Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: dmstats: Check for and propagate the allocpercpu failure. Check the return value of allocprecpu, and return an error from dmstatsinit if it fails. Update allocdev to fail if dmstatsinit does. Otherwise, a NULL pointer dereferenci...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ice: fixed NULL access to tx-inuse in iceptptsirq. The E810 device supports a “low latency” firmware interface for accessing and reading Tx timestamps. This interface does not use the standard Tx timestamp logic, due to the laten...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: netpoll: Initialize the work queue before error checks. A kernel warning is prevented when the netconsole setup fails on devices with the IFFDISABLENETPOLL flag. The warning occurs because the cleanup path attempts to cancel...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: hns3: A deadlock issue was fixed when configuring TCP during the reset process. When configuring TCP during the reset process, a deadlock may occur. The sequence is as follows: 1. pf reset start 2. …… setup tc 3. ……...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mlxsw: Minor fix for a potential memory leak in mlxswmlinecardsinit. The line cards array is not freed during the error path of mlxswmlinecardsinit, which could lead to a memory leak. This issue was addressed by freeing the array...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Tracing: Fixed a race condition in kprobe initialization that could lead to NULL pointer dereferencing. There is a critical race condition in kprobe initialization that can cause NULL pointer dereferencing and result in a kern...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Video: fbdev: smscufx: Fixed null-ptr-deref in ufxusbprobe I received a report of a null-ptr-deref issue: Bug: NULL pointer dereferencing in the kernel; address: 0000000000000000 … RIP: 0010:fbdestroymodelist+0x38/0x100 … Call...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: hid: cp2112: Fix duplicate workqueue initialization Previously, the cp2112 driver called INITDELAYEDWORK within cp2112 gpioirqstartup, resulting in duplicate initializations of the workqueue during subsequent IRQ starts after an...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cifs: Some missing initializations occurred during replay. In several places in the code, we have a label that indicates the start of a section where a request can be replayed if necessary. However, some of these places lacked th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Limiting the number of signal/freq counts in summary output functions The debugfs summary output could access uninitialized elements in the freqin and signalout arrays, leading to NULL pointer dereferences and triggerin...

Astra Linux - уязвимость в libreoffice

Exposure of environmental variables and arbitrary INI file values to unauthorized actors is a vulnerability in The Document Foundation LibreOffice. URLs that expand environmental variables or INI file values may lead to potentially sensitive information being exfiltrated to a remote server upon...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Firmware: armscmi: Account for failed debug initialization. When the SCMI debug subsystem fails to initialize, the related debug root will be missing, and the underlying descriptor will be NULL. This fault condition should be...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: sock: The protection check for psock vs. ULP needs to be reimplemented. Commit 8a59f9d1e3d4 “sock: Introduce sk-skprot-psockupdateskprot” has moved the inetcskhasulpsk check from skpsockinit to the new tcpbpfupdateproto function....

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: tun: Avoid double-free in tunfreenetdev Avoid double-free in tunfreenetdev by moving the dev-tstats and tun-security allocations to a new ndoinit routine tunnetinit, which will be called by registernetdevice. ndoinit is paired wi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed a possible memory leak in bnxtrdmaauxdeviceinit. If ulp = kzalloc fails, the allocated edev will leak because it is not properly assigned, and the cleanup mechanism will not be able to free it. This issue was fixed ...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: i3c: master: mipi-i3c-hci: A kernel panic occurs when accessing DATdata. The i3cmasterbusinit function may attach the I2C devices before I3C bus initialization. In this case, the DAT allocentry will be used before the DAT init...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: Fixed the PCI device reference count leak in mt7915pciinithif2. According to the comments on pcigetdevice, it returns a pcidevice with its reference count increased. We need to call pcidevput to decrease the referen...

Astra Linux - уязвимость в sqlite3

SQLite version 3.31.1 allows attackers to cause a denial of service segmentation fault through a malformed window-function query, due to improper handling of the initialization of the AggInfo object...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: um: initcputasks earlier. This issue is currently handled in umlfinishsetup. However, for example, when KCOV is enabled, this can cause crashes. This happens because some initialization code may call functions like memparse, whic...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: go7007: fix a memleak in go7007loadencoder In go7007loadencoder, the variable bounce i.e., go-bootfw is allocated without subsequent deallocation. After the following call chain: saa7134go7007init | | - go7007bootencoder |...