Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Firmware: armffa: Fixed FFA device names for logical partitions Each physical partition can provide multiple services, each with a unique UUID. Each such service can be represented as a logical partition with a unique combination...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fixed a memory leak in vkmsinit A memory leak was reported after the vkms module installation failed. An unreferenced object with an ID of 0xffff88810bc28520 size 16 was involved: Command: modprobe, PID: 9662, Jiffies:...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mlxsw: Minor fix for a potential memory leak in mlxswmlinecardsinit. The line cards array is not freed during the error path of mlxswmlinecardsinit, which could lead to a memory leak. This issue was addressed by freeing the array...

Astra Linux - уязвимость в opensc

The TCOS smart card software driver in OpenSC before version 0.21.0-rc1 has a stack-based buffer overflow in the tcosdecipher function...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: spi: spi-qpic-snand: Unregisters the ECC engine upon probe error and device removal. The on-host hardware ECC engine remains registered both when the spiregistercontroller function returns an error, and also upon device removal...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Binder: Fixed a UAF in bindersnetlinkreport. Oneway transactions sent to frozen targets via bindersproctransaction return an BRTRANSACTIONPENDINGFROZEN error, but they are still treated as successful since the target is expected ...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: cxl: Fixed a memory leak in the error handling path. The bitmapzalloc function must be balanced with a corresponding bitmapfree function in the error handling path of afuallocateirqs...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drbd: fixed a null pointer dereferencing issue during local read operations In drbdrequestendio, READCOMPLETEDWITHERROR is passed to reqmod with a NULL peerdevice: reqmodreq, what, NULL, &m; The READCOMPLETEDWITHERROR handler...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Drivers: hv: vmbus – Fixed a memory leak in vmbusaddchannelkobj. kobjectinitandadd takes a reference even when it fails. According to the documentation for kobjectinitandadd: If this function returns an error, kobjectput must ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fixed a memory leak in dwc3qcominterconnectinit. In the alloc Resources for path handle function, resources should be released when they are no longer needed. This can be done by using the release function in...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: usb: host: xhci: Fixed a potential memory leak in xhciallocstreaminfo The xhciallocstreaminfo function allocates a stream context array for streaminfo-streamctxarray using xhciallocstreamctx. When an error occurs, the...

Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Use a u64 type for the bankmap. The maximum number of MCA banks is 64 MAXNRBANKS. See a0bc32b3cacf “x86/mce: Increase the maximum number of banks to 64”. However, the bankmap, which contains a bitfield indicating whi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: genl: Fixed a memory leak in the error path during policy dumping. If the construction of the policy array fails when recording non-first policies, we need to unwind the situation. The netlinkpolicydumpaddpolicy function...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Do not pass actlen in the usbbulkmsg error path. syzbot reported that actlen in kalmiasendinitpacket is uninitialized when it is passed to the first usbbulkmsg error path. Jiri Pirko noted that it is pointless to...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: PCI: Fixed NULL dereferencing in the error path during SR-IOV VF creation. Fixed issues where attempting to remove a device could lead to NULL pointer dereferencing. This issue occurred due to incorrect error handling when...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: atmel: The issue with reference counting has been fixed in atmelnandcontrollerinit. The reference counting issue occurs in several error handling paths involving an object with a refcount, called “nc-dmac”. In these...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Fixed the incorrect assignment of a signed error value to unsigned fwlevel. Although the acpifindlastcachelevel function always returns a signed value, and the documentation states that it will return any errors...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: idpf: Error handling in the inittask during loading was fixed. If the inittask fails during driver loading, we end up with no vports and netdevs, effectively failing the entire process. In that state, a subsequent reset will resu...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: watchqueue: Fixed NULL dereference in error cleanup. In watchqueuesetsize, the error cleanup code does not take into account that freepage cannot handle a NULL pointer when trying to free buffer pages that have been allocated. Th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ima: A memory leak was fixed in imainodehash. The commit f3cc6b25dcc5 “ima: always measure and audit files in policy” allows measurement or auditing to occur even when the file digest cannot be calculated. As a result, iint-imaha...