73413 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: reset: gpio: fix double free in resetaddgpioauxdevice error path When auxiliarydeviceadd fails, resetadd gpioauxdevice calls auxiliarydeviceuninitadev. The device release callback resetgpioauxdevicerelease frees adev, but the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: virtio-crypto: fixed a memory leak in virtiocryptoalgskcipherclosesession The variable 'vcctrlreq' is allocated in virtiocryptoalgskcipherclosesession, and should be freed in the invalid ctrlstatus-status error handling case...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: mdio: Check regmap pointer returned by devicenodetoregmap The call to devicenodetoregmap in airohamdioprobe may return an ERRPTR if the regmap initialization fails. Currently, the driver stores the pointer without validation...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Do not allow userspace to trivially trigger kernel warnings. Userspace can either deliberately pass in a too-small numfences value, or the required number can legitimately increase between the two calls to the...
Astra Linux - уязвимость в linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ext4: Allow ext4getgroupinfo to fail Previously, ext4getgroupinfo would treat an invalid group number as a BUG, since this should never happen in theory. However, if a malicious attacker or fuzzer modifies the superblock via the...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Do not reset the dql stats during a NONFATAL reset. All ibmvnic resets should instead call netdevtxresetqueue when reopening the device. netdevtxresetqueue resets the numqueued and numcompleted byte counters. These stats...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: xfs: Do not perform irele after failing to perform iget in xfsattrirecoverwork. xlogrecoveryiget never sets @ip to a valid pointer if it returns an error; therefore, this irele will cause a dangling pointer. This issue has bee...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Fixed resource leaks that occur during errors in lineinfochangednotify. During error handling, lineinfochangednotify does not free the allocated resources, resulting in leaks. This issue has been fixed...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: fix memleak on platformdeviceadd fails No error handling is performed when platformdeviceadd fails. Error processing should be added before returning from the function, and the return value has been modified...
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fixed the memory leak related to ‘conf-biosplit’. In the error path of raid10run, ‘conf’ needs to be freed. However, ‘conf-biosplit’ is not freed, resulting in a memory leak. Since there are three places where ‘conf’ c...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: mediatek: mt8173: Fixed a refcount leak in the mt8173rt5650rt5676devprobe function. The ofparsephandle function returns a node pointer with a refcount incremented. We should use ofnodeput on it when it is no longer neede...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS – Fixed a memory leak in the hwspoolbuddyinit error path. In the error path of hwspoolbuddyinit, the buddy allocator cleanup does not free the allocator structure itself, resulting in a memory leak. Added the...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: tee: added a overflow check in registershmhelper When special lengths are provided by the user space, registershmhelper may cause an integer overflow when calculating the number of pages covered by a given user space memory regio...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: mmc: mmcspi: fixed error handling in mmcspiprobe If mmcaddhost fails, there is no need to call mmcremovehost; otherwise, it may cause a null-ptr-deref due to deleting a device that was not properly added in mmcremovehost. To fix...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Fixed error handling for eventfd in kvmxeneventfdassign Do not call eventfdctxput in case of an error. Introduced a new goto target instead. - Paolo...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: net: lan966x: Fixed a potential nullptrderef in lan966xstatsinit. lan966xstatsinit calls createsinglethreadworkqueue, without checking the return value. This may result in NULL being returned. A nullptrderef could occur:...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed a memory leak in the ntfsfillsuper error path. syzbot reported the issue as follows: BUG: Memory leak Unreferenced object: 0xffff8880122f1540 size: 32 bytes Command: "a.out", PID: 6664; Jiffies: 4294939771 time...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fixed a missing pointer check in the hdacomponentmanagerinit function. The componentmatchadd function may assign the ‘matchptr’ pointer the value ERRPTR-ENOMEM, which will subsequently be dereferenced. The call stack...
Astra Linux - уязвимость в firefox, thunderbird
When generating the assembly code for MLoadTypedArrayElementHole, an incorrect AliasSet was used. In conjunction with another vulnerability, this could have led to an out-of-bounds memory read. This vulnerability affects Thunderbird 91.8, Firefox 99, and Firefox ESR 91.8...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: The handling of the pcichanneliofrozen case is now performed only in amdgpupciresume. In current code, when a PCI error state pcichannelionormal is detected, it will report the PCIERSRESULTCANRECOVER status to the PCI...