224244 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: mptcp: The logic for removing addresses in mptcppmnlrmaddr has been fixed. The inverted WARNONONCE condition that prevented normal address removal updates has also been fixed. The current code only executes the decrement logic...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Do not leak netobj memory when gssreadproxyverf fails...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: iaa – Fixed an out-of-bounds index issue in findemptyiaacompressionmode. The local variable ‘i’ is initialized with -EINVAL, but the for loop immediately overwrites it, and -EINVAL is never returned. If no empty compressi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: libwx: fixed a memory leak in wxsetuprxresources When wxallocpagepool fails in wxsetuprxresources, it does not release the DMA buffer. Adding dmafreecoherent in the error handling path is necessary to release the DMA buffer...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: crypto: akcipher – default implementation for setting a private key Changes from v1: - The default implementation of setpubkey was removed. It is assumed that an implementation must always have this callback defined, as there are...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: h616: Reparenting the GPU clock during frequency changes The H616 manual does not indicate that the GPU PLL supports dynamic frequency configuration. Therefore, we must be extra careful when changing the frequency...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Added the missing hwops-getringselector function for IPQ5018. During the sending of data after clients are connected, the hwops-getringselector function will be called. However, for IPQ5018, this member is not set,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Disabled the unnecessary interrupt to avoid kernel panic. There is a hardware bug where the interrupt STMBUFHALF may be triggered after or when the interrupt is disabled. This can lead to unexpected kernel panics...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Added a overflow check for attribute size. The offset addition could cause an overflow, potentially passing the used size check when parsing MFT attributes with very large sizes e.g., 0xffffff7f. This could lead to...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: - Do not allow gsosize to be set to GSOBYFRAGS. - A missing check in virtionethdrtoskb allowed syzbot to crash kernels again. Do not allow gsosize to be set to GSOBYFRAGS 0xffff, because this magic value is used by the kernel...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: In the net/sched module, there is an issue with taprio: Limiting TCATAPRIOATTRSCHEDCYCLETIME to INTMAX. syzkaller encountered a division error 0 in the divs64rem function, which is called from getcycletimeelapsed. In this functio...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: configfs: Fixed a possible memory leak in configfscreatedir. kmemleak: Reported memory leaks in configfscreatedir. - Unreferenced object 0xffff888009f6af00 size 192: Command “modprobe”, PID 3777, jiffies 4295537735 time 233.78...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: smb: client: fixed a use-after-free in smb2queryinfocompound The following UAF was triggered when running fstests generic/072 with KASAN enabled against Windows Server 2022 and mount options “multichannel, maxChannels=2,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: s390/fpu: Fixed a false-positive KMSAN report in fpuvstl A false-positive KMSAN report was detected when running the ping command. The inline assembly instruction “vstl” can write varying amounts of bytes, depending on the val...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: erofs: limited the level of fs stacking for file-backed mounts. Otherwise, it could cause potential kernel stack overflows e.g., when mounting EROFS itself...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: x86/xen: Fixed a memory leak in xeninitlockcpu. In xeninitlockcpu, the @name function allocates a new string using kasprintf. If the bindipitoirqhandler function fails, that allocated string should be freed; otherwise, it may lea...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: hfs: Fix for potential use after free in hfs-correctnextunusedCNID. This code calls hfsbnodeputnode, which decreases the reference count, and then references “node” on the next line. It’s only safe to use “node” when we hold a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: wifi: rtw88: use a work to update the rate to avoid RCU warnings. The ieee80211ops::starcupdate function must be atomic, because ieee80211chanbwchange holds a rcuread lock while calling drvstarcupdate. Therefore, a work must b...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Tracing: The memory leak in iter-temp occurred during the reading of tracepipe. kmemleak reports: Unreferenced object: 0xffff88814d14e200 size 256 Details: - Process: “cat”, PID: 336; Jiffies: 4294871818 age: 779.490 seconds - He...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: srcu: Delegating tasks to the booting CPU when using SRCUSIZESMALL. The commit 994f706872e6 “srcu: Making the Tree SRCU capable of operating without the snpnode array” assumes that CPU 0 is always online. However, there are...