Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: pinctrl: mediatek: eint: Fixed invalid pointer dereferencing for v1 platforms The commit 3ef9f710efcb “pinctrl: mediatek: Added EINT support for multiple addresses” introduced an access to the ‘soc’ field of the struct mtkpinctrl...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: serial: liteuart: Fixed a NULL pointer dereferencing in -remove. The drvdata parameter must be set in probe; otherwise, platformgetdrvdata causes a NULL pointer dereferencing bug in remove...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: isdn: mISDN: Fixed the sleeping function called from an invalid context. The driver can call the card-isac.release function from an atomic context. This issue was fixed by calling this function after releasing the lock. The...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ipmi: Fixed the use of a pointer after it is freed in ipmidestroyuser. The intffree function frees the “intf” pointer, so we cannot dereference it again in the next line...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: A potential memory leak has been fixed in qedrallocmr. The qedrallocmr function allocates a memory chunk for “mr-info.pbltable” using initmrinfo. When rdmaalloctid and rdmaregistertid fail, “mr” is released, but...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed the call trace in setuptxdescriptors. After a PF reset and the use of ethtool -t, there was a call trace in dmesg. Sometimes this led to a panic. After some time, approximately 5 seconds, between a reset and a test...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Separate handlers are used for interrupts. The interrupt vector from PF to AF, and the interrupt vector from VF to AF, both use the same interrupt handler. This causes a race condition. When two interrupts are raise...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Registers the VF in netvscprobe if NETDEVICEREGISTER was missed. If the hvnetvsc driver is unloaded and reloaded, the NETDEVICEREGISTER handler cannot successfully register the VF, as the register call is received befor...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: Fixed an issue where the index out of bounds occurred in the degamma hardware format translation. Fixed the issue where the index out of bounds occurred in the cmhelpertranslatecurvetodegammahwformat function...

Astra Linux - уязвимость в libmysofa

Incorrect handling of input data in the loudness function of the libmysofa library in versions 0.5 to 1.1 can lead to heap buffer overflows and access to unallocated memory blocks...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: usb: early: xhci-dbc: Fixed a potential out-of-bound memory access issue. If xdbcbulkwrite fails, the values in ‘buf’ can be anything. Therefore, the string is not guaranteed to be NULL-terminated when xdbcTrace is called. Reserv...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: PCI: Fixed NULL dereferencing in the error path during SR-IOV VF creation. Fixed issues where attempting to remove a device could lead to NULL pointer dereferencing. This issue occurred due to incorrect error handling when...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: jfs: Fixed the uninit-value access to imap allocated in the diMount function. The syzbot reports that hexdumptobuffer uses uninit-value: ===================================================== BUG: KMSAN: uninit-value in...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Tracing: Limit access to parser-buffer when tracegetuser fails. When the length of the string written to setftracefilter exceeds FTRACEBUFFMAX, the following KASAN alarm will be triggered: BUG: KASAN: Slab-out-of-bounds in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RISC-V: trace: fixed the deadlock caused by snapshots with sbiecall. If the functions in sbiecall.c are traceable, the command echo "sbiecall:snapshot" /sys/kernel/tracing/setftracefilter may cause the kernel to enter a deadlock...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: Fixed an access bug involving an uninitialized variable in ip6makeskb. Syzbot reported the following bugs: ===================================================== BUG: KMSAN: uninit-value in archatomic64inc...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: venus: Protection against spurious interrupts during probing. Make sure the interrupt handler is initialized before the interrupt is registered. If the IRQ is registered before hficreate, it’s possible that an interrupt...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: octeontx2-vf: Added a missing “free” field for “allocpercpu”. Added the “freepercpu” field for the allocated “vf-hw.lmtinfo” in order to avoid memory leaks, similar to the “pf-hw.lmtinfo” in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: fixed a potential buffer overflow in i2chidgetreport i2chidxfer is used to read recvlen + sizeofle16 bytes of data into ihid-rawbuf. The former can come from the user space of the hidraw driver, and is bounded by...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cachefiles: The issue of incorrect dentry refcount in cachefilescull has been fixed. The patch mentioned below changed cachefilesburyobject to expect 2 references to the ‘rep’ dentry. Three of the caller functions were changed to...