27981 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: dma-debug: prevents an error message from causing runtime problems. For some drivers that use the DMA API, this error message can occur several million times per second. This can lead to excessive use of the kernel’s printk buffe...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/cs: Commands with 0 chunks result in illegal behavior. Submitting a command with 0 chunks causes a crash later on, discovered while trying to execute the wrong user space driver. MESALOADERDRIVEROVERRIDE=v3d glxinfo...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: clsu32: Undo tcfbindfilter if u32replacehwknode When u32replacehwknode fails, we need to undo the tcf BindFilter operation performed at u32setparms...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: net/tunnel: Wait until all skuserdata readers complete their operations before releasing the sock. There is a race condition in vxlan where, when deleting a vxlan device during packet reception, there is a possibility that the so...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: veth: Fixed the use of “free” after processing “XDPREDIRECT”. Commit 718a18a0c8a6 “veth: Reworked vethxdprcvskb to accept non-linear skb” introduced a bug where it tried to use “pkbsexpandhead” if the headroom was less than...
Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: tee: Fix NULL pointer dereference in teeshmput teeshmput has a NULL pointer dereference: opteedisableshmcache shm = regpairtoptr...; // shm may return NULL teeshmfreeshm; teeshmputshm; // results in a crash Add a check in teeshmp...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: ARM: hisi: Added "ofnodeput" after "offindcompatiblenode" "offindcompatiblenode" will increment the refcount of the returned devicenode. Calling "ofnodeput" is necessary to avoid a refcount leak...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Fixed a use-after-free issue. The members of the LIO port within the struct srptport structure have been changed from regular members to pointers. The LIO port data structures are allocated from within srptmaketport, a...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: amd: acp: Fixed a NULL pointer dereference in acpi2ssettdmslot. Updated chip data using devgetdrvdatadev-parent to fix the NULL pointer dereference in acpi2ssettdmSlot...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: schhtb: Make htbdeactivate idempotent. Alan reported a NULL pointer dereference in htbnextrbnode after we made htbqlennotify idempotent. It turned out that this issue introduced some regression in the following scenario:...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu – fixed a buffer overflow issue in the hwdep read function for DSP events. The DSP event handling code in hwdepread could write more bytes into the user buffer than requested, especially when the user provided...
Astra Linux - уязвимость в linux-5.15, linux-6.1
A flaw was discovered in the filelockinit function in the fs/locks.c file within the Linux kernel. This issue can lead to host memory exhaustion, as memcg does not limit the number of POSIX file locks that can be created...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Created a persistent INTx handler There exists a vulnerability where the eventfd for INTx signaling can be deconfigured. This causes the IRQ handler to be unregistered, but it still allows eventfds to be signaled with a...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: - net: tls: Fixed a use-after-free issue related to partial reads and async decryption. tlsdecryptsg does not take a reference to the pages from clearskb. Therefore, the putpage function in tlsdecryptdone releases these pages,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftpayload: Incorrect arithmetic operations when fetching VLAN header bits. If the offset plus the length exceeds the range of the Ethernet + VLAN header, then the length is adjusted to copy the bytes that are within t...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerabilities have been resolved: ARM: footbridge: fixed PCI interrupt mapping Since commit 30fdfb929e82 "PCI: added a call to pciassignirq in pcideviceprobe", the PCI code will call the IRQ mapping function whenever a PCI driver is probed. If these functions...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: rapidio: A check for rioaddnet has been added in rioscanallocnet. The return value of rioaddnet should be checked. If it fails, putdevice should be called to free the memory and release the references initialized during rioaddnet...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ppp: Fixed the “KMSAN: uninit-value” warning with bpf Syzbot detected a “KMSAN: uninit-value” warning 1. This issue arises because the ppp driver does not initialize a 2-byte header when using socket filters. The following code c...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: media: mtk-vcodec: There is a potential null pointer dereference issue in the SCP code. The return value of devmkzalloc needs to be checked to avoid NULL pointer dereferences. This is similar to the CVE-2022-3113 vulnerability...
Astra Linux - уязвимость в linux, linux-5.10
In f2fssetxattr in fs/f2fs/xattr.c in the Linux kernel, as of version 5.15.11, there is a potential for out-of-bounds memory access when an inode has an invalid last xattr entry...