721 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: iouring: fixed the truncation of the regbuf vector size. There is a report that ioestimatebvecsize truncates the calculated number of segments, leading to corruption issues. Ensure that the “int” variables used later do not...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/xe/xedevcoredump: Check that the variable is NOT NULL before assigning it. Assign ‘xedevcoredumpsnapshot ’ and ‘xedevice ’ only if ‘coredump’ is NOT NULL. v2: – Fixed the commit messages. v3: – Defined variables before the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fixed a race condition in sndseqtimeropen. The timer instance per queue is exclusive, and sndseqtimeropen should handle concurrent accesses properly. It seems that the function checks for an already existing timer...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: EROFS: Fix for incorrect early exits in invalid metabox-enabled images Crafted EROFS images with metadata compression enabled can trigger incorrect early exits, leading to folio reference leaks. However, this does not cause syste...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: rustbinder: Avoid reading the written value in the offset array. When sending a transaction, its offset array is first copied into the target process’s virtual memory area vma. Then, the values are read back from there. This is...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
A out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 netfilter: nftables: Reject tables of unsupported family. While creating a new netfilter table, the lack of a safeguard against invalid nftables family pf values within the nftablesnewtable function...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Nouveau: The offload fence uevents function is now processed via the workqueue. This should prevent a deadlock between the fctx lock and the irq lock. The processing of uevents is offloaded from the irq to the workqueue...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: fixed out-of-bounds access to the mmhub client ID. Properly handled cid 0x140...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net/sched: fqpie: Avoid stalls in fqpietimer When setting a high number of flows the limit is 65536, fqpietimer currently uses too much time, as reported by syzbot. Add logic to yield the CPU every 2048 flows less than 150...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Do not overwrite the KMS surface dirty tracker. We were overwriting the surface’s dirty tracker, which caused a memory leak...
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: crypto: safexcel – Cleanup of ring IRQ workqueues on load failure A failure to load the safexcel driver results in the following warning upon boot, because the IRQ affinity has not been properly cleaned up. Ensure that the...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: Networking layer: prevented MSB overflow in skbSegment. Once again, syzbot is able to crash the kernel in skbSegment. GSOBYFRAGS is a forbidden value, but unfortunately the following calculation in skbSegment can easily result...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: mac80211: The limit on vht mcs/nss in ieee80211parsetxradiotap has been adjusted. The maximum values of vht mcs and nss in ieee80211parsetxradiotap routine have been limited to fix the following warning reported by syzbot:...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Some memory leaks have been fixed in the error handling code for logreplay. All error handling code leads to the out function, where many resources are freed. This issue is also addressed here, rather than through a...
Astra Linux - уязвимость в linux-5.10, linux
Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...
Astra Linux - уязвимость в linux, linux-5.10
A flaw was discovered in the Linux kernel. Measuring the usage of shared memory does not scale well with large counts of shared memory segments, which could lead to resource exhaustion and Denial-of-Service attacks...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix device management cmd timeout flow In the UFS error handling flow, the host will send a device management command NOP OUT to the device to recover the link. If this command times out and clearing the device...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb-len The packet length retrieved from skb data may be larger than the actual socket buffer length up to 9026 bytes. In such cases, the cloned skb passed through the network stack may...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: scsi: mpi3mr: Fixed a DMA memory leak in the configuration page. A fix was also provided for: DMA-API: For the PCI device with address 0000:83:00.0, the device driver had pending DMA allocations even after it was released from...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ca8210: Fix for negative array access to maclen This patch addresses a buffer overflow issue where skb-data is accessed if ieee802154hdrpeekaddrs fails...