Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fixed reference state management for synchronous callbacks Currently, the verifier verifies callback functions both synchronous and asynchronous as if they would be executed only once. The next instruction to be explored ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: pinctrl: freescale: Fixed a memory out-of-bounds issue when numconfigs is 1. The configuration passed in by padwakeup is set to 1 when numconfigs is 1. In this case, Configuration 1 should not be retrieved, which will be detected...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: schedext: The crash that occurred during the creation of helper kthreads due to scxenable has been fixed. A crash was observed when the schedext selftest runner was terminated with Ctrl+\ while test 15 was running: NIP...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: wifi: ipw2200: fixed a memory leak in ipwwdevinit. In the error handling path of ipwwdevinit, an exception value is returned, and the memory allocated for this function is not released. Additionally, the memory is not released in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm, swap: Fixed a potential UAF issue related to VMA readahead. Since commit 78524b05f1a3 “mm, swap: avoiding redundant swap device pinning”, the common helper function for allocating and preparing a swap entry in the swap cache...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Zeroing allocated objects from slabs in the BPF memory allocator Currently, the freed elements in the BPF memory allocator may be reused immediately. For the htab map, reusing these elements will reinitialize special fields ...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/irdma: The Cap MSIX used to online CPUs + 1 The irdma driver can use a maximum number of msix vectors equal to numonlinecpus + 1. If this number is exceeded, the kernel will issue a warning when the driver attempts to...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: x86/platform/uv: Handling deconfigured sockets When a socket is deconfigured, it is mapped to SOCKEMPTY 0xffff. This causes a panic during the allocation of UV hub info structures. This issue can be fixed by using NUMANONODE,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Issue: Skipping the reallocation of the Unicode buffer when resizing the alternate screen after exiting the alt screen mode. When the enteraltscreen function saves vcunilines into vcsavedunilines and sets vcunilines to NULL, a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: i3c: mipi-i3c-hci: Correct handling of RINGCTRLABORT in DMA dequeue. The logic used to abort the DMA ring contains several flaws: 1. The driver unconditionally aborts the ring even when the ring has already stopped. 2. The...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/damon/stat: The failure to deallocate the damoncall function leads to the leakage of the damonctx object. The damonstatstart function always allocates the damonctx object of the module i.e., damonstatcontext. Meanwhile, if the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: spacemit: Fix error handling in emactxmemmap The DMA mappings were exposed due to mapping errors. These mappings can now be freed using the existing emacfreetxbuf function...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Ring-buffer: Fixed the possibility of dereferencing an uninitialized pointer. There is a pointer called headpage in the function rbmetavalidateevents. This pointer is not initialized at the beginning of the function. This pointer...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: dsa: microchip: Fixed the error path in the PTP IRQ setup process. If the requestthreadedirq function fails during the PTP message IRQ setup, the newly created IRQ mappings are never disposed of. In fact, the error path i...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: i2c: designware: amdisp: Fixed the race condition involving the resume-probe function. The race condition was identified in kernel version 7.0, with the commit code 38fa29b01a6a „i2c: designware: Combine the init functions“...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcisync: fixed a stack buffer overflow in hcilebigcreatesync. The hcilebigcreatesync function uses DEFINEFLEX to allocate a struct hcicplebigcreatesync on the stack, with 0x11 17 slots available. However, conn-numbi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fixed a potential NULL pointer dereferencing in ionicqueryport. The function ionicqueryport calls ibdevicegetnetdev without checking the return value, which could lead to NULL pointer dereferencing. This issue has bee...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xsk: Validate the MTU against the usable frame size when binding. The AFXDP binding currently accepts zero-copy pool configurations without verifying that the device’s MTU fits within the usable frame space provided by the UMEM...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: dm mpath: Added the missing dmputdevice call when failing to obtain the scsi dh name. When commit fd81bc5cca8f “scsi: devicehandler: Returning an error pointer in scsidhattachedhandlername”, code was added to fail the parsing of...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nsfs: Permission checks for ns iteration ioctls have been tightened. Even privileged services should not necessarily be able to access the namespaces of other privileged services, so that they cannot leak information to each othe...