721 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: A memory leak has been fixed in nftablesupdchain. If nftnetdevregisterhooks fails, the memory associated with nftstats is not freed, resulting in a memory leak. This patch addresses this issue by moving the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcrrt5640 – Fixed invalid quirk input mapping. When an invalid value is passed via the quirk option, currently, the bytcrrt5640 driver only displays an error message but leaves the system unchanged. This may lead t...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Most: USB – Fix for use-after-free in hdmdisconnect The hdmdisconnect function calls mostderegisterinterface, which ultimately unregisters the MOST interface device using deviceunregisteriface-dev. If this action drops the last...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: iio: adc: aspeed: Fixed the refcount leak in aspeedadcsettrimdata. The function offindnodebyname returns a node pointer with a refcount incremented; we should use ofnodeput on it after processing. Added the missing ofnodeput...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check if modulo is 0 before dividing. How & Why If a value of 0 is read, then this will cause a divide-by-0 panic...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a data race around sysctltcpecnfallback. While reading sysctltcpecnfallback, it can be changed concurrently. Therefore, we need to add READONCE to its reader...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ASoC: rt7-sdw: harden jackdetecthandler Realtek headset codec drivers typically check if the card is instantiated before proceeding with the jack detection. The rt700, rt711 and rt711-sdca are however missing a check on the card...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Networks: Ethernet; mtkethsoc: fixed the issue of PPE hanging. A patch to resolve this issue was found in MediaTek’s GPL-licensed SDK. In the mtkppestop function, the PPE scan mode is not disabled before disabling the PPE. This...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: phy: ti: Fixed a missing sentinel for clkdivtable gettablemaxdiv attempts to access the "clkdivtable" array outside its defined bounds in phy-j721e-wiz.c. A sentinel entry was added to prevent the following global-out-of-bounds...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fixed a reference leak in the GID entry when the createah operation fails. If the AH create request fails, the sgidattr should be released to avoid a reference leak during the release of the GID table...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: Fixed a NULL pointer issue in the channel unregistration function. The dmaasyncdevicechannelregister function may fail. In the event of a failure, chan-local is freed with freepercpu, and chan-local becomes null. When...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ICMP: Fixed data races related to sysctlicmpechoenableprobe. When reading sysctlicmpechoenableprobe, it can be changed concurrently. Therefore, we need to add READONCE to its readers...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arpreqget. Syzkaller reported an overflow during the write operation in arpreqget. 0 When the ioctlSIOCGARP function is called, arpreqget retrieves a neighbor entry and copies neigh-ha to struct...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: netlink: Annotate accesses to nlk-cbrunning Both netlinkrecvmsg and netlinknativeseqshow read nlk-cbrunning without locking it. Use READONCE in those functions. Add corresponding WRITEONCE to netlinkdump and netlinkdumpstart...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ceph: fixed a deadlock or deadcode issue caused by misuse of dget. The lock order between denty and its parent is incorrect; we should always ensure that the parent gets the lock first. However, since this deadcode is never used,...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: TCP: Make sure init calls the spinlocks of the acceptqueue once. When I run SyZ’s reproduction C program locally, it causes the following issue: pvqspinlock: Lock 0xffff9d181cd5c660 has corrupted value 0x0! WARNING: CPU: 19; PID:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: KVM: x86 – Mark the target gfn of the emulated atomic instruction as dirty When emulating an atomic access on behalf of the guest, mark the target gfn as dirty if the CMPXCHG instruction attempts to be executed and fails without ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: snic: A memory leak was fixed by using debugfslookup. When calling debugfslookup, the result must also call dput; otherwise, a memory leak will occur over time. To simplify things, simply call debugfslookupandremove, which...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: KVM: Destroy the target device if coalescing MMIO unregistration fails Destroy and free the target coalesced MMIO device if unregistering the device fails. As clearly noted in the code, kvmiobusunregisterdev does not destroy t...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Wifi: cfg80211 – Fix for buffer overflow in elem comparison. For vendor elements, the code assumes that 5 octets are present without checking them. Since the element itself has already been checked for compatibility, we only need...