Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iommufd: Set end correctly when doing batch carry Even though the test suite covers this it somehow became obscured that this wasn't working. The test iommufdioas.mockdomain.accessdomaindestory would blow up rarely. end should be...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: AppArmor: A memory leak has been fixed in allocns. After changes in commit a1bd627b46d1 “AppArmor: sharing the profile name during replacement”, the hname member of the struct aapolicy is not a valid slab object; however, it is a...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: mptcp: Do not queue data on closed subflows. Dipanjan reported a critical bug fix at the right time: WARNING: CPU: 1 PID: 10818 at net/ipv4/afinet.c:153 inetsockdestruct+0x6d0/0x8e0 net/ipv4/afinet.c:153 Linked modules:...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: keys: Fixed the issue of linking a duplicate key to a keyring’s assocarray. When making a DNS query within the kernel using dnsquery, the request code can, in rare cases, create a duplicate index key in the assocarray of the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: coresight: tmc: added the handle of the event to the path. The handle is essential for retrieving the AUXEVENT of each CPU and is required in perf mode. It has been added to the coresightpath so that dependent devices can access ...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Avoid device tree lookups in rtasosterm. rtasosterm is called during panic. Its behavior depends on several conditions in the /rtas node of the device tree; traversing these nodes involves locking and changes to loc...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Zoned: Skipping splitting and logical rewriting during pre-alloc write operations. During relocation, there is a possibility that at the time of btrfsrelocclonecsums, there may be no checksum for the corresponding regio...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: cifs: fixed a potential race condition when creating a tree that connects to IPC. Protected access to TCPServerInfo::hostname when naming the IPC tree; this is because the name might be freed by the cifsd thread, potentially...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: ath10k: Added cleanup of the peer map when deleting a peer in ath10kstastate. When peer deletion fails due to a disconnection operation, a use-after-free occurs. This issue was detected by KFENCE in the log. This happens...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: macsec: Fixed the UAF bug related to realdev. A new macsec device was created, but there was no reference to realdev. This does not ensure that realdev is freed after the macsec device is removed. This will trigger the UAF bug...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: SMB3: Added missing locks to protect the deferred close file list. The cifsdeldeferredclose function has a critical section that modifies the deferred close file list. We must acquire the deferredlock before calling the...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Staging: r8712: Fixed a memory leak in r8712initxmitpriv. In the aforementioned routine, memory is allocated in several places. If the first attempt succeeds but a later attempt fails, the routine will cause a memory leak. This...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Driver: soc: xilinx – Use a safe loop iterator to avoid a use after free. The hashforeachpossible loop dereferences evedata to obtain the next item in the list. However, the loop frees evedata, leading to a use after free. Instea...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: pinctrl: rockchip: Fixed the refcount leak in rockchippinctrlparsegroups. The function offindnodebyphandle returns a node pointer with the refcount incremented. We should use ofnodeput on it when it is no longer necessary. Add th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm, swap: restore swapspace attribute to avoid kernel panic The commit 8b47299a411a “mm, swap: mark swap address space as read-only and add context debug check” made the swap address space read-only. This could lead to kernel pan...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed a deadlock issue when converting an inline directory in nojournal mode In nojournal mode, ext4finishconvertinlinedir can cause a self-deadlock by calling ext4handledirtydirblock after having already taken the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Net: Ethernet: mtkethsoc: fixed a possible memory leak in mtkprobe. If mtkwedaddHW has been called, mtkwedexit must also be called in the error path, or the module must be removed to free up the memory allocated in mtkwedaddHW...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Do not free decrypted memory. In CoCo VMs, it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail, resulting in an error and the memory being retained. Callers must take care to...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: clk: imx93 – fixed a memory leak and an issue where the “unwind goto” operation was missing in imx93clocksprobe. In the function probe, it directly returns without unregistered hws when an error occurs. This issue was fixed by...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mptcp: The logic for removing addresses in mptcppmnlrmaddr has been fixed. The inverted WARNONONCE condition that prevented normal address removal updates has also been fixed. The current code only executes the decrement logic...