4989 matches found
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: perf/smmuv3: Fixed the hotplug callback leak in armsmmupmuinit. armsmmupmuinit does not remove the callback added by cpuhpsetupstatemulti when platformdriverregister fails. The callback must be removed by cpuhpremovemultistate in...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: testfirmware: fixed a memory leak in testfirmwareinit. When miscregister failed in testfirmwareinit, the memory pointed to by testfwconfig-name was not released. The memory leak information is as follows: Unreferenced object...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: ipmisi: fixed a memory leak in trysmiinit Kmemleak reported the following information regarding the memory leak in trysmiinit: Unreferenced object 0xffff00018ecf9400 size 1024: Command "modprobe", PID 2707763, jiffies 43008514...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: Avoid using the nfcthelperhash after the free operation. If the nfconntrackinitstart function fails for example, due to a registernfconntrackbpf failure, the nfconntrackhelperfini function frees the...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: net: fec: fixed the potential memory leak in fecenetinit. If the memory allocated for cbdbase fails, it should free the memory allocated for the queues; otherwise, a memory leak will occur. And if the memory allocated for the...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
Astra Linux – Vulnerability in ffmpeg
In FFmpeg 4.4, the adtsdecodeextradata function in libavformat/adtsenc.c does not check the return value of initgetbits. This is a necessary step, as the second argument of initgetbits can be manipulated...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: In the net subsystem, it is now allowed only for the init netns to set the default tcpcongestioncontrol to a restricted algorithm. The tcpsetdefaultcongestioncontrol function is netns-safe because it writes to...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fixed another slab-out-of-bounds issue in fib6nhflushexceptions While running the self-tests on a KASAN-enabled kernel, I observed a slab-out-of-bounds issue that was very similar to the one reported in commit 821bbf79fe46...
Astra Linux - уязвимость в poppler
The JPXStream::init function in Poppler 0.78.0 and earlier does not check for negative values of stream length, which can lead to an Integer Overflow. This allows an attacker to allocate a large memory chunk on the heap, with the size controlled by them. This issue was demonstrated by pdftocairo...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/nouveau: Avoid a use-after-free when BO init fails. nouveauboinit is backed by ttmboinit and passes its return value back to the caller. In case of failures, ttmboinit invokes the provided destructor, which should...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: fixed potential memory leaks. In the function amdgpugetxgmihive, when kobjectinitandadd fails, there is a potential memory leak if kobjectput is not called...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: ARM: davinci: da850evm: Avoid NULL pointer dereferencing In newer versions of GCC, a panic occurs in da850evmconfigemac when booting multiv5defconfig in QEMU under the palmetto-bmc machine. The issue arises from attempting to...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fixed a potential memory leak in otx2inittc. In otx2inittc, if rhashtableinit fails, the variable tc-tcEntriesBitmap, which is allocated from otx2tcallocEntbitmap, is not freed...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: unexport init-annotated seg6hmacinit EXPORTSYMBOL and init are a poor combination because the .init.text section is freed after initialization. As a result, modules cannot use symbols annotated with init. Access to a...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: net: mdio: unexport init-annotated mdiobusinit EXPORTSYMBOL and init are a bad combination because the .init.text section is freed after initialization. As a result, modules cannot use symbols annotated with init. Accessing a fre...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: Tracing: Fixed a potential double-free issue in createvarref. In createvarref, initvarref is called to initialize the fields of the reffield variable. This variable is allocated in the previous function call, to createhistfield...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: A bug in pvr2i2ccoreinit caused an array-index-out-of-bounds issue. Syzbot reported that -1 was used as an array index. The problem stemmed from a missing validation check. The variable hdw-unitnumber was...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/hns: Fixed a NULL pointer issue in freemrinit. A lock grab occurs in a concurrent scenario, resulting in dereferencing a NULL pointer. This issue should be addressed by using initmutexinit before attempting to lock...
Astra Linux - уязвимость в sox
In SoX 14.4.2, there is an assertion failure in rateinit in rate.c in libsox.a...