73413 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/msm/a3xx: Fixed error handling in a3xxgpuinit. These error paths now return 1 in case of failure, instead of a negative error code. This could lead to an Oops in the calling function. Another issue is that the check for "i...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: calipso: Fixed a null-ptr-deref in calipsoreqset,delattr. Syzkaller reported a null-ptr-deref in sockomalloc when allocating a CALIPSO option. The NULL value referred to struct sock, which was accessed by sktofullsk in...
Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Do not call BUGON when the reference count is 0 at btrfslookupextentinfo. Instead of calling BUGON, handle the error by returning -EUCLEAN, aborting the transaction, and logging an error message...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: btrfs: Do not drop the extentmap for the inode of free space during a write error. While running the CI for an unrelated change, I encountered the following panic: with generic/648 on btrfsholesspacecache. The assertion failed:...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/rxe: Returns a CQE error if an invalid lkey is provided. In RXE, there is a lack of update of the WQE status in cases of LOCALwrite failures. This caused the following kernel panic if someone performed an atomic operation...
Astra Linux - уязвимость в linux, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: tracing/trigger: Fixed to return an error if attempting to allocate a snapshot fails. registersnapshottrigger function was fixed to return an error code if it fails to allocate a snapshot, instead of returning 0 success. Otherwis...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: net/bnx2x: Prevent access to a freed page in pagepool. Fixed a race condition that could lead to a system crash during EEH error handling. During EEH error recovery, the transmit timeout logic of the bnx2x driver could cause a...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: inet: Do not leave a dangling sk pointer in inetcreate The sockinitdata function attaches the allocated sk object to the provided sock object. If inetcreate fails later, the sk object is freed, but the sock object retains a...
Astra Linux - уязвимость в libjettison-java
An infinite recursion occurs in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This results in a StackOverflowError exception being thrown...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: encx24j600: check error in devmregmapinitencx24j600 devmregmapinit may return error which caused by like out of memory, this will results in null pointer dereference later when reading or writing register: general protection...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: dlmfs: fixed error handling of userdlmdestroylock When userdlmdestroylock failed, it did not clean up the flags it set before exiting. For USERLOCKINTEARDOWN, if this function fails because the lock is still in use, the...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: i40e: fixed the issue of freeing IRQs in the i40evsirequestirqmsix error path. If requestirq in i40evsirequestirqmsix fails in an iteration later than the first one, the error path attempts to free the IRQs that have been request...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fixed a memory leak in vmwmksstataddioctl If the copy of the description string from user space fails, then the page containing the instance descriptor does not get freed before returning -EFAULT, resulting in a memor...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: Do not access a released socket during error recovery. While the error recovery mechanism is temporarily failing due to reconnect attempts, running the nvme list command causes a kernel NULL pointer derefrence by callin...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: slimbus: qcom-ngd: cleanup in the probe error path Added a proper error path in the probe function to clean up resources that were previously acquired/allocated, in order to fix warnings that appear during probe deferral: The...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: chardev: Fixed error handling in cdevdeviceadd. While performing fault injection tests, the following issue was reported: ------------ Cut here ------------ kobject: “null” 0000000039956980: Not initialized, yet kobjectput is bei...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Firmware: armffa: Fixed FFA device names for logical partitions Each physical partition can provide multiple services, each with a unique UUID. Each such service can be represented as a logical partition with a unique combination...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fixed a memory leak in vkmsinit A memory leak was reported after the vkms module installation failed. An unreferenced object with an ID of 0xffff88810bc28520 size 16 was involved: Command: modprobe, PID: 9662, Jiffies:...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: mlxsw: Minor fix for a potential memory leak in mlxswmlinecardsinit. The line cards array is not freed during the error path of mlxswmlinecardsinit, which could lead to a memory leak. This issue was addressed by freeing the array...
Astra Linux - уязвимость в opensc
The TCOS smart card software driver in OpenSC before version 0.21.0-rc1 has a stack-based buffer overflow in the tcosdecipher function...