Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed the xid leak in cifscreate If the cifs function has already been shut down, we should release the xid before returning it; otherwise, the xid will be leaked...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: i2c: designware: Fix handling of real but unexpected device interrupts The commit c7b79a752871 “mfd: intel-lpss: Add Intel Alder Lake PCH-S PCI IDs” caused a regression on certain Gigabyte motherboards for Intel Alder Lake-S...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: led: qcom-lpg: Fixed sleeping in atomic operations The lpgh brightnessset function can enter a sleeping state, while the led’s brightnessset callback must be non-blocking. The LPG driver should use brightnesssetblocking instea...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fixed a memory leak in the setmempolicyhomenode system call. When encountering any virtual memory area vma with a policy other than MPOLBIND or MPOLPREFERREDMANY, an error is returned without issuing a mpolput...

Astra Linux - уязвимость в linux-5.10

There is a flaw in the Linux kernel’s handling of new TCP connections. The issue arises due to the lack of memory release after the effective lifetime of these connections. This vulnerability allows an unauthenticated attacker to create a denial-of-service condition on the system...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate command request size In commit 2b9b8f3b68ed “ksmbd: validate command payload size”, except for the SMB2OPLOCKBREAKHE command, the request size of other commands is not checked—this is not expected. This issue was...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: Stop leaking data upon a failure of krealloc. Currently, when dmaresvgetfences fails, it will leak the previously allocated array if the fence iteration was restarted and kreallocarray failed. The old array must...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k – Avoid NULL pointer access during management transmit cleanup. Currently, the “ar” reference is not added to “skbcb”. Although this reference is generally not used during transmit completion callbacks, when an...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: vxlan: Fixed memory leaks in the error path. The memory allocated by vxlanvnigroupinit is not freed during the error path, leading to memory leaks 1. This issue was fixed by calling vxlanvnigroupuninit in the error path. The...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fixed null-ptr-deref in r5lFlushStripeToRaid The r5lFlushStripeToRaid function will check whether the list ‘flushingios’ is empty. It will then submit ‘flushbio’. However, r5llogFlushEndio clears the list first, a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xsk: Check IFFUP earlier in the Tx path. The Xsk Tx operation can be triggered via either sendmsg or poll system calls. Both paths involve a call to the common function xskxmit, which contains two sanity checks. Here’s a...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ovl: A null pointer dereference occurred in ovlpermission. The sequence of functions involved is as follows: pathlookupat, linkpathwalk, inodepermission, ovlpermission, ovlipathrealinode, &realpath, path-dentry =...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: drivers: staging: rtl8723bs: Fixed locking issues in rtwjointimeouthandler. The commit number 041879b12ddb states: “drivers: staging: rtl8192bs: Fixed deadlock in rtwjoinbsseventprehandle. In addition, rtwjointimeouthandler wa...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: hi846: Fixed a memory leak in hi846initcontrols The hi846initcontrols function does not clean up the allocated ctrlhdlr resources in case of a failure, which leads to a memory leak. Added v4l2ctrlhandlerfree to properly fr...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: Fix for a kernel crash that occurred due to a null io-bio. We should return immediately if io-bio is null before performing any actions. Otherwise, a panic will occur. Bug: Kernel NULL pointer dereferencing, address:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: of/fdt: Perform SOC memory setup when earlyinitdtscanmemory fails. If memory is found, earlyinitdtscanmemory now returns 1. If no memory is found, it returns 0, allowing other memory setup mechanisms to proceed. Previously,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Data related to command failures should only be collected for known commands. DEVX can issue a general command that is not used by the mlx5 driver. If such a command fails, mlx5 attempts to collect the failure data...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: accel/qaic: Fixed the memory leak caused by slicing operations. The temporary buffer that stores slicing configuration data from the user is only freed in case of an error. This constitutes a memory leak. The buffer should be...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: LoongArch: mm: Added definitions for p?dleaf When I perform the LTP test, the LTP test case ksm06 caused a panic at breakksmpmdentry - pmdleaf Huge page table, but False - ptepresent panic The reason is that pmdleaf is not define...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: A memory leak has been fixed in mlx5efsttredirectanycreate. The memory pointed to by the fs-any pointer is not freed during the error-prone execution of mlx5efsttredirectanycreate, which can lead to a memory leak. This...