910 matches found
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed another “off-by-one” issue with the fsmap for 1k-block file systems. It seems that syzbot discovered that issuing the FSMAP call as follows: c struct fsmaphead cmd = .fmhcount = ...; .fmhkeys = .fmrdevice = / ext4...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
The non-transparent sharing of return predictor targets between contexts in some Intel processors may allow an authorized user to potentially enable information disclosure through local access...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: ov8865: Fixed an error handling path in ov8865probe The commit in “Fixes” also introduced some new error handling mechanisms; these new mechanisms should replace the existing error handling paths. Otherwise, some resources...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Networks: Ethernet; mtkethsoc: fixed the issue of PPE hanging. A patch to resolve this issue was found in MediaTek’s GPL-licensed SDK. In the mtkppestop function, the PPE scan mode is not disabled before disabling the PPE. This...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: phy: fsl-imx8mq-usb: set platformdriverdata The missing platformsetdrvdata function has also been added, as the data will be used in the remove function...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a NULL pointer dereferencing issue in smb2getinfofilesystem. If share is provided, share-path will be NULL, which can lead to a NULL pointer dereferencing issue...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
KGDB and KDB allow read and write access to kernel memory, and therefore should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger, so it is important that the debugger respects the lockdown mode when/if it is triggered. CVSS 3.1 Base Score: 6.7...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Fixed a use-after-free in the neigh update handler for the encap entry. The function mlx5erepneighupdate was not updated to accommodate the removal of the rtnl lock from the TC filter update path, and it did not...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: dma-debug: Do not call dmaentryalloccheckleak under freeentrieslock. dmaentryalloccheckleak calls into printk, which outputs to the serial console qcom geni. It also acquires port-lock under freeentrieslock. This involves a rever...
Astra Linux – Vulnerability in Linux, Linux 5.10
There is a bug in /net/nfc/netlink.c that allows an attacker to crash the Linux kernel by simulating an NFC device from user-space...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In nftablesupdtable, if nftablestableenable returns an error, nfttransdestroy is called to free the transaction object. nfttransDestroy calls listdel, but the transaction was never placed on a list—the list head contains only zeros, which results in a NULL pointer being dereferenced...
Astra Linux – Vulnerability in Linux 5.10
A out-of-bounds memory write flaw was discovered in the Linux kernel’s watchqueue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system...
Astra Linux – Vulnerability in Linux, Linux 5.10
A data leak flaw was discovered in the way of the XFSIOCALLOCSP IOCTL in the XFS filesystem, which allows for an increase in file sizes when the size is unaligned. A local attacker could exploit this flaw to leak data from the XFS filesystem that would otherwise be inaccessible to them...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
Closing an event channel in the Linux kernel can lead to a deadlock. This occurs when the closure operation is performed in parallel with an unrelated Xen console action, and the handling of a Xen console interrupt occurs in a unprivileged guest. The closure of an event channel is triggered, for...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Added a missing terminator for zen5rdseedmicrocode Running x86matchminmicrocoderev on a Zen5 CPU results in a KASAN exception due to an out-of-bounds access...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A null pointer dereference flaw was discovered in the hugetlbfsfillsuper function within the Linux kernel’s hugetlbfs Huge TLB pages functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on the system...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
A flaw was discovered in the Linux kernel. The existing KVM SEV API contains a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM instance in an AMD CPU that supports Secure Encrypted Virtualization SEV...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: NFS: Check the TLS certificate fields in nfsmatchclient If the TLS security policy is of type RPCXPRTSECTLSX509, then the certserial and privkeyserial fields also need to match, as they define the client’s identity, as presented ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: nvmem: zynqmpnvmem: Fixed the buffer size in DMA and memcpy. The buffer size used in DMA allocation and memcpy is incorrect. This can lead to undersized DMA buffer accesses and potential memory corruption. Use the correct buff...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm: Don’t spin in addstackrecord when gfp flags don’t allow. The syzbot tool was able to identify the following functions: addstackrecordtolist in mm/pageowner.c:182 inline incstackrecordcount in mm/pageowner.c:214 inline...