395 matches found
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a deadlock issue when converting an inline directory in nojournal mode. In nojournal mode, ext4finishconvertinlinedir can cause a self-deadlock by calling ext4handledirtydirblock after having already taken the...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible NULL deref in fib6nhinit syzbot reminds us that in6devget can return NULL. fib6nhinit ip6validategw &idev ip6routechecknh idev idev = in6devgetdev; // can be NULL Oops: general protection fault, probably fo...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
A vulnerability classified as problematic has been discovered in the Linux kernel. The affected function is j1939sessiondestroy in the file net/can/j1939/transport.c. This manipulation leads to a memory leak. It is recommended that a patch be applied to fix this issue. The identifier of this...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
A race condition was detected in the Bluetooth device driver of the Linux kernel’s min,maxkeysizeset function. This can lead to a null pointer dereferencing issue, potentially causing a kernel panic or a denial-of-service attack...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A vulnerability was discovered in vhostnewmsg in drivers/vhost/vhost.c within the Linux kernel. This issue arises due to the improper initialization of memory in messages transmitted between virtual guests and the host operating system, as implemented in the vhostnewmsg function. This vulnerabili...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed a mid leak that occurred during reconnection after a timeout threshold. When the number of responses with the status STATUSIOTIMEOUT exceeds a specified threshold NUMSTATUSIOTIMEOUT, we reconnect the connection...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: In loopsetstatusfrominfo, the checks for lo-looffset and lo-losizelimit should be performed before reassigning them. This is because if an overflow error occurs, the original correct value will be changed to the wrong value, and ...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
iouring UAF, Unix SCM garbage collection...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Check the return value of allocworkqueue in radeoncrtcinit. Check the return value of allocworkqueue in radeoncrtcinit to avoid null-ptr-deref...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A use-after-free vulnerability in the Linux kernel’s netfilter:nftables component can be exploited to achieve local privilege escalation. The nftverdictinit function allows positive values as drop errors within the hook verdict, and thus the nfhookslow function can cause a double-free vulnerabili...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
A vulnerability was reported in the Open vSwitch sub-component of the Linux kernel. The flaw occurs when a recursive operation of the code push calls into the code block recursively. The OVS module does not validate the stack depth, causing too many frames to be pushed onto the stack, leading to ...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A null pointer dereference flaw was discovered in the hugetlbfsfillsuper function within the Linux kernel’s hugetlbfs Huge TLB pages functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on the system...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
The Cross-Privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recently introduced FineIBT, and to leak arbitrary Linux kernel memory on Intel systems...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A flaw was discovered in the Linux kernel’s NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packets when using NVMe over TCP. This can lead to the NVMe driver dereferencing a NULL pointer, resulting in kernel panic and a denial of service...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A flaw was discovered in the Linux kernel’s NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packets when using NVMe over TCP. This can lead to the NVMe driver dereferencing a NULL pointer, resulting in kernel panic and a denial of service...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftchainfilter: handling of NETDEVUNREGISTER for inet/ingress basechain Remove netdevice from the inet/ingress basechain in case NETDEVUNREGISTER event is reported; otherwise, a stale reference to netdevice remains in...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k: Delay all operations related to ath9kwmieventtasklet until initialization is complete. The ath9kwmieventtasklet function used in ath9khtc assumes that all data structures have been fully initialized by the time it...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-6.1, Linux-5.15
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fixed a memory leak in initcreditreturn. When dmaalloccoherent fails to allocate dd-crbasei.va, initcreditreturn should deallocate dd-crbase and dd-crbasei that were allocated earlier. Otherwise, those resources will nev...
Astra Linux – Vulnerability in Linux 5.15
A use-after-free flaw was discovered in lan78xxdisconnect in drivers/net/usb/lan78xx.c within the network sub-component, net/usb/lan78xx, in the Linux kernel. This flaw allows a local attacker to cause the system to crash when the LAN78XX USB device is disconnected...