721 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: BPF: Properly marking live registers for indirect jumps For the gotox rX instruction, the rX register should be marked as used in the computeinsnlive regs function. This issue has been fixed...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed an inode leak in ext4xattrinodecreate, which occurs on an error path. There is a issue when using setxattr with a fault injection: localhost fsck.ext4 -fn /dev/sda e2fsck 1.46.6-rc1 12-Sep-2022 Pass 1: Checking...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Fixed a memory double-free issue when handling zero-length packets. 829: If request-complete, then: 830 spinunlock&privdev-lock; 831 usbgadgetgivebackrequest&privep-endpoint, 832 request; 833 spinlock&privdev-lock; 83...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
A vulnerability was reported in the Open vSwitch sub-component of the Linux kernel. The flaw occurs when a recursive operation of the code push calls into the code block recursively. The OVS module does not validate the stack depth, causing too many frames to be pushed onto the stack, leading to ...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
A race condition was detected in the net/bluetooth function of the Linux kernel’s sniffmin,maxintervalset function. This can lead to a Bluetooth sniffing exception issue, potentially causing a denial of service...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed a potential null dereference in dmresume Why Fixed the match error: The dmresume error: We previously assumed that ‘aconnector-dclink’ could be null. How Checked whether dclink is null at the beginning of t...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: - dm btree remove: fixed the use of a function after the free operation in rebalancechildren. - Moved the dmtmunlock function to after dmtmdec...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd934x: Added ofnodeput before wcdb934xcodecparsedata. The devicenode pointer is returned by ofparsephandle with a refcount incremented. We should use ofnodeput on it after that operation. This is similar to the...
Astra Linux - уязвимость в linux-5.10
It was discovered that when executing from a non-leader thread, armed POSIX CPU timers would remain on a list but would then be freed, resulting in a use-after-free...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: RISCV: Check whether the code to be patched lies within the exit section. Otherwise, we proceed to vmalloctopage, which panics because the address does not lie within the vmalloc region...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: jfs: fixed an array-index-out-of-bounds issue in dbFindLeaf. Currently, when searching for dmtreet to find sufficient free blocks, there is a situation where an array index goes out of bounds during the retrieval of elements from...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm/tegra: dsi: Added a check for the return value of offinddevicebynode. Added a check on the return value of offinddevicebynode, and return an error if it fails, in order to avoid NULL pointer dereferencing...
Astra Linux - уязвимость в linux-5.10, linux
There are use-after-free vulnerabilities caused by a timer handler in the net/rose/rosetimer.c file of Linux, which allow attackers to crash the Linux kernel without any privileges...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Optimize clearing the pending PMI and remove WARNON for PMI check in powerpmudisable commit 2c9ac51b850d "powerpc/perf: Fix PMU callbacks to clear pending PMI before resetting an overflown PMC" added a new function...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: TCP: Do not accept ACKs for bytes that we never sent. This patch is based on a detailed report and ideas from Yepeng Pan and Christian Rossow. The validation of ACK sequences currently follows the guidelines outlined in RFC 5961,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: NFS: Fixed the xarray locking mechanism in nfsnetfsissueread for writeback interrupts. The loop within nfsnetfsissueread currently does not disable interrupts during the iteration of pages in the xarray to perform NFS reads. This...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: nfc: st21nfca: fixed memory leaks in EVTTRANSACTION handling Error paths do not free the previously allocated memory. Add devmkfree to those failure paths...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: X.509: Fixed an out-of-bounds access issue when parsing extensions. Leo reports an out-of-bounds access issue when parsing a certificate with empty Basic Constraints or Key Usage extensions. This occurs because the first byte of...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: ath12k – Fix for the pointer in dmafreecoherent. dmaalloccoherent allocates a DMA-mapped buffer and stores the addresses in XXXunaligned fields. These addresses should be reused when freeing the buffer, rather than using...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: core: The /proc/scsi/$procname directory was removed earlier. Removing this directory helps to fix a race condition between unloading and reloading kernel modules. This fixes a bug introduced in 2009 by commit 77c019768f06...