinitmmio returns ERRPTR if it fails, instead of returning NULL. The original code checked for NULL, which would never trigger in case of errors, potentially...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Do not allow SETID to refer to another table. When performing lookups for sets within the same batch using their IDs, a set from a different table can be utilized. However, when the table is removed, a...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: In tty: goldfish, use ttyportdestroy to destroy the port. In goldfishttyprobe, the port initialized through ttyportinit should be destroyed in error paths. In goldfishttyremove, qtty-port also should be destroyed to prevent...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: dm: limiting swapping tables for devices with zone write plugs The dmrevalidatezones function only allows new or previously unzoned devices to call blkrevalidatediskzones. If the device was already zoned, disk-nrzones would alway...