8671 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Initialize Xen timer only once Add a check for existing xen timers before initializing a new one. Currently kvmxeninittimer is called on every KVMXENVCPUATTRTYPETIMER, which is causing the following ODEBUG crash whe...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: nbd: always initialize struct msghdr completely syzbot complains that msg-msggetinq value can be uninitialized 1 struct msghdr got many new fields recently, we should always make sure their values is zero by default. 1 BUG: KMSAN...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: nvmet: pci-epf: Do not complete commands twice if nvmetreqinit fails Have nvmetreqinit and req-execute complete failed commands. Description of the problem: nvmetreqinit calls nvmetreqcomplete internally upon failure, e.g.,...
Astra Linux - уязвимость в firefox
A use-after-free could occur if a JavaScript realm was being initialized when a garbage collection started. This vulnerability affects Firefox versions earlier than 125...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed a NULL pointer derefrence issue in bnxtptpenable during error cleanup. When bnxtinitone fails during initialization e.g., bnxtinitintmode returns -ENODEV, the error handling code calls bnxtfreehwrmresources, which...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: Initialize rcvmss before calling tcpsendactivereset in mptcpdofastclose. syzbot reported a divide-by-zero issue in tcpselectWindow for MPTCP sockets. 0 We had a similar issue with bare TCP and fixed it in commit 499350a5a6...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net/sched: Abort tcmodifyqdisc if parent class does not exist Lion's patch 1 revealed an ancient bug in the qdisc API. Whenever a user creates/modifies a qdisc specifying as a parent another qdisc, the qdisc API will, during...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate index root when initialize NTFS security This enhances the sanity check for $SDH and $SII while initializing NTFS security, guarantees these index root are legit. 162.459513 BUG: KASAN: use-after-free in...
Astra Linux - уязвимость в linux-5.15, linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: brcmfmac: return error when getting invalid maxflowrings from dongle When firmware hit trap at initialization, host will read abnormal maxflowrings number from dongle, and it will cause kernel panic when doing iowrite to initiali...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerabilities have been resolved: ip6tunnel: Ensure that the inner header is pulled in ip6tnlrcv. syzbot found that ip6tnlrcv could access unitized data 1. Call pskbinetmaypull to fix this, and initialize the ipv6h variable after this call, as it can change...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: jfs: fixed a UAF in jfsevict inode. When the execution of diMountipimap fails, the object ipimap that has been released may be accessed in diFreeSpecial. Asynchronous release of ipimap occurs when rcucore calls jfsfreenode...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: ath11k – The “clear initialized flag” for deinitialized srng lists In several cases, we observe kernel panics upon resuming operations due to ath11k kernel page faults. This occurs under the following circumstances: 1...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: leds: mlxreg: Use devmmutexinit for mutex initialization In this driver, LEDs are registered using devmledclassdevregister, so they are automatically unregistered after the module’s remove function is called. The...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: iio: adc: rockchipsaradc: fix information leak in triggered buffer The 'data' local struct is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: iio: imu: kmx61: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: The default value for “denominator” is initialized to 1. WHAT & HOW Variables that are used as denominators and may not be assigned to other values should be initialized to a non-zero value to avoid “DIVIDEBYZERO...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: mtd: nand: ecc-mxic: Fix use of uninitialized variable ret If ctx-steps is zero, the loop processing ECC steps is skipped, and the variable ret remains uninitialized. It is later checked and returned, which leads to undefined...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerabilities have been resolved: ath9k: Fixed a use-after-free in ath9khifusbrxcb. Syzbot reported a use-after-free during the Read operation in ath9khifusbrxcb. The problem stemmed from incorrect initialization of htchandle-drvpriv. A possible call trace tha...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: nfsd: Initialize ssc before laundromatwork to prevent NULL dereference In nfs4statestartnet, laundromatwork may access nfsd4sscexpireumount through nfs4laundromat. If nfsd4ssc is not initialized, this can lead to a NULL pointer...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix race condition for gdev-srcu If two drivers were calling gpiochipadddatawithkey, one may be traversing the srcu-protected list in gpionametodesc, meanwhile other has just added its gdev in gpiodevaddtolistunlocked...