Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/cm: Fixed a memory leak in ibcminsertlisten. The function cmallocidpriv allocates resources for the cmidpriv. When cminitlisten fails, it does not free those allocated resources, resulting in a memory leak. Added missing...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Always report an error in runonedelayedref. Currently, we have a btrfsdebug function for handling failures in runonedelayedref. However, if end users encounter such problems, there will be no chance that btrfsDebug is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Only send -ENOTCONN status if the client driver is available. For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if the client driver is available. Otherwise, it will result in a null...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Soundwire: Bus: Fix unbalanced pmruntimeput causing usage count underflow This issue is addressed by the commit 443a98e649b4 “Soundwire: Bus: Use pmruntimeresumeandget”. The calls to pmruntimeresumeandget have been changed back t...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nfs: Return EISDIR when nfs3proccreate is called, if dalias is a directory. If we find an alias through nfs3docreate/nfsaddorobtain/dsplicealias that turns out to be a directory entry, we do not return any errors and simply ignor...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: samsung-dsim: Fixed a memory leak in the error path. In samsungdsimhostattach, the drmbridgeadd function is called to add the bridge. However, if samsungdsimregisterteirq or pdata-hostops-attach fails later, the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: In the net: stream module, the purge skerrorqueue operation in skstreamkillqueues has been fixed. Changheon Lee reported TCP socket leaks, with a detailed reproduction code. It appears that we encounter TCP socket leaks in the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ATA: libata-transport: fixed the double call to atahostput in atatportadd In the error path in atatportadd, when calling putdevice, atatportrelease is called. This function decreases the refcount of ‘ap-host’. Then, atahostput is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ICE: Fixed ‘scheduling while atomic’ in aux critical error interrupts There’s a kernel bug related to processing aux critical error interrupts in icemiscintr: 2100.917085 BUG: Scheduling while atomic: swapper/15/0/0x00010000 …...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: Watchdog: ts4800wdt: Fixed the refcount leak in ts4800wdtprobe. ofparsephandle returns a node pointer with a refcount incremented; we should use ofnodeput on it after processing. Add ofnodeput at some error-prone points...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: removed gfxv110cpeccerrorirqfuncs The gfx.cpeccerrorirq has been removed from gfx11. In gfxv110hwfini, amdgpuirqput is still used to disable this interrupt, which caused the call trace in this function. 102.873958...

Astra Linux - уязвимость в gst-plugins-good1.0

Integer overflow in the avidemux element within the gstavidemuxinvert function, which allows for a heap overwrite during the parsing of AVI files. There is a potential for arbitrary code execution due to the heap overwrite...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fixed NULL dereferencing in error handling The following issue was reported: drivers/scsi/qedf/qedfmain.c:3056 qedfallocglobalqueues Warning: Missing “unwind goto”? At this point in the function, nothing has been...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: xhci: Properly handling isoc Babble and Buffer Overrun events xHCI 4.9 explicitly prohibits making assumptions that the xHC has released its ownership of a multi-TRB TD when an error occurs in one of the early TRBs. However, t...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcisync: fixed leaks when hcicmdsyncqueueonce fails When hcicmdsyncqueueonce returns an error, the destroy callback will not be called. Fixed the issue of leaking references/memory in cases where this error occurs...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: nfsd: calls oprelease, even when opfunc returns an error. For operations with “trivial” replies, nfsd4encodeoperation will shortcut most of the encoding process and simply perform marshaling of the status. One of the things it...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed an DFS traversal error without CONFIGCIFSDFSUPCALL. When compiled with CONFIGCIFSDFSUPCALL disabled, cifsdfsdautomount is NULL. The logic for mapping CIFSFATTRDFSREFERRAL attributes to SAUTOMOUNT and corresponding...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/handshake: The destructor was restored after a submission failure. The handshakereqsubmit function replaces sk-skdestruct, but never restores it when the submission fails before the request is hashed. In this case,...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: block: Fixed an incorrect offset in biotruncate biotruncate clears the buffer outside of the last block of bdev. However, the current implementation of biotruncate uses the wrong offset for the page. As a result, uninitialized da...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nilfs2: The OOB issue in nilfssetdetype has been fixed. The size of the nilfstypebymode array in the fs/nilfs2/dir.c file is defined as “SIFT SSHIFT”. However, the nilfssetdetype function, which uses this array, specifies the ind...