721 matches found
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: extcon: The extcon device is modified to be created after the driver data is set. Currently, someone can invoke sysfs functions such as stateshow intermittently before devsetdrvdata is performed. This can lead to kernel errors...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: pinctrl: ralink: Check for a null return from devmkcalloc. Due to the potential failure of the allocation, data-domains might be a NULL pointer, and this could lead to the dereferencing of a NULL pointer later. Therefore, it migh...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Fixed a double-free in the dma-buf feature. The error path through vfiopcicorefeaturedmabuf ignores its own advice to only use dmabufput after dmabufexport. Instead, it proceeds through the entire unwind chain. In the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Fixed NULL pointer access via aerinfo. The kzallocGFPKERNEL function may return NULL, resulting in kernel panic when accessing aerinfo-xxx. This issue has been fixed...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: USB: usbip: Fix a reference count leak in stubprobe The usbgetdev function is called in stubdevicealloc. When stubprobe fails later on, usbputdev must be called to release the reference. This issue is fixed by moving usbputdev in...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate userq input args. This will assist in validating the userq input arguments and rejecting invalid userq requests during IOCTLs...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: “aio”: fixed the issue with mremap after a fork operation involving null-dereferencing. The commit e4a0d3e720e7 “aio: Makes it possible to remap the aio ring” introduced a null-dereference if mremap is called on an old aio mappin...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: net/9p: A potential socket leak has been fixed in p9socketopen. Both p9fdcreatetcp and p9fdcreateunix will call p9socketopen. If the creation of p9transfd fails, both p9fdcreatetcp and p9fdcreateunix will return an error...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: fixed a potential ttm-sg memory leak. Memory is allocated for ttm-sg by kmalloc in kfdmemdmamapuserptr, but it is not freed by kfree in kfdmemdmaunmapuserptr. Free it!...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ipmr,ip6mr: acquiring RTNL before calling ip6mrfreetable in the failure path The ip6mrfreetable function can only be called under an RTNL lock condition. RTNL: assertion failed at net/core/dev.c 10367 WARNING: CPU: 1 PID: 5890 at...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: phy: stm32: fix a refcount leak in stm32usbphycpllenable This error path needs to decrement “usbphyc-npllcons.counter” before returning...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: net:sched: fixed a possible refcount leak in tcnewtfilter. It is necessary to call tfilterput to store the refcount obtained from tp-ops-get, to avoid possible refcount leaks when chain-tmpltops != NULL and chain-tmpltops !=...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: The line “Revert “block, bfq: honor already-setup queue merges”” has been removed. A crash occurred in conjunction with the commit 2d52c58b9c9b “block, bfq: honor already-setup queue merges”. This issue was later corrected by the...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: A mistake of “one” was corrected in qlaedifappgetstats. The appreply-elem array is allocated earlier in this function, and it contains appreq.numports elements. Therefore, the comparison operator needs to be change...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In multiple functions of iouring.c, there is a possibility of kernel memory corruption due to improper locking. This could lead to a local escalation of privileges in the kernel, as execution privileges are required. User interaction is not necessary for exploiting this vulnerability...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
A use-after-free flaw was discovered in xgenehwmonremove in drivers/hwmon/xgene-hwmon.c within the Hardware Monitoring Linux Kernel Driver xgene-hwmon. This flaw could allow a local attacker to cause the system to crash due to a race condition. This vulnerability could even lead to a situation...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
A flaw was discovered in KVM. When calling the KVMGETDEBUGREGS ioctl on 32-bit systems, there might be uninitialized portions of the kvm Debugregs structure that could be copied into user space, resulting in an information leak...
Astra Linux - уязвимость в linux-5.10
A flaw was discovered in the pfnswapentrytopage function within the memory management subsystem of the Linux kernel. In this flaw, an attacker with local user privileges may cause a denial-of-service attack due to a BUG statement that references pmdt x...
Astra Linux - уязвимость в linux-5.10, linux
Intel’s microprocessor generations 6 to 8 are affected by a new Spectre variant that can bypass the retpoline mitigation mechanism in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to execute arbitrary speculative code under certain...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: phy: fsl-imx8mq-usb: set platformdriverdata The missing platformsetdrvdata function has also been added, as the data will be used in the remove function...