721 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: xfs: Fixed undersized liclogroundoff values. If the superblock does not list a log stripe unit, we set the incore log roundoff value to 512. This causes corrupted logs and unmountable file systems in generic/617 on a disk with...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net/tcp-ao: The comparison of MACs is now performed at constant time. To prevent timing attacks, MACs need to be compared at constant time. Use the appropriate helper functions for this purpose...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Reworked the handling of long task execution when adding/ deleting entries. When adding or deleting a large number of elements in one step using ipset, it may take considerable time, and soft lockup errors can...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Fixed a NULL pointer dereference in ‘niwrite inode’. Syzbot identified the following issue: Unable to handle a NULL pointer dereference at the virtual address 0000000000000016. Memory abort information: ESR =...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: gpib: Fixed a use-after-free in IO ioctl handlers. The IBRD, IBWRT, IBCMD, and IBWAIT ioctl handlers use a gpibdescriptor pointer after the board-biggpibmutex has been released. A concurrent IBCLOSEDEV ioctl can free the...
Astra Linux - уязвимость в linux-5.10, linux
A vulnerability has been discovered in the Linux kernel. It has been identified as a problem. This vulnerability affects the function vsockconnect in the file net/vmwvsock/afvsock.c. Manipulation of this function leads to a memory leak. The complexity of an attack is quite high. Exploitation of...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Shmem writes are flushed before mapping buffers with cached mappings. The shmem layer zeroes out new pages using cached mappings. If we do not flush these writes using the CPU, we might leave dirty cachelines behind,...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: xfrm: added a NULL check in xfrmupdateaeparams Normally, x-replayesn and x-preplayesn should be allocated in xfrmallocreplaystateesn…, hence xfrmupdateaeparams… can update them. However, the current implementation of xfrmnewae…...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: pcie: fix NULL pointer dereference in iwlpcieirqrxmsixhandler rxq can only be NULL when transpcie-rxq is NULL and entry-entry is zero. In cases where entry-entry is not equal to 0, rxq will not be NULL, even if...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: rxrpc: Fixed the issue where listen sets the backlog to too high for preallocation rings. The listen handler of AFRXRPC allows you to set the backlog to 32 if you increase sysctl. However, although the preallocation circular...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: The notifiers are shared by the PCI and VIO buses. The failiommusetup function registers the failiommubusnotifier struct for both PCI and VIO buses. The struct notifierblock is a linked list node; therefore, any...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: Fix for the debugfs directory leak The ULPI per-device debugfs root is named after the parent of the ulpi device. However, ulpiunregisterinterface attempts to remove a debugfs directory named after the ulpi device...
Astra Linux - уязвимость в linux, linux-5.10
An integer coercion error was detected in the openvswitch kernel module. When there are a sufficient number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected. This could potentially lead to an...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: btsdio: fixed a use-after-free bug in btsdioRemove due to a race condition. In btsdioprobe, data-work is bound to btsdiowork. It will be started in btsdiosendframe. If btsdioRemove runs with an unfinished work, ther...
Astra Linux - уязвимость в linux, linux-5.10
A use-after-free flaw was discovered in the Linux kernel’s NFC core functionality due to a race condition between the creation and deletion of kobjects. This vulnerability allows a local attacker with CAPNETADMIN privileges to leak kernel information...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath11k – Fixing the DFS radar event locking issue The ath11k active PDevs are protected by RCUs. However, the code that handles DFS radar events and calls ath11kmacgetarbypdevid was not marked as a read-side critical sectio...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
A use-after-free vulnerability exists in the net/sched:clsfw component of the Linux kernel, which can be exploited to achieve local privilege escalation. When the fwchange function is called on an existing filter, the entire tcfresult struct is always copied into the new instance of the filter...
Astra Linux - уязвимость в linux-5.10, linux
A null pointer dereference was detected in the Linux kernel’s Integrated Sensor Hub ISH driver. This issue could allow a local user to crash the system...
Astra Linux - уязвимость в linux-5.10, linux
When sending malicious data to the kernel using the ioctl cmd FBIOPUTVSCREENINFO, the kernel will write memory beyond its boundaries...
Astra Linux - уязвимость в linux-5.10, linux
When setting a font using malicious data via the ioctl command PIOFONT, the kernel will write memory beyond its bounds...