90 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Make cpumaskofnode robust against NUMANONODE. The arch definition of cpumaskofnode cannot handle NUMANONODE—which is a valid index—so a check must be added for this case...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fixed a potential buffer overflow caused by snprintf. snprintf returns the potentially filled size when the string exceeds the given buffer size. Therefore, using this value may lead to a buffer overflow althoug...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: bpf: Do not report a verification bug for missing bpfsccvisit calls on speculative execution paths. Syzbot generated a program that triggers a verifierbug call in maybeexitscc. maybeexitscc assumes that, when called for a state...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: avoiding soft lockup when using mprotect on a large memory area When calling mprotect on a large hugetlb memory area in our customer’s workload 300GB of hugetlb memory, soft lockup was observed: watchdog: BUG: soft...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: lan743x: fixed a potential out-of-bounds write in lan743xptpioeventclockget. Before calling lan743xptpioeventclockget, the ‘channel’ value is checked against the maximum value of PCI11X1XPTPIOMAXCHANNELS8. This seems correct...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: mlxbfgige: Stopping the interface during shutdown The mlxbfgige driver intermittently encounters a NULL pointer exception when the system is shutting down via the “reboot” command. The mlxbfdriver will experience an exception...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ice: Do not double-unplug the aux device during a peer-initiated reset. In the IDC callback that is called when the aux drivers request a reset, the function to unplug the aux devices is executed. This function is also called in...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/tegra: nvdec: Fix the dmaalloccoherent error check A check has been added to prevent a NULL return value from occurring when using dmaalloccoherent. This change follows Robin’s fix for the vic.c file in drm/tegra: vic: Fix DM...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: spi: stm32-ospi: Fixed a resource leak in the remove callback. The remove callback returned early if pmruntimeresumeandget failed, skipping the cleanup of the SPI controller and other resources. This issue has been addressed by...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: erofs: fixed the UAF issue for file-backed mounts with the directio option 9.269940 T3222 Call trace: 9.269948 T3222 ext4filereadIter+0xac/0x108 9.269979 T3222 vfsiocbiterread+0xac/0x198 9.269993 T3222...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: prefer nftchainvalidate nftchainvalidate already performs loop detection, as a cycle would result in a call stack overflow ctx-level = NFTJUMPSTACKSIZE. It also follows maps via -validate callback in...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: “Revert ‘usb: typec: ucsi: add a common function ucsiunregisterconnectors’” The recent commit 87d0e2f41b8c “usb: typec: ucsi: add a common function ucsiunregisterconnectors” introduced a regression that caused NULL dereferencing...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: i2c: validation of user data in compact ioctl. Incorrect user data may cause a warning in i2ctransfer. For example, it may result in zero messages being sent. The userspace environment should not be able to trigger such warnings...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iwlwifi: mvm: Fixed a possible NULL dereference. In iwlmvmremovetimeevent, a check was added to ensure that ‘tedata-vif’ is NULL before dereferencing it...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Block devices with logical block size page size will be rejected when THP is disabled. If THP is disabled and there are block devices with logical block size page size, the following nullptrderef panic occurs during boot: 13.2 mK...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: ipc: Fix for use-after-free in ipcmsgsendrequest The ipcmsgsendrequest function waits for a generic netlink reply using an ipcmsgtableentry on the stack. The generic netlink handler handlegenericevent/handleresponse fil...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: smb: Client: Fixed an error in parsing OOB read responses for symlinks. When a CREATE command results in a STATUSSTOPPEDONSYMLINK status code, the smb2checkmessage function returns a success status without performing any lengt...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: HID: steam: Prevent NULL pointer dereferencing in steamrecv,sendreport It is possible for a malicious device to fail to submit a Feature Report. The HID Steam driver currently does not handle this situation and dereferences the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: nvmet: fixed an out-of-bounds access in nvmetenableport. When attempting to enable a port for which no transport is currently configured, nvmetenableport uses NVMFTRTYPEMAX 255 to query the transports array, resulting in an...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: netlink: Do not hard code the device address length in fdb dumps. syzbot reports that some netdev devices do not have a six-byte address. Replace ETHALEN with dev-addrlen. 1 This applies to devices where dev-addrlen = 4. BUG:...