568 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: use safe list iterator to avoid a use after free This loop is freeing the variable “clk”, so it needs to use listforeachentrysafe. Otherwise, it will dereference a freed variable to obtain the next item in the loop...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: btusb: Added a NULL check for “date-evtskb”. Fixed crashes due to NULL pointers. 6104.969662 BUG: NULL pointer dereferencing in the kernel; address: 00000000000000c8 6104.969667 PF: Supervisor read access in kernel...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: quota: fixed the loop condition in f2fsquotasync The parameter cnt should be passed to sbhasquotaactive, rather than type, to correctly check the active quota. Moreover, when the type is -1, the compiler, with sufficient...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: kcm: Fixed a memory leak in the error path of kcmsendmsg. The syzbot reported a memory leak as follows: BUG: Memory leak Unreferenced object 0xffff88810b088c00 size 240: Comm “syz-executor186”, pid 5012, jiffies 4294943306 age...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed idx validation in i40evalidatequeuemap. Ensured that the idx value is within the range of active/initialized TC’s when iterating over vf-chidx in i40evalidatequeuemap...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: media: rc: The bpf attach/detach operation requires write permission. source-iocs-preserved const=CAPNETADMIN...
Exploit for Use After Free in Linux Linux_Kernel
CVE-2024-1086 Universal local privilege escalation Proof-of-C...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix buffer overflow in sja1105setupdevlinkregions If an error occurs in dsadevlinkregioncreate, then the array ‘priv-regions’ will be accessed using a negative index -1. This issue was identified by the Linux...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate command request size In commit 2b9b8f3b68ed “ksmbd: validate command payload size”, except for the SMB2OPLOCKBREAKHE command, the request size of other commands is not checked—this is not expected. This issue was...
Astra Linux - уязвимость в linux-5.10
There is a vulnerability related to time-of-check to time-of-use issues in the iouringsubsystem’s IORINGOPCLOSE operation in the Linux kernel versions 5.6 to 5.11 inclusive. This vulnerability allows a local user to elevate their privileges to root. Introduced in the version...
Astra Linux - уязвимость в linux-5.10, linux
In the usbmon module of the Linux kernel, the files drivers/usb/mon/monbin.c before version 5.19.15 and versions 6.x before 6.0.1 allow a user-space client to corrupt the internal memory of the monitor...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Registers the VF in netvscprobe if NETDEVICEREGISTER was missed. If the hvnetvsc driver is unloaded and reloaded, the NETDEVICEREGISTER handler cannot successfully register the VF, as the register call is received befor...
Astra Linux - уязвимость в linux, linux-5.10
Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel versions 5.1 through 5.19.x, prior to 5.19.16, could be exploited by local attackers those capable of injecting WLAN frames to trigger use-after-free conditions, potentially allowing them to execute...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: MIPS: KVM: Fix for NULL pointer dereferencing After committing change 45c7e8af4a5e3f0bea4ac209 “MIPS: Remove KVMTE support”, we encountered a NULL pointer dereferencing issue when creating a KVM guest: 146.243409 Starting KVM wit...
CVE-2026-43243 affecting package kernel for versions less than 6.6.137.1-2
CVE-2026-43243 affecting package kernel for versions less than 6.6.137.1-2. An upgraded version of the package is available that resolves this issue...
CVE-2026-31698 affecting package kernel for versions less than 6.6.137.1-2
CVE-2026-31698 affecting package kernel for versions less than 6.6.137.1-2. An upgraded version of the package is available that resolves this issue...
Astra Linux - уязвимость в linux-5.15
A issue was discovered in ksmbd within the Linux kernel versions 5.15 through 5.19, prior to 5.19.2. The file fs/ksmbd/smb2pdu.c contains a use-after-free condition and an OOPS error related to SMB2TREEDISCONNECT...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Net: Bridge – Use DEVSTATSINC The syzbot/KCSAN reported a data race in the brhandleframefinish function 1. This function can be executed on multiple CPUs without mutual exclusion. It is recommended to use the SMP-safe DEVSTATSINC...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Audit: Fixed a possible soft lockup in audit inode child. Tracefs or debugfs might cause hundreds to thousands of PATH records. Too many PATH records might lead to a soft lockup. For example: 1. CONFIGKASAN=y && CONFIGPREEMPTION=...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: speakup: Avoid crashing when dealing with very long words. In cases where a console is set up to handle very large data, containing words that are truly long 256 characters, we need to stop processing before reaching the length o...