4989 matches found
Astra Linux – Vulnerability in ffmpeg
In FFmpeg 4.4, the file libavcodec/dnxhddec.c does not check the return value of the initvlc function. This is a similar issue to CVE-2013-0868...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftlimit: avoided a possible division error in nftlimitinit divu64 divides an u64 value by an u32 value. nftlimitinit attempts to divide an u64 value by another u64 value; the appropriate math function div64u64 shou...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: fixed a use-after-free in twtimerhandler A real-world panic issue was discovered in Linux 5.4. The details of the issue are as follows: - Bug: Unable to handle a page fault for the address: ffffde49a863de28 - Memory layout:...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: misc/libmasm/module: Two use-after-free operations in ibmasminitone have been fixed. In ibmasminitone, it calls ibmasminitremoteinputdev. Inside ibmasminitremoteinputdev, mousedev and keybddev are allocated by inputallocatedevice...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: phy: phy-mtk-tphy: Fixed some resource leaks in mtkphyinit. Used clkdisableunprepare in the error path of mtkPhyInit to address some resource leaks...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: usb: dwc3-meson-g12a: Fixed an issue where the USB2 PHY glue initialization was performed when PHY0 was disabled. When only PHY1 is used for example, on Odroid-HC4, the regmap initialization code uses USB2 ports without...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/msm/a4xx: Fixed error handling in a4xxgpuinit. This code now returns 1 on error instead of a negative error. This leads to an “Oops” in the calling function. Another issue is that the check if ret != -ENODATA cannot be tru...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: xfrm: unexport init-annotated xfrm4protocolinit EXPORTSYMBOL and init are a poor combination, as the .init.text section is freed after initialization. As a result, modules cannot use symbols annotated with init. Accessing a...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: The refcount leak in a6xxgpuinit has been fixed. The ofparsephandle function returns a node pointer with the refcount incremented. We should use ofnodeput on this pointer when we no longer need it. The a6xxgmuinit...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: tick/nohz: unexport init-annotated ticknohzfullsetup EXPORTSYMBOL and init are a bad combination because the .init.text section is freed after initialization. As a result, modules cannot use symbols annotated with init. Accessing...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp4: Fixed a refcount leak in mdp4modesetinitintf. In the function ofgraphgetremotenode, the remote device node pointer is returned with the refcount incremented. We should use ofnodeput on it when it is no longer needed...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb:dwc2: Fixed a memory leak in dwc2hcdinit The usbcreatehcd function allocates memory for the hcd structure. We should call usbputhcd to free that memory when platformgetresource fails, thereby preventing the memory leak. To fi...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport init-annotated hvinitclocksource EXPORTSYMBOL and init are a poor combination, as the .init.text section is freed after initialization. As a result, modules cannot use symbols annotated with init...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net/smc: Fixed a possible leak of the pernet namespace in smcinit. In smcinit, registerpernetsubsys&smcnetstatops is called without any error handling. If this call fails, the registration of &smcnetops will not be reversed. And ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mm/slub: Avoid zeroing the freepointer when dealing with single free objects. The commit 284f17ac13fe “mm/slub: Handle bulk and single object freeing separately” divides the handling of single and bulk object freeing into two...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: platform/surface: aggregator: Add a missing call to ssamrequestsyncfree Although rare, ssamrequestsyncinit can fail. In that case, the request should be freed using ssamrequestsyncfree. Currently, the request is instead leaked. F...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix a possible memory leak in iiosysfsTrigInit The devsetname function allocates memory for the device name. This memory needs to be freed when deviceadd fails. After calling putdevice, the reference held by...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: ena: Fixed error handling in enainit. The enainit function no longer destroys the workqueue created by createsinglethreadworkqueue when pciregisterdriver fails. Instead, call destroyworkqueue when pciregisterdriver fails to...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fixed the null-ptr-deref issue in ibcorecleanup. KASAN reported a null-ptr-deref error: KASAN: Null pointer dereferencing in the range 0x0000000000000118–0x000000000000011f. CPU: 1; PID: 379. Hardware name: QEMU Standa...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net: dsa: Fixed possible memory leaks in dsaloopinit. kmemleak: Reported memory leaks in dsaloopinit: kmemleak: 12 new suspected memory leaks. Unreferenced object 0xffff8880138ce000 size 2048: comm "modprobe", pid 390, jiffies...