721 matches found
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed a mid leak that occurred during reconnection after a timeout threshold. When the number of responses with the status STATUSIOTIMEOUT exceeds a specified threshold NUMSTATUSIOTIMEOUT, we reconnect the connection...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Do not leak netobj memory when gssreadproxyverf fails...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: A memory leak has been fixed in the ipcpciereadbioscfg function. The ipcpciereadbioscfg function uses acpievaluatedsm to obtain the wwan power state configuration from the BIOS. However, it does not free the...
Astra Linux - уязвимость в linux-5.10
Improper restriction of operations within the bounds of a memory buffer in some IntelR i915 Graphics drivers for Linux before the kernel version 6.2.10 may allow an authenticated user to potentially enable privilege escalation via local access...
Astra Linux - уязвимость в linux, linux-5.15
The memory allocation function ACPIALLOCATEZEROED does not guarantee a successful allocation. However, the subsequent code directly dereferences the pointer that receives the result of the allocation, which may lead to a null pointer dereference. To address this issue, a null pointer check should...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Synchronize devfreqmonitorstart/stop There is a possibility that frequent changes to the governor, performed in a loop, can lead to corruption in the timer list. Specifically, the timer cancellation process, which...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net/smc: Use smclgrlist.lock to protect the iteration of smclgrlist.list when performing smcportadd. When performing smcportadd, there may be operations that modify smclgrlist.list simultaneously, which could lead to a kernel...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: userfaultfd: a race between writeprotect and exitmmap has been fixed. A race may occur when a process exits; its virtual memory addresses are removed by exitmmap, and at the same time, userfaultfdwriteprotect is called. This race...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: vhost/vsock: Use kvmalloc/kvfree for larger packets. When copying a large file via sftp using vsock, the data size is usually 32 kB. In such cases, kmalloc seems to fail when attempting to allocate 32 32 kB regions. vhost-5837...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: afs: Increase the buffer size in afsupdatevolumestatus. The maximum length of the volume-vid value is 20 characters. Therefore, increase the size of idbuf to 24 characters to avoid overflow. Identified by the Linux Verification...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: smartpqi: Correct device removal for multi-actuator devices. Correct device count for multi-actuator drives, which can cause kernel panics...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: parisc: Fixed a data TLB miss in sbaunmapsg Rolf Eike Beer reported the following bug: 1274934.746891 Bad Address null pointer deref?: Code=15 Data TLB miss fault at addr 0000004140000018 1274934.746891 CPU: 3 PID: 5549 Comm:...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: netlink: added nla be16/32 types to the minlen array. BUGs: KMSAN: uninit-value in nlavalidaterangeunsigned, lib/nlattr.c:222 inline. BUGs: KMSAN: uninit-value in nlavalidateintrange, lib/nlattr.c:336 inline. BUGs: KMSAN:...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: blk-mq: Ensure that the active queue usage is retained for biointegrityprep. The function blkintegrityunregister may be called if the queue usage counter is not retained for a bio with integrity prepared. This could lead to a...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to avoid updating zero-sized extents in the extent cache. As reported by syzbot: F2FS-fs loop0: updateextenttreerange: extent len is zero, type: 0, extent 0, 0, 0, age 0, 0. ------------ Cut here ------------ Kernel b...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: bpftool: A NULL pointer derefrence issue occurs when pinning PROG, MAP, LINK without FILE. When using bpftool to pin PROG, MAP, LINK without FILE, a segmentation fault will occur. The reason is that the absence of FILE will cause...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fs/dax: Fixed the issue of “not skipping locked entries when scanning entries” The commit 6be3e21d25ca “fs/dax: not skipping locked entries when scanning entries” introduced a new function, waitentryunlockedexclusive, which waits...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: zlib: fixed the folio leak in S390 hardware acceleration BUG After committing aa60fe12b4f4 “btrfs: zlib: refactoring the S390x HW acceleration buffer preparation”, we no longer release the folio of the page cache return...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: phy: qcom-qmp: Fixed the issue where the struct clk structure was leaked during probe errors. Be sure to release the pipe clock reference in case of a late probe error e.g., probe deferral...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Only drop the call reference if one has been acquired. The function rxrpcinputpacketonconn can process a packet for the client after the current client call on the channel has already been terminated. In this case, chan-ca...