Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Input: appletouch – Initialize work before device registration. Syzbot has reported a warning in flushwork. This warning occurs due to work-func == NULL, which indicates missing work initialization. This could happen because...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm/hisilicon/hibmc: fixed the issue where hibmc loaded failed. When hibmc loaded failed, the driver used hibmcunload to free the resource, but the mutexes in mode.config were not initialized, which would access a NULL pointer...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nfsd: fixed the initialization of legacy client tracking. The call to nfsd4legacytrackingops-init in checkforlegacymethods has been removed. This issue will be handled by the caller nfsd4clienttrackinginit. Otherwise, we will end...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm/memfd: Fixed an issue where information leaks occurred during the handling of hugetlb folios. When allocating hugetlb folios for memfd, three initialization steps are missing: 1. The folios are not zeroed, resulting in kern...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iio: temperature: mlx90635: Fixed the dereference of ERRPTR in mlx90635probe. When devmregmapiniti2c fails, regmapee can be an error pointer. Instead of checking ISERRregmapee, regmap is checked, which seems like a copy-paste err...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Prevent the use of a lock before it is initialized. If a failure occurs during the probe of hfi1 before the sdmamaplock is initialized, the call to hfi1freedevdata will attempt to use a lock that has not been...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixing access to uninitialized locks in the fc replay path The following kernel trace can be triggered with fstest generic/629 when executed against a filesystem with the fast-commit feature enabled: INFO: Trying to...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fix for crashes when mounting with quota enabled There is a reported crash occurring when mounting ocfs2 with quota enabled. RIP: 0010:ocfs2qinfolockresinit+0x44/0x50 ocfs2 Call Trace: ocfs2localreadinfo+0xb9/0x6f0 ocfs2...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: lib/testkho: Check whether KHO is enabled. We must check whether KHO is enabled before issuing KHO commands; otherwise, the KHO internal data structures will not be initialized...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer. Since the report buffer is used by various drivers in various ways, let’s initialize it to zero during allocation, so that it cannot ever be used to leak kernel memory through special...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fixed the issue of null pointer dereference on the pointer edp. The pointer dev is initialized, and the pointer edp is dereferenced before edp is checked for being null. This could lead to a null pointer dereference issu...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: avoiding a garbage value in panthorioctldevquery The ‘prioritiesinfo’ field is uninitialized, and the uninitialized value is copied to the user object when calling PANTHORUOBJSET. Using memset to initialize...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: vhost/vsock: Always initialize seqpacketallow. There are two issues related to seqpacketallow: 1. seqpacketallow is not initialized when a socket is created. As a result, if no features are set, it will be read uninitialized. ...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed the overloading of the meaning of MEMUNINIT Lonial reported an issue in the BPF verifier, where checkmemsizereg contains the following code: c if !tnumisconstreg-varoff / For unprivileged variable accesses, disable raw...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Block: Initialize the integrity buffer to zero before writing it to the media. The metadata added by biointegrityprep uses the plain kmalloc function, which causes random kernel memory to be written to the media. For PI metadata,...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg – Zero initialize memory allocated via sockkmalloc Several crypto user API contexts and requests that were allocated using sockkmalloc were left uninitialized. This caused problems as callers had to explicitly set t...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/hns: Fixed the use of spinunlockirqrestore when IRQs are enabled. Fixed incorrect use of spinlockirq/spinunlockirq when spinlockirqsave/spinlockirqrestore was held. This issue was discovered through lock debugging, and th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: fixed the error message. Since committing the patch 79a6d1bfe114 “can: gsusb: gsusbreceivebulkcallback: error in usbsubmiturb, a failed resubmit operation will print an information message”, ...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Add a check for a null pointer when cleaning up the lpfcvport structure. If a call to lpfcsli4readrev from lpfcsli4hbasetup fails, the resulting cleanup routine lpfcsli4vportdeletefcpxriaborted may occur before the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Do not enumerate SPDIF1 during DAIO initialization The recent refactoring of the xfi driver changed the way the assignment of atc-daios in atcgetresources works. Previously, only a subset of the DAIOTYP entries was...