Astra Linux - уязвимость в linux, linux-5.10

There is a use-after-free in iouring in the Linux kernel. The signalfdpoll and binderpoll functions use a waitqueue whose lifetime is the current task. The waitqueue will send a POLLFREE notification to all waiters before it is freed. Unfortunately, the iouring poll does not handle POLFREE. This...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Resetting the register ID for BPFEND value tracking When a register undergoes a BPFEND byte swap operation, its scalar value is mutated in-place. If this register previously shared a scalar ID with another register e.g., aft...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: md: making rdevaddable usable for rcu mode. Our testcase triggered a panic: BUG: Kernel NULL pointer dereferencing, address: 00000000000000e0 … Oops: 0000 1 SMP NOPTI CPU: 2 UID: 0 PID: 85 Comm: kworker/2:1 Not tainted 6.16.0+ 94...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: A integer overflow has been fixed in aie2queryctxstatusarray. The unpublished smatch static checker reported a warning. In drivers/accel/amdxdna/aie2pci.c, line 904 of aie2queryctxstatusarray: warn: Potential...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: usb: cdnsp: Fixed a deadlock issue in cdnspthreadirqhandler. The patch fixes the following critical issue caused by deadlock, which was detected during testing of the NCM class: - smp: csd: A non-responsive CSD lock 1 was...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Check for null before removing sysfsattrs. If coretempaddcore encounters an error, pdata-coredataindx is already NULL and has been freed. Do not pass this value to sysfsremovegroup, as it will cause a crash in...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: firmwareloader: A use-after-free occurred during the unregister operation. In the following code within firmwareUploadunregister, the call to deviceunregister could cause the devrelease function to free the fwUploadPriv structure...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: Avoid corrupting the page-mapping in hugetlbmcopyatomicpte. In the MCOPYATOMICCONTINUE case with a non-shared VMA, the pages in the page cache are stored in the ptes. However, hugepageaddnewanonrmap is called for thes...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid resizing to a partial cluster size This patch prevents attempts to resize the filesystem to a cluster boundary that is not an integer multiple of the cluster size. Online resizing to a size that is not integral to the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: tee: added a overflow check in registershmhelper When special lengths are provided by the user space, registershmhelper may cause an integer overflow when calculating the number of pages covered by a given user space memory regio...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: remoteproc: k3-r5: Fixed the reference count leak in k3r5clusterofinit. In every iteration of the foreachavailablechildofnode loop, the reference count of the previous node is decremented. When exiting the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: HID: mcp2221: prevented a buffer overflow in mcpsmbuswrite Match Warning: drivers/hid/hid-mcp2221.c:388 mcpsmbuswrite error: memcpy ‘&mcp-txbuf5’ is too small 59 vs 255 drivers/hid/hid-mcp2221.c:388 mcpsmbuswrite error: memcpy...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: memstick/msblock: A memory leak has been fixed. The erasedblocksbitmap is never freed. Since it is allocated at the same time as usedblocksbitmap, it is likely that it should also be freed at the same time. Add the correspondi...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: mtd: maps: Fixed the refcount leak in apflashinit. offindmatchingnode returns a node pointer with a refcount incremented. We should use ofnodeput on it when there is no longer a need for it. Add the missing ofnodeput call to avoi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: kunit: Executor: Fixed a memory leak in cases where kunitfiltertests fails. It is possible that memory allocation for the “filtered” data may fail, but the copy of the suite may still succeed. In such cases, the “copy” data might...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec – Do not sleep when in softirq When the kunpeng920 encryption driver is used to deencrypt and decrypt packets during softirq, it is not allowed to use a mutex lock. The kernel will report the following error...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: virtio-gpu: A missing check was fixed to avoid NULL dereferencing. cacheent could potentially be set to NULL inside virtiogpucmdgetcapset, which would lead to a NULL dereferencing due to its recent use i.e., ptr =...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: spi: Fixed the simplification of devmspiregistercontroller. This change is reflected in commit 59ebbe40fb51 “spi: simplified devmspiregistercontroller“”. If devmaddaction fails in devmaddactionorreset, devmspiunregister will be...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: regulator: of: Fixed a refcount leak issue in ofgetregulationconstraints We should call ofnodeput for the reference returned by ofgetchildbyname, as this increased the refcount...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: selinux: Added a boundary check in putentry Just like nextentry, a boundary check is necessary to prevent memory access out of bounds...