Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: Staging: vt6655 – Fixed some erroneous memory cleanup loops. In some initialization functions of this driver, memory is allocated using ‘i’ as an index variable, with the value increasing from 0. The “Fixes” section includes...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Networks: hns3 – The use of numtqps in the vf driver to allocate resources. Currently, hdev-htqp is allocated using hdev-numtqps, and kinfo-tqp is allocated using kinfo-numtqps. However, kinfo-numtqps is set to minnewtqps,...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: LoongArch: All reserved memblocks on Node0 are set at initialization. After the commit 61167ad5fecdea "mm: pass nid to reservebootmemregion", a panic occurs if DEFERREDSTRUCTPAGEINIT is enabled: 0.000000 CPU 0 Unable to handle...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ARM: rockchip: fixed a kernel hang during SMP initialization To enable the secondary CPUs’ main CPU write trampoline code to SRAM, the trampoline code is written while the secondary CPUs are powered on at least this is true fo...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xsk: Fixed corrupted packets for XDPSHAREDUMEM. A problem was addressed in the XDPSHAREDUMEM mode, along with the aligned mode, where packets become corrupted for the second and any subsequent sockets bound to the same umem. In...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: batman-adv: fix error handling Syzbot reported an ODEBUG warning in batadvncmeshfree. The problem lay in incorrect error handling in batadvmeshinit. Before this patch, batadvmeshinit would call batadvmeshfree in case any...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Initialization of ddpcomp using devmkcalloc In the case where connroutes is true, an additional slot is allocated in the ddpcomp array. However, the mtkdrmcrtccreate function never seems to initialize this slot duri...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fixed a deadlock in contextxa. The lock on ivpudevice-contextxa is locked both in the kernel thread and in the IRQ context. It requires the XAFLAGSLOCKIRQ flag to be passed during initialization. Otherwise, the lock...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: initialize registers in nftdochain The registers were initialized to prevent a stack leak into the user space...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: myrs: Fixed a crash in the error case In myrsdetect, cs-disableintr is a NULL pointer when privdata-hwinit fails with a non-zero value. In this case, myrscleanupcs will attempt to dereference a NULL pointer, causing the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vf: Performing early GT MMIO initialization to read the GMDID. VFs need to communicate with the GuC to obtain the GMDID value. Existing GuC functions that use this information assume that the GT has already set up its MMIO...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register the event handler until the srpt device is fully set up. In rare cases, KASAN reports a use-after-free error in the srptrefreshport function. This appears to occur because the event handler is registere...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Input: uinput – zero-initializing uinputff UploadCompat to prevent information leakage. The struct ffeffectcompat is embedded twice within uinputff UploadCompat and contains internal padding. In particular, there is a gap after...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: refscale: Uninitialized use of waitqueueheadt was fixed. Running the refscale test occasionally causes the kernel to crash with the following error: 8569.952896 BUG: Unable to handle a page fault for address: ffffffffffffffe8...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ipmi: ssif: Initialize ssifinfo-client early. During the probe for ssifinfo-client, it is dereferenced incorrectly. However, this value is set after some error checking has already been performed. This causes a kernel crash if an...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fixed the slab-use-after-free read issue in rxequeuecleanup. Call Trace: dumpstack lib/dumpstack.c:94 inline dumpstacklvl+0x7d/0xa0 lib/dumpstack.c:120 printaddressdescription mm/kasan/report.c:378 inline...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Initialize freeqp completion before using it. In irdmacreateqp, if ibcopytoudata fails, it will call irdmadestroyqp to clean up. This process will attempt to wait for the completion of freeqp, but freeqp has not yet...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: udplite: Fixed null-ptr-deref in udpenqueuescheduleskb. syzbot reported null-ptr-deref of udpsksk-udpprodqueue. 0 Since the referenced commit, udplibinitsock may fail, as may udpinitsock and udpv6initsock. We need to handle th...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: util: Avoid accessing a ringbuffer that is not initialized yet. If the KVP or VSS daemon starts before the VMBus channel’s ringbuffer is fully initialized, we can encounter a panic as follows: hvutils: Registering th...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: usb: aqc111: Fixed error handling of usbnet read calls Syzkaller, with the help of syzbot, identified an error in the aqc111 driver. This error was caused by incomplete sanitization of the results of usbnet read calls. Th...