108 matches found
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: bpf: Mark the bpf prog stack with kmsanunpoisonmemory in interpreter mode. syzbot reported uninitialized memory usage during maplookup,deleteelem. ========== BUG: KMSAN: uninitvalue in devmaplookupelem kernel/bpf/devmap.c:441...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: afunix: Fixed data races related to user-unixinflight. user-unixinflight is updated under spinlockunixgclock, but toomanyunixfds reads it without locking. Let’s annotate the write/read accesses to user-unixinflight. BUG: KCSAN...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: oss – Fixed race conditions during the processing of SysEx messages The OSS sequencer handles SysEx messages that are split into 6-byte packets. The ALSA sequencer’s OSS layer attempts to combine these packets...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed an issue where the extent map was used after free, when adding pages to compressed Bio data structures. In the function addrabiopages, we access the extent map to calculate ‘addsize’. After dropping the reference to...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Julia Lawall reported this null pointer dereference issue; this should fix it...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: pmdomain: ti: Add a null pointer check to oprprmdomaininit. devmkasprintf returns a pointer to dynamically allocated memory; this pointer may be NULL in case of failure. Ensure that the allocation was successful by checking the...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to avoid updating the compression context during writeback Bai, Shuangpeng reported a bug as follows: Oops: division error: 0000 1 SMP KASAN PTI CPU: 0 UID: 0 PID: 11441 Comm: syz.0.46 Not tainted 6.17.0 1 PREEMPTfull...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: prevented nfskbduplicated corruption. syzbot found that nfdupipv4 or nfdupipv6 might write the nfskbduplicated variable in an unsafe manner 1. Disabling preemption, as suggested by splat, is not sufficient...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: erofs: Fixed a memory leak caused by LZMA global compressed deduplication. When testing microLZMA EROFS images with the new global compressed deduplication feature enabled -Ededupe, I discovered that some short-lived temporary...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ASoC: core: Check for rtd == NULL in sndsocremovepcmruntime. The sndsocremovepcmruntime function might be called with rtd == NULL, which will lead to a null pointer derefrence. This issue was reproduced when topology loading was...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net/smc: The issue of neighbor data leaks and rtable leaks in smcibfindroute has been fixed. In smcibfindroute, the neighbor data found by neighlookup and the rtable data resolved by iprouteoutputflow are not properly released or...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: btusb: Added a NULL check for “date-evtskb”. Fixed crashes due to NULL pointers. 6104.969662 BUG: NULL pointer dereferencing in the kernel; address: 00000000000000c8 6104.969667 PF: Supervisor read access in kernel...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: cfg80211: Set correct chandef when starting CAC When starting CAC in a mode other than AP mode, it returns a message: “WARNING: CPU: 0 PID: 63 at cfg80211chandefdfsusable+0x20/0xaf cfg80211” This issue is caused by the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Media: MediTech; vcodec: Fixed the H264 multi-stateless decoder’s match warning. A match static checker warning has been fixed in vdech264reqmultiif.c. This issue causes the kernel to crash when fb is NULL...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: netrom: Check the buffer length before accessing it. Syzkaller reports an issue where an uninit value is read from ax25cmp when sending raw messages through the ieee802154 implementation...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Fixed a use-after-free in btrfsencodedreadendio. Shinichiro reported the following use-after-free that sometimes occurs in our CI system when running fstests' btrfs/284 on a TCMU runner device: BUG: KASAN:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: tty: ngsm: Fixed a use-after-free in gsmcleanupmux. Bug: KASAN: Slab-use-after-free in gsmcleanupmux+0x77b/0x7b0. drivers/tty/ngsm.c:3160 ngsm Read of size 8 at addr ffff88815fe99c00 by task poc/3379. CPU: 0; UID: 0; PID: 3379...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: um: ubd: Do not use drvdata in release. The drvdata is not available in release. Let’s simply use containerof to obtain the ubd instance. Otherwise, removing a ubd device will result in a crash: RIP: 0033:blkmqfreetagset+0x1f/0xb...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mm: vmscan: accounts for free pages to prevent infinite loops in throttledirectreclaim. The task sometimes continues looping in throttledirectreclaim because allowdirectreclaimpgdat keeps returning false. The stack trace is as...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed the issue of unexpected dereferencing of the hive. Check whether the amdgpuhiveinfo hive might be NULL...