110 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5648: Free V4L2 fwnode data on unbind The V4L2 fwnode data structure is not freed when it is unbound, resulting in a memory leak...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Double-free of rqxprtctxt while it is still in use. When a RPC request is deferred, the pointer rqxprtctxt is moved out of the svcrqst to the svcdeferredreq. When the deferred request is revisited, the pointer is copied...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: bdisp: Added a missing check for createworkqueue. Added a check on the return value of createworkqueue to avoid dereferencing a NULL pointer...
Astra Linux – Vulnerability in Linux, Linux 5.10
A race condition was identified in the vtkioctl function within drivers/tty/vt/vtioctl.c in the Linux kernel. This may lead to an out-of-bounds read, as the write access to vcmode is not protected by a lock in vtioctl KDSETMDE. The primary threat of this vulnerability is data confidentiality...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Fixed data corruption in the dsync block recovery process for small block sizes. The helper function nilfsrecoverycopyblock in nilfsrecoverydsyncblocks incorrectly calculates the on-page offset when copying repair data...
Astra Linux – Vulnerability in Linux 5.10, Linux
In l2capchanput of l2capcore, there is a potential use after free due to improper locking. This could lead to a local escalation of privileges without the need for additional execution privileges. User interaction is not required for exploitation. Product: Android Versions: Android kernel Android...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003953)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003953 advisory. An information disclosure vulnerability exists in the /proc/pid/syscall functionality of Linux Kernel 5.1 Stable and 5.4.66. More specifically, this issue has been...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: avoiding soft lockup when using mprotect on a large memory area When calling mprotect on a large hugetlb memory area in our customer’s workload 300GB of hugetlb memory, soft lockup was observed: watchdog: BUG: soft...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: HID: wacom: Fixed a crash that occurred in wacomaesbatteryhandler. The commit fd2a9b29dc9c “HID: wacom: Remove AES powersupply after extended inactivity” introduced wacomaesbatteryhandler, which is scheduled as a delayed task...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: drm/tegra: nvdec: Fix the dmaalloccoherent error check A check has been added to prevent a NULL return value from occurring when using dmaalloccoherent. This change follows Robin’s fix for the vic.c file in drm/tegra: vic: Fix DM...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: f2fs: prevents kernel warnings due to negative inlink from corrupted images WARNING: CPU: 1 PID: 9426 at fs/inode.c:417 dropnlink+0xac/0xd0 home/cc/linux/fs/inode.c:417 Modules linked in: CPU: 1 UID: 0 PID: 9426 Comm:...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net: lan743x: fixed a potential out-of-bounds write in lan743xptpioeventclockget. Before calling lan743xptpioeventclockget, the ‘channel’ value is checked against the maximum value of PCI11X1XPTPIOMAXCHANNELS8. This seems correct...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: media: cxusb: No longer judges rbuf when the write fails syzbot reported a uninit-value in cxusbi2cxfer. Only when the write operation of usbbulkmsg in dvbusbgenericrw succeeds and rlen is greater than 0, the read operation of...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: drm/vrr: Set VRR capable prop only if it is attached to connector VRR capable property is not attached by default to the connector It is attached only if VRR is supported. So if the driver tries to call drm core set prop function...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Bonding: A buffer overflow issue was fixed in the bondoptionarpiptargetsset function. In this function, if newval-string is an empty string, newval-string+1 will point to the byte after the string, leading to a buffer overflow an...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: prefer nftchainvalidate nftchainvalidate already performs loop detection, as a cycle in the process could lead to a call stack overflow ctx-level = NFTJUMPSTACKSIZE. It also iterates through the maps via t...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: jffs2: Prevent the xattr node from overflowing the eraseblock. A check has been added to ensure that the requested xattr node size is not larger than the eraseblock minus the cleanmarker. Unlike traditional inode nodes, xattr...
Medium: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: fix dstnegativeadvice race CVE-2024-36971 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 - Kernel-5.10 Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and...
DLA-3841-1 linux-5.10 - security update
Bulletin has no description...
SUSE CVE-2020-28588
An information disclosure vulnerability exists in the /proc/pid/syscall functionality of Linux Kernel 5.1 Stable and 5.4.66. More specifically, this issue has been introduced in v5.1-rc4 commit 631b7abacd02b88f4b0795c08b54ad4fc3e7c7c0 and is still present in v5.10-rc4, so it's likely that all...