7963 matches found
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sofsdw: handle errors on card registration If the card registration fails, typically because of deferred probes, the device properties added for headset codecs are not removed, which leads to kernel oopses in driver...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: m920x: Fix a potential memory leak in m920xi2cxfer 'read' is freed when it is known to be NULL, but not when a read error occurs. Revert the logic to avoid a small leak, should a m920xread call fail...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix UAF when detecting digest errors We should also bail from the iowork loop when we set rdenabled to true, so we don't attempt to read data from the socket when the TCP stream is already out-of-sync or corrupted...
Astra Linux - уязвимость в linux-astra-modules-5.10, linux-astra-modules-5.15, linux-astra-modules-6.1
The vulnerability of Linux Astra Modules relates to errors during thread blocking. Exploiting this vulnerability allows an attacker to compromise data integrity and also cause service failures through the use of a specially created file system...
Astra Linux - уязвимость в linux
An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations as a result of changes to the handling of grant mapping errors. A host OS denial of service may occur during...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd937x: fixed a potential memory leak in wcd937xsoccodecprobe. When sndsocdapmnewcontrols or sndsocdapmaddroutes fails, wcd937xsoccodecprobe returns without releasing ‘wcd937x-clshinfo’, which is allocated by...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: HID: amdsfh: Switch to device-managed dmamalloccoherent Using the device-managed version simplifies cleanup operations during the probe function. Additionally, this device-managed approach ensures proper cleanup, which helps to...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix NULL-deref on snapshot tear down In case of early initialisation errors and on platforms that do not use the DPU controller, the deinitilisation code can be called with the kms pointer set to NULL. Patchwork:...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix struct clk leak on probe errors Make sure to release the pipe clock reference in case of a late probe error e.g. probe deferral...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: x86/MCE: Always save CS register on AMD Zen IF Poison errors The Instruction Fetch IF units on current AMD Zen-based systems do not guarantee a synchronous MC is delivered for poison consumption errors. Therefore,...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerability has been resolved: resource: fix regionintersects vs addmemorydrivermanaged On a system with CXL memory, the resource tree /proc/iomem related to CXL memory may look like something as follows. 490000000-50fffffff : CXL Window 0 490000000-50fffffff ...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd9335 – Fixed a missing check for free regulator supplies. The driver retrieves and enables all regulator supplies in the probe path wcd9335parsedt and wcd9335poweronreset, but does not perform cleanup in the fina...
Astra Linux - уязвимость в php8.1, php7.3
In PHP versions 8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, and 8.4. pgsql and pdopgsql versions, the escaping functions do not check whether the underlying quoting functions return errors. This could lead to crashes if the Postgres server rejects the string as invalid...
Astra Linux - уязвимость в gimp
A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing a heap buffer overflow...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerability has been resolved: igb: Do not bring the device up after a non-fatal error The commit 004d25060c78 “igb: Fix igbdown hung on surprise removal” changed igbioerrordetected to ignore non-fatal pcie errors, in order to avoid tasks hanging that can occu...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: arm64/pageattr: Propagate return value from changememorycommon The rodata=on security measure requires that any code path which does vmalloc - setmemoryro/setmemoryrox must protect the linear map alias too. Therefore, if such a...
Astra Linux - уязвимость в linux
An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall, the success or failure of each one is reported to the backend driver, and the backend driver then...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: gfs2: Check sbbsizeshift after reading the superblock. Fuzzers often modify sbbsizeshift, but in reality it’s very unlikely that this field would be corrupted on its own. Nevertheless, it should still be checked to avoid potentia...
Astra Linux - уязвимость в redis
Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: asix: add proper error handling of usb read errors Syzbot once again hit uninit value in asix driver. The problem still the same -- asixreadcmd reads less bytes, than was requested by caller. Since all read requests are...