551 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: net: fixed the issue with the netdevstartxmit trace event vs skbtransportoffset After the committed code, we must be more careful when using skbtransportoffset, as reminded by syzbot: WARNING: CPU: 0 PID: 10 at...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fixed the kernel panic by avoiding access to unallocated eeprom.data The MT7921 driver no longer uses eeprom.data, but the relevant code has not been completely removed since the commit 16d98b548365 “mt76: mt7921:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: dpaa2-eth: The virtual address is retrieved before calling dmaunmap. The TSO header was unmapped via DMA before the virtual address was retrieved, and then the buffer was freed using that address. This meant that we actually...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: net: Handling of integer overflows in kmallocreserve The committed change was as follows: c ptr = kmallocsize; if ptr size = ksizeptr; size = kmallocsizeroundupsize; ptr = kmallocsize; This caused various crashes, as reported ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: phy: at803x: fix NULL pointer dereference on AR9331 PHY The latest kernel will fail when dealing with the PHY interrupt configuration, as it now relies on allocated private resources. Therefore, running a probe to allocate...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: EFI: Do not map the entire mokvar table to determine its size. Currently, when validating the mokvar table, we re-map the entire table on each iteration of the loop, adding space as we discover new entries. If the table grows...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: powerpc/setmemory: Avoid spinlock recursion in changepageattr The commit 1f9ad21c3b38 “powerpc/mm: Implement setmemory routines” included a spinlock call in changepageattr in order to safely perform the three-step operations...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid failures during online resizing due to an overly large flexbgsize. When we perform online resizing on an ext4 filesystem with an excessively large flexbgsize, the following warning is triggered:...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: Platform/x86: dell-smbios-wmi: Fixed an oop in rmmod dellsmbios. The initdellsmbioswmi function only registers the dellsmbioswmidriver on systems where the Dell WMI interface is supported. While the exitdellsmbioswmi function...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: sched/scs: The task stack state is reset in bringupcpu. When a CPU is hot-plugged, the idle task on that CPU calls several layers of C code before finally leaving the kernel. When KASAN is in use, “poisoned” shadow is retained fo...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: 6lowpan: resetting the link-local header in the IPv6 receive path The Bluetooth 6lowpan.c netdev module has the headerops function; therefore, it must set the link-local header for the RX skb packet. Otherwise, thin...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: PCI: Fixed issue where valid root bus resources were dropped when end = zero. On r8a7791/koelsch: - kmemleak: 1 new suspected memory leak see /sys/kernel/debug/kmemleak. - cat /sys/kernel/debug/kmemleak - unreferenced object...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: KVM: Fixed a data race on lastboostedvcpu in kvmvcpuonspin. Used READ,WRITEONCE to access kvm-lastboostedvcpu to ensure that reads and writes are atomic. In the extremely unlikely scenario where the compiler introduces errors in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fixed node corruption in the “ar-arvifs” list In the current WLAN recovery code flow, ath11kcorehalt only re initializes the “arvifs” list head. This causes the list node immediately following the list head to becom...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: “block, bfq”: fixed a potential UAF issue for “bfqq-bic” in “bicsetbfqq”. After the commit “64dc8c732f5c” “block, bfq: fix possible UAF for ‘bfqq-bic’”, “bic-bfqq” will be accessed in “bicsetbfqq”. However, in some contexts,...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fixed possible data races in gfs2showoptions Some fields such as gtlogdsecs of the struct gfs2tune are accessed without holding the lock gtspin in gfs2showoptions: val = sdp-sdtune.gtlogdsecs; if val != 30 seqprintfs,...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: “aoe”: The potential use-after-free issue has been fixed in multiple locations. Regarding the fix for CVE-2023-6270, f98364e92662 “aoe: The potential use-after-free issue has been fixed in aoecmdcfgpkts”, the tx function calls...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fixed the overloading of the meaning of MEMUNINIT Lonial reported an issue with the BPF verifier, where the checkmemsizereg function contains the following code: c if !tnumisconstreg-varoff / For unprivileged variable...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Support for specifying the srptserviceguid parameter. The current behavior is that setting this parameter while loading the ibsrpt kernel module triggers a kernel crash. BUG: Kernel NULL pointer dereferencing, address:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: return fail if interface is down in bnxtqueuememalloc The bnxtqueuememalloc function is called to allocate new queue memory when a queue is restarted. It internally accesses the rx buffer descriptor corresponding to th...