110 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bpf: Do not report a verification bug for missing bpfsccvisit calls on speculative execution paths. Syzbot generated a program that triggers a verifierbug call in maybeexitscc. maybeexitscc assumes that, when called for a state...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: i2c: validation of user data in compact ioctl commands. Incorrect user data may cause warnings in i2ctransfer. For example, it may result in zero messages being sent. Userspace should not be able to trigger such warnings...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: The queuelock must be held when removing blkg-qnode. When blkg is removed from q-blkglist in the blkgfreeworkfn function, the queuelock must be held. Otherwise, various bugs such as list corruption, hard lockups, etc...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Block devices with logical block size page size will be rejected when THP is disabled. If THP is disabled and there are block devices with logical block size page size, the following nullptrderef panic occurs during boot: 13.2 mK...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: it6505: Initialize AUX channel in it6505i2cprobe During device booting, the HPD interrupt might be triggered before the DRM subsystem registers it6505 as a DRM bridge. In such cases, the driver attempts to access the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek – Add an interface release flow when USB is disconnected. MediaTek claims that there is a special USB interface for ISO data transmission. This interface must be released before unregistering an HCI...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: nvmet: fixed an out-of-bounds access in nvmetenableport. When attempting to enable a port for which no transport is currently configured, nvmetenableport uses NVMFTRTYPEMAX 255 to query the transports array, resulting in an...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mlxbfgige: Stop interface during shutdown The mlxbfgige driver intermittently encounters a NULL pointer exception when the system is shutting down via the “reboot” command. The mlxbfdriver will experience an exception immediately...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: HID: core: fix shift-out-of-bounds in hidreportrawevent Syzbot reported a shift-out-of-bounds issue in hidreportrawevent. microsoft 0003:045E:07DA.0001: hidfieldextract called with n 128 32! swapper/0 UBSAN: shift-out-of-bounds i...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: coda: A check for kmalloc has been added. Since kmalloc may return a NULL pointer, it is better to check the return value to avoid dereferencing a NULL pointer, just like with the other cases...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: media: cxusb: No longer judges rbuf when the write fails syzbot reported a uninit-value in cxusbi2cxfer. Only when the write operation of usbbulkmsg in dvbusbgenericrw succeeds and rlen is greater than 0, the read operation of...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Revert “usb: typec: ucsi: add a common function ucsiunregisterconnectors”. The recent commit 87d0e2f41b8c “usb: typec: ucsi: add a common function ucsiunregisterconnectors” introduced a regression that caused NULL dereferencing...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Remove clkdisable from mtkiommuremove. After the commit b34ea31fe013 “iommu/mediatek: Always enable the clk on resume”, the iommu clock is controlled by the runtime callback. Therefore, the clkdisable function is...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fixed a race condition in amdteeopenSession. There is a potential race condition in amdteeopenSession that may lead to a use-after-free. For example, in amdteeopenSession, after sess-sessmask is set, and before the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: smb: Client: Fixed an error in parsing OOB read responses for symlinks. When a CREATE command returns STATUSSTOPPEDONSYMLINK, the smb2checkmessage function returns success without performing any length validation. As a result,...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed the requestsock leak in sk lookup helpers A customer reported a requestsocket leak in a Calico cloud environment. We found that a BPF program was performing a socket lookup, taking a reference count of the socket. It w...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: futex: The correct exit path should be used when exiting from futexhashallocatedefault. The copyprocess function uses the wrong error exit path from futexhashallocatedefault. After exiting from futexhashallocatedefault, neither...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: soundwire: Reverted “soundwire: qcom: Add setchannelmap API support”. This reversion corresponds to commit 7796c97df6b1b2206681a07f3c80f6023a6593d5. This patch caused issues with Dragonboard 845c sdm845. The following errors...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Fixed NULL pointer dereferencing in nilfspalloccommitfreeentry. Syzbot reported a NULL pointer dereferencing bug: NILFS loop0: segctord started. Construction interval = 5 seconds, CP frequency 3c 02 00 0f 85 26 05 00 0...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: media: vidtv: psi: Added a check for kstrdup. Added a check on the return value of kstrdup, and return an error if it fails, in order to avoid NULL pointer dereferencing...