1421 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fixed a memory leak in dwc3qcominterconnectinit. In the alloc Resources for path handle function, resources should be released when they are no longer needed. This can be done by using the release function in...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: f2fs: zone: Fix was made to avoid inconsistencies between SIT and SSA. With the above testcase, inconsistencies may occur between SIT and SSA. Example code: createnullblk 512 2 1024 1024 mkfs.f2fs -m /dev/nullb0 mount /dev/nullb0...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: riscv: ftrace: Fixed a panic issue by disabling preemption. In RISCV, we must use an AUIPC + JALR pair to encode an immediate jump, creating a jump to an address beyond 4K. This may cause errors if we want to enable kernel...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: cachefiles: The issue of incorrect dentry refcount in cachefilescull has been fixed. The patch mentioned below changed cachefilesburyobject to expect 2 references to the ‘rep’ dentry. Three of the caller functions were changed to...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: soc: rockchip: Fixed the refcount leak in rockchipgrfinit. offindmatchingnodeandmatch returns a node pointer with a incremented refcount. We should use ofnodeput on it after processing. Add the missing ofnodeput call to avoid...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftlimit: avoided a possible division error in nftlimitinit divu64 divides an u64 value by an u32 value. nftlimitinit attempts to divide an u64 value by another u64 value; the appropriate math function div64u64 should ...
Astra Linux - уязвимость в linux, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: ax25: Fixed issues related to reference count leaks in ax25dev. There are reference count leak issues with the object “ax25dev” in functions like ax25addrax25dev and ax25devdevicedown. A memory leak occurs in ax25addrax25dev...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: i40e: Fixed NULL pointer dereferencing in VSI filter synchronization. The issue of NULL pointer dereferencing in sync VSI filters has been eliminated. A new I40EVSIRELEASING flag was added to indicate the deletion and release of...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: BPF: Protection against integer overflows when accessing stack memory. This patch reintroduces protection against the situation where the size of memory accessed via the stack is negative. The access size can appear negative due ...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: net: Restricted SOREUSEPORT for inet sockets After the issue was identified, it was discovered that crypto sockets could accidentally be destroyed due to RCU callbacks. Attempting to acquire a mutex in an RCU callback is not...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: WireGuard: socket: freeskb in send6 when IPv6 is disabled. I received a report of a memory leak: Unreferenced object: 0xffff8881191fc040 size 232 Command: kworker/u17:0, PID: 23193, Jiffies: 4295238848 age: 3464.870 seconds Hex...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: The abort logic in btrfsreplacefileextents has been fixed. Error injection testing revealed a case where a corrupt file system could occur, with an absent extent in the middle of a file. This occurs because the if statemen...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: cachefiles: All requests are flushed after setting CACHEFILESDEAD. In ondemand mode, when the daemon is processing an open request, if the kernel marks the cache as CACHEFILESDEAD, the cachefilesdaemonwrite function will always...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Disable IRQs before initfn for non-boot CPUs. Disable IRQs before initfn for non-boot CPUs during hotplug operations, in order to silence such warnings and also to avoid potential errors due to unexpected interrupts...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: x86/coco: Requires seeding the RNG with RDRAND on CoCo systems. There are few uses of CoCo that do not rely on functional cryptography and, consequently, a functioning RNG. Unfortunately, the CoCo threat model means that the VM...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: “Revert ‘f2fs: fix to do sanity check on extent cache correctly’” The syzbot reports a bug in f2fs as follows: UBSAN: Array-index-out-of-bounds in fs/f2fs/f2fs.h:3275:19 Index 1409 is out of range for type ‘le32923’ aka ‘unsigned...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: NFSD: The free copynotify stateid in nfs4freeolstateid has been fixed. Typically, the copynotify stateid is freed either when the parent’s stateid is closed/freed, or in nfsd4laundromat if the stateid has not been used for a...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: BPF: Makes bpfrefcountacquire failable for references that are not owned by the program. This patch fixes an incorrect assumption made in the original bpfrefcount series 0. Specifically, it assumes that the BPF program calling...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: mmc: core: Avoid negative index with array access The commit 4d0c8d0aef63 “mmc: core: Use mrq.sbc in close-ended ffu” assigns previdata = idatasi - 1, but does not check that the iterator i is greater than zero. We will fix this ...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: block/rqqos: The rqqos API is protected with a new lock. Commit 50e34d78815e “block: disable the elevator int delgendisk” The function rqqosexit was moved from diskrelease to delgendisk. This may introduce some issues: 1 If...