8688 matches found
Astra Linux - уязвимость в libslirp
An invalid pointer initialization issue was discovered in the SLiRP networking implementation of QEMU. The flaw resides in the tftpinput function and can occur when processing an UDP packet that is smaller than the size of the ‘tftpt’ structure. This issue may lead to out-of-bounds read access or...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Driver Core: Class: Fixed wild pointer dereferencing in the API classdeviternext. There is a potential issue of wild pointer dereferencing related to the APIs classdeviterinit|next|exit. This issue arises from the following typic...
Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfsetpipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. After each round in the map search step, the result a...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Terminating the subsequent process of initialization failure syzbot reported a slab-use-after-free Read in vidtvmuxinit. 1 After PSI initialization fails, the si member is accessed again, resulting in this uaf. Afte...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix nfsd4encodefattr4 crasher Ensure that args.acl is initialized early. It is used in an unconditional call to kfree on the way out of nfsd4encodefattr4...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: fbcon: Fix a NULL pointer dereference issue in fbconputcs syzbot has found a NULL pointer dereference bug in fbcon. Here is the simplified C reproducer: struct param uint8t type; struct tioclselection ts; ; int main struct...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ocfs2: Free inode when ocfs2getinitinode fails The syzbot is reporting busy inodes after unmount, for commit 9c89fe0af826. “ocfs2: Handle error from dquotinitialize” forgot to call iput when newinode succeeded and dquotinitialize...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null-initialized variables WHAT & HOW drrtiming and subvppipe are initialized to null and they are not always assigned new values. It is necessary to check for null before dereferencing. This fixes 2...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl-asoc-card: Set priv-pdev before using it. The priv-pdev pointer was set after being used in fslasoccardaudmuxinit. This assignment should be moved to the beginning of the probe function, so that sub-functions can...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: hfsplus: fixed an issue with uninit-value in copyname Bug reported by syzbot BUG: KMSAN: uninit-value in sizedstrscpy+0xc4/0x160 sizedstrscpy+0xc4/0x160 copyname+0x2af/0x320 fs/hfsplus/xattr.c:411 hfspluslistxattr+0x11e9/0x1a5...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix NULL-deref on irq uninstall In case of early initialisation errors and on platforms that do not use the DPU controller, the deinitilisation code can be called with the kms pointer set to NULL. Patchwork:...
Astra Linux - уязвимость в linux-5.10
A flaw was discovered in the way the “flags” member of the new pipe buffer structure lacked proper initialization in the copypagetoiterpipe and pushpipe functions of the Linux kernel. As a result, these members could contain stale values. An unprivileged local user could exploit this flaw to writ...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: ipvs: fix WARNING in ipvsappnetcleanup During the initialization of ipvsappnetinit, if file ipvsapp fails to be created, the initialization is successful by default. Therefore, the ipvsapp file doesn't be found during the remove ...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Fix NULL pointer deference in mtkiommudevicegroup Currently, mtkiommu calls during probe iommudeviceregister before the hwlist from driver data is initialized. Since iommu probing issue fix, it leads to NULL point...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Media: MediTech; vcodec: Fixed a resource leak related to the scp device during firmware initialization. On MediTech devices with a System Companion Processor SCP, the mtkscp structure must be explicitly removed to avoid a resour...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix error unwind in rxecreateqp In the function rxecreateqp, rxeqpfrominit is called to initialize qp, internally things like the spin locks are not setup until rxeqpinitreq. If an error occures before this point then t...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm: Check output polling initialized before disabling In drmkmshelperpolldisable check if output polling support is initialized before disabling polling. If not flag this as a warning. Additionally in drmmodeconfighelpersuspend...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ip6mr: Fixed the UAF issue in ip6mrskDone, where a invalid pointer access occurred when addrconfinitnet failed. If the initialization of devconfall fails during the call to addrconfinitnet, the pointer devconfall has been...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: NFSD: Initialize struct nfsd4copy earlier. Ensure that the refcount and asynccopies fields are initialized early. The cleanupasynccopy function will reference these fields if an error occurs in nfsd4copy. If these fields are not...
Astra Linux - уязвимость в sox
In SoX 14.4.2, there is an assertion failure in rateinit in rate.c in libsox.a...