Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check for a potential null return from kmallocarray. Since kmallocarray may return null, the use of 'eventwaitersi.wait' could lead to a null pointer derefrence. Therefore, it is better to check the return value of...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fixed a use-after-free bug in brcmfnetdevstartxmit ret = brcmfprototxqueuedatadrvr, ifp-ifidx, skb; may be scheduled, and then completed before the line ndev-stats.txbytes += skb-len; 46.912801...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: NFSv4.2: fixed issues related to nfs42sscopen. A destination server, when performing a COPY operation, should not accept the passed-in filehandle if it is not a regular filehandle. If allocfilepseudo fails, we need to decremen...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: nvmem: zynqmpnvmem: Fixed the buffer size in DMA and memcpy. The buffer size used in DMA allocation and memcpy is incorrect. This can lead to undersized DMA buffer accesses and potential memory corruption. Use the correct buff...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Fixed resource leaks that occur during errors in lineinfochangednotify. During error handling, lineinfochangednotify does not free the allocated resources, resulting in leaks. This issue has been fixed...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mux: mmio: Fixed the regmap leak that occurs during probe failures. The regmap that may be allocated during a probe is never released. We have switched to using the device-managed allocator, so that the regmap is released in case...

Astra Linux - уязвимость в linux-5.10, linux

In nftablesupdtable, if nftablestableenable returns an error, nfttransdestroy is called to free the transaction object. nfttransDestroy calls listdel, but the transaction was never placed on a list—the list head contains only zeros, which results in a NULL pointer being dereferenced...

Astra Linux - уязвимость в linux-5.10

A use-after-free flaw was discovered in the Linux kernel’s core dump subsystem. This flaw allows a local user to crash the system. Only if patch 390031c94211 “coredump: Use the vma snapshot in fillfilesnote” is not applied yet, then the kernel may be affected...

Astra Linux - уязвимость в linux-5.15

A use-after-free flaw was discovered in lan78xxdisconnect in drivers/net/usb/lan78xx.c within the network sub-component, net/usb/lan78xx, in the Linux kernel. This flaw allows a local attacker to cause the system to crash when the LAN78XX USB device is disconnected...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

A race condition was detected in the Linux kernel’s DRM/Exynos device driver, specifically in the exynosdrmcrtcatomicdisable function. This can lead to a null pointer dereferencing issue, which may potentially cause a kernel panic or a denial of service...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

A double-free memory flaw was discovered in the Linux kernel. The Intel GVT-g graphics driver triggers a system resource overload for the VGA card, resulting in a failure in the intelgvtdmamapguestpage function. This issue could allow a local user to crash the system...

Astra Linux - уязвимость в linux-5.10

A out-of-bounds memory read flaw was discovered in the Linux kernel’s BPF subsystem, related to how a user calls the bpftailcall function with a key that is larger than the maxentries of the map. This flaw allows a local user to gain unauthorized access to data...

Astra Linux - уязвимость в linux, linux-5.10

The function mcbausbstartxmit in the file drivers/net/can/usb/mcbausb.c within the Linux kernel, up to version 5.17.1, contains a double-free...

Astra Linux - уязвимость в linux, linux-5.10

In the aiopollcompletework function of the aio.c file, there is a possibility of memory corruption due to use after free. This could lead to a local privilege escalation without the need for additional execution privileges. User interaction is not required for exploitation. Product: Android...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: In loopsetstatusfrominfo, the checks for lo-looffset and lo-losizelimit should be performed before reassigning them. This is because if an overflow error occurs, the original correct value will be changed to the wrong value, and ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: octeontx2-af: fixed the double-free operation in rvunpcfreemem. Clang static checker scan-build warnings: drivers/net/ethernet/marvell/octeontx2/af/rvunpc.c, line 2184, column 2 Attempt to free memory that was previously...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net/smc: A NULL pointer dereferencing issue was addressed in smcpnetfindib. devname was called with dev.parent as an argument, but without performing a NULL-check before using it. This issue was resolved by checking the pointer...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Added missing error checks to ctlget The ctlget functions that call scarlett2update did not check the return value. This issue has been fixed by adding error checks and passing the return value to the caller...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: SMB3: Added missing locks to protect the deferred close file list. The cifsdeldeferredclose function has a critical section that modifies the deferred close file list. We must acquire the deferredlock before calling the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Fixed to avoid migrating empty sections. A bug has been reported from a device with zufs: F2FS-fs dm-64: Inconsistent segment type 1, 0 in SSA and SIT. F2FS-fs dm-64: The filesystem was stopped due to reason: 4. Thread A...