101 matches found
Advisory ROSA-SA-2026-3289
software: kernel-6.1 6.1.152 OS: ROSA-CHROME unaffected versions = kernel-6.1-6.1.1.152-4 affected versions data.opnents field during buffer management. By exploiting the RDS TCP transport SORDSTRANSPORT=2 in conjunction with iouring, a local unprivileged attacker can cause memory corruption and...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Julia Lawall reported this null pointer dereference issue, and this should fix it...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: BPF: Mark the bpf prog stack with kmsanunpoisonmemory in interpreter mode. SYZBOT reported uninit memory usage during maplookup,deleteelem. ========= BUG: KMSAN: uninitvalue in devmaplookupelem kernel/bpf/devmap.c:441 inline...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Media: MediTech; vcodec: Fixed the H264 multi-stateless decoder’s match warning. A match static checker warning was also fixed in vdech264reqmultiif.c. This issue causes the kernel to crash when fb is NULL...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: vsock: Fixed the transportg2h,h2g TOCTOU issue. The calls to vsockfindcid and vsockdevdoioctl may race with module unloading. transportg2h,h2g may become NULL after the NULL check. Introduced vsocktransportlocalcid to prevent ...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: tpm: Changed to kvalloc in eventlog/acpi.c The following failure was reported on HPE ProLiant D320: 10.693310 T1 tpmtis STM0925:00: 2.0 TPM device-id 0x3, rev-id 0 10.848132 T1 ------------ Cut here ------------ 10.853559 T1...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Fixed a use-after-free in btrfsencodedreadendio. Shinichiro reported the following use-after-free that sometimes occurs in our CI system when running fstests' btrfs/284 on a TCMU runner device: BUG: KASAN:...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: arm64: sme: Use STR P to clear the FFR context field in streaming SVE mode. The FFR is a predicate register whose size can range from 16 to 256 bits, depending on the configured vector length. When saving the SVE state in streami...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: mm: vmscan: accounts for free pages to prevent infinite loops in throttledirectreclaim. The task sometimes continues looping in throttledirectreclaim because allowdirectreclaimpgdat keeps returning false. The call stack is as...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to avoid updating the compression context during writeback Bai, Shuangpeng reported a bug as follows: Oops: division error: 0000 1 SMP KASAN PTI CPU: 0 UID: 0 PID: 11441 Comm: syz.0.46 Not tainted 6.17.0 1 PREEMPTfull...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: btusb: Added a NULL check for “date-evtskb”. Fixed crashes due to NULL pointers. 6104.969662 BUG: NULL pointer dereferencing in the kernel; address: 00000000000000c8 6104.969667 PF: Supervisor read access in kernel...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: netrom: Check the buffer length before accessing it. Syzkaller reports an uninit value being read from ax25cmp when sending raw messages through the ieee802154 implementation.================================================BUG...
Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: pmdomain: ti: Add a null pointer check to the omapprmdomaininit The devmkasprintf function returns a pointer to dynamically allocated memory, which may be NULL in case of failure. Ensure that the allocation was successful by...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Prevent nfskbduplicated corruption. The syzbot found that nfdupipv4 or nfdupipv6 could write the per-cpu variable nfskbduplicated in an unsafe manner 1. Disabling preemption, as suggested by splat, is not...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed an issue where the extent map was used after freeing memory when adding pages to compressed Bio data structures. In the function addrabiopages, we access the extent map to calculate ‘addsize’. After releasing the...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: bpf, sockmap: Fixed a race condition between element replacement and close. The element replacement with a socket that is different from the one stored may race with the close operation, where the link of the socket is popped...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed a recursive lock issue when the streamverdict program returns SKPASS. When the streamverdict program returns SKPASS, it places the received skb into its own receive queue. However, a recursive lock occurs eventually,...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed the issue of unexpected dereferencing of the hive. Check whether the amdgpuhiveinfo hive might be NULL...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: um: ubd: Do not use drvdata in release. The drvdata is not available in release. Let’s simply use containerof to obtain the ubd instance. Otherwise, removing a ubd device will result in a crash: RIP: 0033:blkmqfreetagset+0x1f/0xb...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix for neighbor and rtable leaks in smcibfindroute. In smcibfindroute, the neighbor found by neighlookup and the rtable resolved by iprouteoutputflow are not released or stored before returning. This could lead to a...