721 matches found
Astra Linux - уязвимость в linux-5.10
iouring uses workFlags to determine which identities need to be retrieved from the calling process, ensuring that they are consistent with the calling process when executing IORINGOP. Some operations lack certain types, which can lead to incorrect reference counts, potentially causing a...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: In md/raid10, there is a issue where memory leaks occur in the MD thread. In raid10run, if setupconf succeeds and raid10run fails before setting ‘mddev-thread’, then the variable ‘conf-thread’ is not freed. This issue can be fixe...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: Addition of exception protection handling for vd in the axichanhandleerr function. Since there is no protection for vd, a kernel panic will be triggered in exceptional cases. You can refer to the handling of the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Tracing: kprobe: Fixed a potential null-ptr-dereference issue in tracearray within kprobeeventgentestexit. When testgenkprobecmd fails after kprobeeventgencmdend, it will go to delete, which will call kprobeeventdelete and releas...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: mfd: syscon: Fixed a null pointer dereferencing in ofsysconregister. The kasprintf function returns a pointer to dynamically allocated memory; this pointer may be NULL in case of failure...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: phy: rockchip: inno-usb2: A double-free bug has been fixed in rockchipusb2phyprobe. The foreachavailablechildofnode function calls ofnodeput to release the child NPN in each successful loop. After exiting the loop when the child...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: smb/client: fixed a memory leak in smb2openfile Steps to reproduce the issue: 1. Server: Directories are exported as read-only. 2. Client: mount -t cifs //$serverip/export /mnt. 3. Client: dd if=/dev/zero of=/mnt/file bs=512...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: igc: Fixed kernel panic during ndotxtimeout callback The Xeon validation group has conducted some load tests with various hardware configurations. During these tests, some transmit queue timeouts occurred. This caused the reset...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: Tracing: Ensure that traceprintk can be used as soon as it is available. Currently, traceprintk can be used as soon as earlyTraceinit is called from startkernel. However, if a crash occurs, and “ftracedumponoops” is set on the...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: llc: Call to sockorphan at the release time. syzbot reported an interesting trace 1 caused by a stale sk-skwq pointer in a closed llc socket. In the commit ff7b11aa481f “net: socket: set sock-sk to NULL after calling...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Perf trace: Actually freeing the evsel-priv area In 3cb4d5e00e037c70 “Perf trace: Freeing syscall tp fields in evsel-priv”, the freeing of the area was only performed if strcmpevsel-tpformat-system, “syscalls” returned zero...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: cifs: fixed an oops during encryption When running xfstests against Azure, the following oops occurred on an arm64 system: Unable to handle kernel writes to read-only memory at virtual address ffff0001221cf000 Mem abort info:...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Validates the session ID and tree ID in the compound request. This patch validates the session ID and tree ID within the compound request. If the first operation in the compound is a SMB2 ECHO request, ksmbd bypasses the...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: “interconnect”: fixed a memory leak when freeing nodes. The node link array is allocated when adding links to a node, but it is not deallocated when nodes are destroyed...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: tpm: Limit the number of PCR banks The function tpm2getpcrallocation does not impose any upper limit on the number of banks. The limit is set to eight banks, so values that exceed this limit from external I/O cause only limite...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: nfsd: Fixed a memory leak in the error handling path. If the memdupuser call fails, the memory allocated in a previous call a few lines above should be freed. Otherwise, a memory leak occurs...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fixed an integer overflow in radeoncsparserinit The type of size is unsigned. If size is 0x40000000, there will be an integer overflow. After size = sizeofuint32t, size will become zero, which may lead to referencing...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: misc: vmwballoon: A memory leak has been fixed by using debugfslookup. When calling debugfslookup, the result must be processed with dput, otherwise a memory leak will occur over time. To simplify things, simply call...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Fixed a null-ptr-deref issue in inode-iop in ntfslookup. Syzbot reported a null-ptr-deref bug: ntfs3: loop0: The sector size of NTFS is 1024, while the media sector size is 512. ntfs3: loop0: Marking the volume as...