Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: - ntfs: Added a sanity check on the allocation size. - ntfsread inodemount calls ntfsmallocnofs with an allocation size of zero. This triggers a bug in the ntfsmalloc function. Fix by adding a sanity check on ni-attrlistsize...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: orangefs: The issue with memory leaks in orangefskernel,clientdebuginit was fixed. When the orangefs module is inserted or removed, memory leaks occur as follows: unreferenced object 0xffff88816b0cc000 size 2048: comm "insmod", p...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: sched: Fixed a memory leak in tcindexsetparms. Syzkaller reports a memory leak as follows: ==================================== BUG: Memory leak Unreferenced object: 0xffff88810c287f00 size 256 Comm “syz-executor105”, pid...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: hinic: fixed the issue of CMDQ memory leaks. When hinicsetcmdqdepth fails in hinicinitcmdqs, the CMDQ memory is not released correctly. This issue has been fixed...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: watchqueue: Free the page array when watchqueue is dismantled Commit 7ea1a0124b6d “watchqueue: Free the alloc bitmap when the watchqueue is torn down” addressed the issue with the bitmap, but not the page array. Bug: Memory leak...

Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: i2c: cadence: cdnsi2cmasterxfer: Fixed a runtime PM leak on the error path. The cdnsi2cmasterxfer function acquires a runtime PM reference when it is executed. This reference is released when the function exits. Currently, there ...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Ring-buffer: Handled race conditions between rbmovetail and rbcheckpages. It appears there is a data race between writing to the ringbuffer and performing integrity checks. Specifically, the RBFLAG of headpage is being updated,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: i2c: riic: Moving suspend handling to NOIRQ phase Commit 53326135d0e0 “i2c: riic: Adding suspend/resume support” added suspend support for the Renesas I2C driver. Following this change, on RZ/G3E, the following warning is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: eventfs: Use listdelrcu for SRCU protected list variable Chi Zhiling reported: We found a null pointer accessing in tracefs1, the reason is that the variable 'eichild' is set to LISTPOISON1, that means the list was removed in...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Restore allocated resources in case of failed copyout operations. Correct a resource leak that occurred due to errors...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: nfs: fixed a panic that occurred when nfs4fflayoutprepareds failed. We have observed the following panics in production: BUG: NULL pointer dereferencing in the kernel, address: 0000000000000065 PGD: 2f485f067; P4D: 2f485f067;...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: scsi: mpt3sas: Fixed the use-after-free warning. The following use-after-free warnings, which were observed during controller reset, have also been fixed: refcountt: Underflow; use-after-free. WARNING: CPU: 23 PID: 5399 at...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Net: Ethernet: mtkethsoc: fixed a possible memory leak in mtkprobe. If mtkwedaddHW has been called, mtkwedexit must also be called in the error path, or the module must be removed to free up the memory allocated in mtkwedaddHW...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: tipc: Improve size validations for received domain records The function tipcmonrcv allows a node to receive and process domainrecord structures from peer nodes to track their views of the network topology. This patch verifies tha...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: netfilter: ebtables: fix memory leak when blob is malformed The bug fix was incomplete; it “replaced” a crash with a memory leak. The old code included an assignment to ret within the conditional statements; this has been restore...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mcb: Error handling in mcballocbus has been fixed. There are two bugs: 1 If idasimpleget fails, this code calls putdevicecarrier. However, we have not yet called getdevicecarrier, and this may lead to a use-after-free situatio...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes – Fix for buffer overreading in CTR mode When processing the last block, the s390 CTR code will always read a whole block, even if there is no data left in that block. This issue is fixed by using the actual...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Check for the NOTREADY flag state after locking Currently, the check for the NOTREADY flag is performed before obtaining the necessary lock. This creates a possibility for race conditions when the flow is concurrently...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fpga: m10bmc-sec: Fixed probe rollback issues. Properly handled probe error rollbacks to avoid leaks...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: erspan: Do not assume that the transport header is always set. Rewrite the tests for ip6erspantunnelxmit and erspanfbxmit to not assume that the transport header is set. syzbot reported: WARNING: CPU: 0 PID: 1350 at...