652 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mpblk: Add fdcc clock to hdmimix domain According to the i.MX8MP RM and HDMI specifications, the fdcc clock is part of the HDMI RX verification IP. This clock should not be enabled for HDMI TX...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: hdmi: Unregister codec device on unbind When the device is bound, we register the HDMI codec device. However, we do not unregister it when the device is unbound, resulting in a device leakage issue. We need to unregister...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/xe/vf: Do not attempt to trigger a full GT reset if there is a VF involved. VFs do not have access to the GDRST0x941c register, which is used by the driver to reset the GT. Attempt to trigger a reset using debugfs: bash $ cat...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ntfs3: Treating $Extend records as regular files. Since the commit af153bb63a33 "vfs: catching invalid modes in mayopen" requires that any inode be of one of the types SIFDIR/SIFLNK/SIFREG/SIFCHR/SIFBLK/SIFIFO/SIFSOCK, use SIFREG...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a data race around sysctltcpearlyretrans. While reading sysctltcpearlyretrans, it can be changed concurrently. Therefore, we need to add READONCE to its reader...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: udmabuf: Set the DMA mask for the udmabuf device v2 If the DMA mask is not set explicitly, the following warning occurs when the user space attempts to access the dma-buf via the CPU, as reported by syzbot: WARNING: CPU: 1 PID...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net/rds: fixed the warning in rdsconnconnectifdown. If a connection is not established yet, getmr will fail, causing the connection to be initiated after getmr...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: MAC comparisons need to be performed in constant time. To prevent timing attacks, MAC comparisons must be done in constant time. Replace the memcmp function with the correct function, cryptomemneq...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: fix leak of memory fw...
Astra Linux - уязвимость в linux, linux-5.10
Incomplete cleanup of multi-core shared buffers on certain Intel processors may allow an authenticated user to potentially disclose information through local access...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
Closing an event channel in the Linux kernel can lead to a deadlock. This occurs when the closure operation is performed in parallel with an unrelated Xen console action, and the handling of a Xen console interrupt occurs in a unprivileged guest. The closure of an event channel is triggered, for...
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: In md/raid10, there is a issue where memory leaks occur in the MD thread. In raid10run, if setupconf succeeds and raid10run fails before setting ‘mddev-thread’, then the variable ‘conf-thread’ is not freed. This issue can be fixe...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Fixed a null-ptr-deref issue in inode-iop in ntfslookup. Syzbot reported a null-ptr-deref bug: ntfs3: loop0: The sector size of NTFS is 1024, while the media sector size is 512. ntfs3: loop0: Marking the volume as...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: scsi: mpt3sas: Page fault in reply Q processing A page fault was encountered in mpt3sas on a LUN reset error path: 145.763216 mpt3sascm1: Task abort tm failed: handle0x0002, timeout30 trmethod0x0 smid3 msixindex0 145.778932 sc...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: llc: Call to sockorphan at the release time. syzbot reported an interesting trace 1 caused by a stale sk-skwq pointer in a closed llc socket. In the commit ff7b11aa481f “net: socket: set sock-sk to NULL after calling...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: blk-mq: Check the kobject’s state in sysfs before deleting it in blkmqunregisterhctx. In blkmqupdatenrHWqueues, the return value of blkmqsysfsregisterhctxs is not checked. If the creation of hctxs in sysfs fails, subsequently...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: exfat: fixed a potential deadlock in exfatgetdentryset. When accessing a file with more entries than ESMAXENTRYNUM, the bh-array is allocated in exfatgetdentryset. The problem is that the bh-array is allocated using GFPKERNEL. Th...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: dm: fixed a NULL pointer race issue when completing IO operations. The dmiodecpending call first calls endioacct, then decreases the number of pending DMA operations. However, if a task swaps the DM table at the same time, thi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: i2c: xiic: xiicxfer: Fixed a runtime PM leak on the error path. The xiicxfer function acquires a runtime PM reference when it is entered. This reference is released when the function is exited. Currently, there is one error path...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-qspi: check return value after calling platformgetresourcebyname This issue could lead to a null-ptr-deref error if platformgetresourcebyname returns NULL. Therefore, we need to check the return value...