Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fixed the issue of null pointer dereference on the pointer edp. The pointer dev is initialized, and the pointer edp is dereferenced before edp is checked for being null. This could lead to a null pointer dereference issu...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: fixed the error message. Since committing the patch 79a6d1bfe114 “can: gsusb: gsusbreceivebulkcallback: error in usbsubmiturb, a failed resubmit operation will print an information message”, ...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/hns: Fixed the use of spinunlockirqrestore when IRQs are enabled. Fixed incorrect use of spinlockirq/spinunlockirq when spinlockirqsave/spinlockirqrestore was held. This issue was discovered through lock debugging, and th...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg – Zero initialize memory allocated via sockkmalloc Several crypto user API contexts and requests that were allocated using sockkmalloc were left uninitialized. This caused problems as callers had to explicitly set t...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Input: appletouch – Initialize work before device registration. Syzbot has reported a warning in flushwork. This warning occurs due to work-func == NULL, which indicates missing work initialization. This could happen because...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer. Since the report buffer is used by various drivers in various ways, let’s initialize it to zero during allocation, so that it cannot ever be used to leak kernel memory through special...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Block: Initialize the integrity buffer to zero before writing it to the media. The metadata added by biointegrityprep uses the plain kmalloc function, which causes random kernel memory to be written to the media. For PI metadata,...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: iio: pressure: zpa2326: fix information leak in triggered buffer The “sample” local struct is used to push data to user space from a triggered buffer. However, there is a flaw in this structure regarding the values of temperature...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: btrfs: Reinitialize the delayed ref list after deleting it from the list In the insertdelayedref function, if we need to update the action of an existing ref to BTRFSDROPDELAYEDREF, we delete the ref from its refhead’s refaddlist...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Do not enumerate SPDIF1 during DAIO initialization The recent refactoring of the xfi driver changed the way the assignment of atc-daios in atcgetresources works. Previously, only a subset of the DAIOTYP entries was...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Add a check for a null pointer when cleaning up the lpfcvport structure. If a call to lpfcsli4readrev from lpfcsli4hbasetup fails, the resulting cleanup routine lpfcsli4vportdeletefcpxriaborted may occur before the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: tty: vt: initialize unicode screen buffer The syzbot report indicates a kernel vulnerability at the vcsread function 1. The buffer can be read immediately after the resizing operation. The buffer is initialized using kzalloc. c...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: GPIO: Restrict the use of GPIO chip IRQ members before initialization The IRQ members of the GPIO chip are exposed before they can be fully initialized, which leads to race conditions. One such issue was observed with the...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: i40e: Fixed the issue of freeing uninitialized misc IRQ vectors. When the VSI setup failed in i40eprobe, as part of the PF switch setup, the driver tried to free misc IRQ vectors in i40eclearinterruptscheme, resulting in a kernel...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: i3c: mipi-i3c-hci: The error is now handled by BUGON in the IBI DMA setup. The condition “dmagetcachealignment” has a defined value greater than 256 during driver initialization; this is not a reason for BUGON. Instead, it...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: usb: asixdevices: The PHY address mask in MDIO bus initialization was corrected. Syzbot reported a out-of-bounds exception during MDIO bus initialization. The PHY address should be masked to 5 bits 0-31. Without this mask,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdkfd: Fixed error handling in kfdprocessdeviceinitvm. It is recommended to only destroy the ibmem and let the process cleanup worker free the outstanding BOs. Reset the pointer in the pdd-qpd structure to avoid NULL...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs: init flagsvalid before calling vfsfileattrget syzbot reported a uninit-value bug in 1. Similar to the “get” context, where the kernel’s filekattr structure is initialized before calling vfsfileattrget, we should use the same...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm: bridge: anx7625: Fixed NULL pointer dereferencing due to early interrupt requests. If an interrupt occurs before resource initialization is complete, the interrupt handler/worker may access uninitialized data, such as the I2...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: dropmonitor: corrected the incorrect initialization order. Syzkaller reports the following bug: BUG: spinlock magic values are incorrect on CPU1, syz-executor.0/7995. Lock value: 0xffff88805303f3e0, .magic: 00000000, .owner:...