Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In 64-bit versions of the Linux kernel, Copyfromuser does not implement uaccessbeginnospec, which allows a user to bypass the “accessok” check and pass a kernel pointer to copyfromuser. This would enable an attacker to leak sensitive information. We recommend upgrading beyond commit...

Astra Linux - уязвимость в linux, linux-5.10

A NULL pointer dereference flaw was discovered in the rawv6pushpendingframes function in net/ipv6/raw.c within the network subcomponent of the Linux kernel. This flaw can cause the system to crash...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Staging: rtl8192e: Fixed the issue of using a pointer after it was freed in rtl92epcidisconnect. The freertllib function frees the “dev” pointer, which allows for usage after freeing it in the next line. We have rearranged the co...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Added missing gfx11 MQD manager callbacks. The mqdstride function was introduced in commit 2f77b9a242a2 "drm/amdkfd: Update MQD management on multi XCC setup", but it wasn’t assigned to gfx11. This issue is fixed by...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: IB/IPoIB: Fixed legacy IPoIB issues due to an incorrect number of queues. The referenced commit creates child PKEY interfaces through netlink, which involve multiple TX and RX queues. However, some devices do not support more tha...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: dm: A crash occurs if blkallocdisk fails. If blkallocdisk fails, the variable md-disk is set to an error value. cleanupmappeddevice will notice that md-disk is non-NULL and will attempt to access it, causing a crash at the line...

Astra Linux - уязвимость в linux-5.15, linux-6.1

A null pointer dereference vulnerability was discovered in the nftdynsetinit function in net/netfilter/nftdynset.c within nftables in the Linux kernel. This issue may allow a local attacker with the CAPNETADMIN user privilege to trigger a denial of service attack...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: i2c: dev: check the return value when calling devsetname If devsetname fails, the devname will be null. Check the return value of devsetname to avoid a null-ptr-deref...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: virtio: Packed data – fix an unmap leak for the indirect desc table When usedmaapi and premapped are set to true, dounmap is false. Since dounmap is false, vringunmapextrapacked is not called by detachbufpacked. The following cod...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: Fixed a potential use-after-free when using clear keys. Similar to the commit c5d2b6fa26b5 "Bluetooth: Fixed a use-after-free in hciremoveltk/hciremoveirk". We cannot access the variable k after the kfreercu call...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: irqchip/irq-mvebu-gicp: The refcount leak in mvebugicpprobe has been fixed. The function ofirqfindparent returns a node pointer with the refcount incremented. We should use ofnodeput on it when it is no longer needed. Add the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: pinctrl: aspeed: Fixed a potential NULL dereferencing in aspeedpinmuxsetmux. pdesc could potentially be null, but still, dereferencing pdesc-name would lead to a NULL pointer access. Therefore, we moved a null check before the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: Fixed memory leaks in the probe. Handled error branches to free memory as needed. Addresses-Coverity-ID: 1491825 "Resource leak"...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: rcu-tasks: Fixed a race condition in the schedule function and the flush work operation. When booting secondary CPUs, cpusreadlock/unlock does not keep the online cpumask stable. This temporary change in the online mask result...

Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftsetrbtree: fixed a null dereference issue when inserting elements There is no guarantee that rbprev will not return NULL in nftrbtreegcelem: General protection fault, likely due to an non-canonical address...

Astra Linux - уязвимость в linux-5.10

Ubuntu Linux 6.8 GA retains the legacy AFUNIX garbage collector, but the upstream commit 8594d9b85c07 "afunix: Do not call skbget for OOB skb" addresses this issue. When orphaned MSGOOB sockets reach unixgc, the garbage collector still calls kfreeskb, assuming that OOB SKBs hold two references...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: NFSD: prevented underflow in nfssvcdecodewriteargs Smatch reported the issue as follows: fs/nfsd/nfsxdr.c:341 nfssvcDecodeWriteArgs Warning: no lower bound on ‘args-len’ The type of the variable has been changed to unsigned to...

Astra Linux - уязвимость в linux, linux-5.10

An integer overflow or wrap-around vulnerability exists in the OpenEuler kernel on Linux file system modules, allowing for forced integer overflow. This issue affects the OpenEuler kernel, starting from version 4.19.90, up to and including version 4.19.90-2401.3, as well as versions 5.10.0-60.18....

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: Do not overflow the maximum copy size. With non-page-aligned copies, we need to use a pitch that is 4 bytes in size. However, the size of the copied data may still be close to our maximum of approximately 8M. As a...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: host: Fixed the dereference issue in the DDMA completion flow. Fixed the variable dereference issue in the DDMA completion flow...