Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mm: Move page table sync declarations to linux/pgtable.h During our internal testing, we began observing intermittent boot failures when the machine uses 4-level paging and has a large amount of persistent memory: BUG: Unable to...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: vdpasimblk: The number of address spaces and virtqueue groups was set. The commit bda324fd037a “vdpasim: control virtqueue support” added two new fields nas, ngroups to vdpasimdevattr. However, we forgot to initialize these field...

Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Range checks for the CHDBOFF and ERDBOFF registers. If the values read from the CHDBOFF and ERDBOFF registers are outside the range of the MHI register space, an invalid address may be calculated, which can later...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Fixed NULL pointer access via aerinfo. The kzallocGFPKERNEL function may return NULL, resulting in kernel panic when accessing aerinfo-xxx. This issue has been fixed...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: blk-mq: Fixed the issue where blkmqtags double-freeed memory when nrrequests increases. In cases where user-triggered tags increase due to the nrrequests attribute in the queue sysfs, hctx-schedtags will be directly freed and...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Ensure power suppliers are suspended before detaching them. Power suppliers are always requested to suspend asynchronously. devpmdomaindetach requires the caller to ensure proper synchronization of this function...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: x86/mm, kexec, ima: Use memblockfreelate instead of imafreekexecbuffer. The code that calls imafreekexecbuffer is executed long after the memblock allocator has already been removed. This may lead to a use-after-free in...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: s390/qeth: Fixed a kernel panic that occurred after setting the hsuid attribute. Symptom: When the hsuid attribute is set for the first time on an IQD Layer3 device, while the corresponding network interface is already up, the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: mgb4: Fix for double debugfs remove calls This fix addresses an issue where the debugfsremoverecursive function is called first on a parent directory, and then again on a child directory, causing a kernel panic. hverkuil:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: tipc: Fixed a kernel panic that occurred when enabling a bearer. When enabling a bearer on a node, a kernel panic was observed: 4.498085 RIP: 0010:tipcmonprep+0x4e/0x130 tipc ... 4.520030 Call Trace: 4.520689 4.521236...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: phy: qcom: at803x: fix kernel panic with at8031probe When reworking and splitting the at803x driver, a NULL dereference bug was identified in the function that splits at803x PHYs. In this bug, the variable priv is referenced...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: tee, amdtee: fixed a race condition in amdteeopenSession. There is a potential race condition in amdteeopenSession that may lead to a “use-after-free” situation. For example, after sess-sessmask is set, and before the following...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iouring/msgring: A NULL pointer dereference occurred in iomsgsendfd. Syzkaller produced the following call trace: BUG: KASAN: NULL pointer dereference in iomsgring+0x3cb/0x9f0 A size 8 value was written to address 000000000000007...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Check that the endpoint is valid before dereferencing it When the host controller is not responding, all URBs User-Randomized Block Structures queued for all endpoints need to be terminated. This can cause a kernel pan...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: i3c: master: mipi-i3c-hci: A kernel panic occurs when accessing DATdata. The i3cmasterbusinit function may attach the I2C devices before I3C bus initialization. In this case, the DAT allocentry will be used before the DAT init...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: A bug was fixed regarding accessing an array out of bounds. When an error occurs during the parsing of JPEG data, the slot may not be properly acquired. This could be due to the default value MXCMAXSLOTS. If the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mmc: davincimmc: Prevents the transmitted data size from exceeding the length of sgm. No check is performed on the size of the data to be transmitted. This can lead to a kernel panic when the transmitted data size exceeds the...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: soc-compress: Repositioned and added pcmmutex. If paniconwarn is set and the compress stream DPCM is initiated, then a kernel panic occurs because card-pcmmutex is not properly locked. In the following functions, a warni...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: Mediatek: Added an intf release flow when the USB connection is disconnected. Mediatek claims that there is a special USB interface for ISO data transmission. This interface must be released before unregistering...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: IB/hfi1: Fixed a possible panic during hotplug remove. During the hotplug remove operation, it is possible that the update counters might still be active, and they may run after the memory has been freed. Cancel the operation ...