22656 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fixed a situation where a NULL pointer was dereferenced. The LRU mechanism may look up a resource during the process of removing it from an object. The locking rules for this operation are somewhat unclear, but it...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: A memory leak has been fixed in ipcpciereadbioscfg. The ipcpciereadbioscfg function uses acpievaluatedsm to obtain the wwan power state configuration from the BIOS. However, it does not free the acpiobject after...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: bpftool: A NULL pointer derefrence issue occurs when pinning PROG, MAP, LINK without FILE. When using bpftool to pin PROG, MAP, LINK without FILE, a segmentation fault will occur. The reason is that the absence of FILE causes...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed incorrect reg type conversion in releasereference Some helper functions will allocate memory. To avoid memory leaks, the verifier requires the eBPF program to release this memory by calling the corresponding helper...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: i2c: dev: check the return value when calling devsetname If devsetname fails, the devname will be null. Check the return value of devsetname to avoid a null-ptr-deref...
Astra Linux – Vulnerability in Linux 5.15
A race condition in the x86 KVM subsystem within the Linux kernel, as of 6.1-rc6, allows guest OS users to cause a denial of service host OS crash or host OS memory corruption when nested virtualization is enabled and the TDP MMU is also enabled...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed an array-index-out-of-bounds issue in dcn35clkmgr. Why There is a potential memory access violation during the iteration of the dcn35 clks’ array. How The iteration rate per array size has been limited...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ptdma: In ptcoreexecutecmd, it is necessary to use a spinlock. The interrupt handler ptcoreirqhandler of the ptdma driver can be called from the interrupt context. The code flow within this function may lead to ptcoreexecutecmd,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: acpi: Fix for suspending with Xen PV The commit f1e525009493 “x86/boot: Skip realmode init code when running as Xen PV guest” missed one code path that accessed the realmodeheader. This led to a situation where a NULL pointer was...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: usb:typec:ucsi: Do not attempt to resume ports before they exist. This fix addresses a null pointer dereference issue that occurred when the driver attempted to resume ports that were not yet registered...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: “Revert “block, bfq: honor already-setup queue merges”” A crash occurred in conjunction with the commit 2d52c58b9c9b “block, bfq: honor already-setup queue merges”. This issue was later reverted by the commit ebc69e897e17 “Revert...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A vulnerability was discovered in vhostnewmsg in drivers/vhost/vhost.c within the Linux kernel. This issue arises due to the improper initialization of memory in messages transmitted between virtual guests and the host operating system, as implemented in the vhostnewmsg function. This vulnerabili...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
A out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 netfilter: nftables: Reject tables of unsupported family. While creating a new netfilter table, the lack of a safeguard against invalid nftables family pf values within the nftablesnewtable function...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
A issue was discovered in the Linux kernel through version 6.0.9. In the file drivers/media/dvb-core/dvbnet.c, there is a race condition between .disconnect and dvbdeviceopen, which leads to a use-after-free situation...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Intel-Microcode
Information exposure due to microarchitectural states after transient execution in certain vector execution units of some Intel processors may allow an authenticated user to potentially enable information disclosure through local access...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In rndisqueryoid in drivers/net/wireless/rndiswlan.c within the Linux kernel, from version 6.1.5 onwards, there is an integer overflow in a mathematical operation...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: nbd: Null check for nlaneststart nlaneststart may fail and return NULL. A check should be added, and errno should be set based on other calls within the same source code...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: iouring: Any code related to SCMRIGHTS has been removed. This is dead code after we stopped supporting the use of iouring for handling file I/O via SCMRIGHTS; it can now be discarded...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: iouring/afunix: disabling the sending of iouring via sockets File reference cycles have caused many problems for iouring in the past. It still doesn’t work correctly, and it causes race conditions with unixstreamreadgeneric. The...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ceph: fixed a deadlock or deadcode issue caused by misuse of dget. The lock order between denty and its parent is incorrect; we should always ensure that the parent gets the lock first. However, since this deadcode is never used,...