4989 matches found
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fixed an invalid unregistererrorpath path. The error path of seg6init is incorrect when the CONFIGIPV6SEG6LWTUNNEL configuration option is not defined. In such cases, if seg6hmacinit fails, the genlunregisterfamily...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Tracing: Build event generation tests are performed only as modules. The kprobes and synth event generation test modules add events and lock them get a reference to those event files in the module initialization function, and...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: staticcall: Properly handle module initialization failures in staticcalldelmodule. Module insertion invokes staticcalladdmodule to initialize the static calls within a module. staticcalladdmodule calls staticcallinit, which...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Unregister notifier on eswitch init failure Otherwise, the notifier remains registered, and a subsequent attempt to enable eswitch may trigger warnings of the following type: 682.589148 ------------ Cut here -----------...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: nuvoton: A error check in npcmvideoeceinit has been fixed. When the functionoffinddevicebynode fails, it returns NULL instead of an error code. Therefore, the corresponding error check logic should be modified to check...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: amdkfd: The gangctxbo memory object is properly freed when attempting to initialize the user queue. The destructor of the gtt bo is declared as: void amdgpuamdkfdfreegttmemstruct amdgpudevice adev, void memobj; This function take...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fixed a crash in the cmaneteventworkhandler function. The struct rdmacmid structure has a member “struct workstruct network”, which is reused to queue cmaneteventworkhandler functions onto the cmawq queue. The crash1 ca...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Added a check for the return value of getzeroedpage. Also, added a check for the return value of getzeroedpage in sclpconsoleinit to prevent null pointer dereferencing. Furthermore, to address the memory leak caused by...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bnxten: Error handling in bnxtinitchip has been fixed. The WARNON function is triggered in flushwork if bnxtinitchip fails because we call cancelworksync on dim work that has not been initialized. WARNING: CPU: 37, PID: 5223, at...
Astra Linux – Vulnerability in ffmpeg
In FFmpeg 4.4, the file libavcodec/dnxhddec.c does not check the return value of the initvlc function. This is a similar issue to CVE-2013-0868...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftlimit: avoided a possible division error in nftlimitinit divu64 divides an u64 value by an u32 value. nftlimitinit attempts to divide an u64 value by another u64 value; the appropriate math function div64u64 shou...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: fixed a use-after-free in twtimerhandler A real-world panic issue was discovered in Linux 5.4. The details of the issue are as follows: - Bug: Unable to handle a page fault for the address: ffffde49a863de28 - Memory layout:...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: misc/libmasm/module: Two use-after-free operations in ibmasminitone have been fixed. In ibmasminitone, it calls ibmasminitremoteinputdev. Inside ibmasminitremoteinputdev, mousedev and keybddev are allocated by inputallocatedevice...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: phy: phy-mtk-tphy: Fixed some resource leaks in mtkphyinit. Used clkdisableunprepare in the error path of mtkPhyInit to address some resource leaks...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: usb: dwc3-meson-g12a: Fixed an issue where the USB2 PHY glue initialization was performed when PHY0 was disabled. When only PHY1 is used for example, on Odroid-HC4, the regmap initialization code uses USB2 ports without...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/msm/a4xx: Fixed error handling in a4xxgpuinit. This code now returns 1 on error instead of a negative error. This leads to an “Oops” in the calling function. Another issue is that the check if ret != -ENODATA cannot be tru...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: xfrm: unexport init-annotated xfrm4protocolinit EXPORTSYMBOL and init are a poor combination, as the .init.text section is freed after initialization. As a result, modules cannot use symbols annotated with init. Accessing a...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: The refcount leak in a6xxgpuinit has been fixed. The ofparsephandle function returns a node pointer with the refcount incremented. We should use ofnodeput on this pointer when we no longer need it. The a6xxgmuinit...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: tick/nohz: unexport init-annotated ticknohzfullsetup EXPORTSYMBOL and init are a bad combination because the .init.text section is freed after initialization. As a result, modules cannot use symbols annotated with init. Accessing...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp4: Fixed a refcount leak in mdp4modesetinitintf. In the function ofgraphgetremotenode, the remote device node pointer is returned with the refcount incremented. We should use ofnodeput on it when it is no longer needed...