224231 matches found
Astra Linux - уязвимость в linux-5.15
A out-of-bounds memory read flaw was discovered in the parseleasestate function within the KSMBD implementation of the in-kernel Samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command along with a malformed payload to KSMBD, due to a lack of checks on the NameOffset...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/interrupt: Fixed the interrupt exit race issue with security mitigation switches. The RFI and STF security mitigation options allow the interruptexitnotreentrant static branch condition to be tested concurrently with...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ipack: ipoctal: fixed the stack information leak. The name of the tty driver is also used after registering the driver, and it must specifically not be allocated on the stack to avoid leaking information to the user space or...
Astra Linux - уязвимость в linux-5.15, linux-5.10
A use-after-free vulnerability in the Linux Kernel’s iouring subsystem can be exploited to achieve local privilege escalation. Canceling a iouring poll request with a linked timeout can lead to a Use After Free UAF in a hrtimer. We recommend upgrading to the version after the previous commit...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: can: peakusb: fix use after free bugs After calling peakusbnetifrxniskb, dereferencing skb is unsafe. In particular, the canframe function, which aliases skb memory, is accessed after peakusbnetifrxni. Reordering the lines of cod...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: can: j1939: fix errant WARNONONCE in j1939SESSIONdeactivate The statement “j1939SESSIONdeactivate should be called with a session ref-count of at least 2” is incorrect. In some concurrent scenarios, j1939SESSIONdeactivate can be...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Avoid potential “vm use-after-free” situations. By adding the virtual machine to the vmxa table, it becomes visible to user space. This could potentially cause user space to attempt to close the virtual machine at the...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fixed the potential double-free of the bit17 bitmask. A userspace environment where multiple threads compete to set the tiling to I915TILINGNONE could lead to a double-free of the bit17 bitmask. Or, conversely, memory...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: can: isotp: split the transmission timer into two parts—transmission and timeout. The timer for the transmission of isotp PDUs previously had two functions: 1. sending two consecutive frames with a specified time interval. 2...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/i915: Fixed the reference counting during error capture and debugfs dump. When GuC support was added to error capture, the reference counting around the request object was broken. This issue has been fixed. The context-bas...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: block: ublk: extending queuesize to fix overflow issues When validating the Draft SPDK ublk target, in cases where a large queue depth was assigned to the multiqueue ublk device, the ublk target would enter an incorrect state...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix buffer overflow in sja1105setupdevlinkregions If an error occurs in dsadevlinkregioncreate, then the array ‘priv-regions’ will be accessed using a negative index -1. This issue was identified by the Linux...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix null pointer dereference The Asus Chromebook CX550 crashes during boot with the v5.17-rc1 kernel. The root cause is a null pointer dereference in the tglgetbwinfo function in drivers/gpu/drm/i915/display/intelbw.c...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Always report an error in runonedelayedref. Currently, we have a btrfsdebug function for handling failures in runonedelayedref. However, if end users encounter such problems, there will be no chance that btrfsDebug is...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: w1: fixed the warning that appeared after calling w1process. I received the following warning message while removing the driver ds2482: ------------ cut here ------------ Do not call blocking operations when the !TASKRUNNING;...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: mm/hugetlb: fixed the handling of PTE markers in hugetlbchangeprotection The patch series “mm/hugetlb: uffd-wp fixes for hugetlbchangeprotection”. While working with virtio-mem and background snapshots using uffd-wp on hugetlb...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Debug: Fixed a potential buffer overflow caused by snprintf. snprintf returns the size of the string that would be filled if it exceeds the given buffer size. Therefore, using this value may lead to a buffer overflow...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: Fix error handling code in ufxusbprobe The current error handling code in ufxusbprobe contains many issues that are not consistent. For example, ufxfreeusblist is missing, and the destroymodedb label should only...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: netlink: prevents potential Spectre v1 exploits Most netlink attributes are parsed and validated via nlavalidateparse or validatenla. c u16 type = nlatypenla; if type == 0 || type maxtype / Report an error or proceed with...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: net/sched: schtaprio: fixed possible use-after-free issue. syzbot reported a serious crash 1 in nettxaction, which made no sense until we received a reproduction example. This reproduction example reinstalls the taprio qdisc,...