Astra Linux - уязвимость в linux, linux-5.10

The function emsusbstartxmit in the file drivers/net/can/usb/emsusb.c within the Linux kernel, up to version 5.17.1, contains a double-free...

Astra Linux - уязвимость в linux-5.10, linux

A flaw was discovered in the Linux kernel. A denial-of-service attack may occur if a consecutive request for NVMEIOCTLRESET and NVMEIOCTLSUBSYSRESET is made through the device file of the driver, resulting in a disconnection of the PCIe link...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: Netfilter: conntrack – re-fetching of conntrack entries after insertion. In cases where conflicts occur between conntrack entries, the insertion operation can free the skb-nfct field, and set skb-nfct to the already-confirmed...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nstree: tightened permission checks for listing. Even privileged services should not necessarily be able to access the namespaces of other privileged services, so that they cannot leak information to each other. Use the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: soc/tegra: pmc: Fixed the unsafe generichandleirq call. Currently, when resuming from system suspension on Tegra platforms, the following warning is observed: WARNING: CPU: 0 PID: 14459 at kernel/irq/irqdesc.c:666 Call trace:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iio: chemical: sps30i2c: fix the buffer size in sps30i2creadmeas The value of sizeofnum is evaluated as sizeofsizet 8 bytes on 64-bit systems, instead of the intended be32 element size 4 bytes. Use sizeofmeas to correctly match t...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: i40e: Fixed NULL pointer dereferencing in i40edbgdumpdesc. When attempting to dump VFs using debugfs, a crash occurred due to NULL pointer dereferencing in i40edbgdumpdesc. A check was added to i40edbgdumpdesc to ensure that the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: schedext: Fixed the issue of starving the scxenable function under fair-class saturation. During scxenable, the READY - ENABLED task switching loop changes the calling thread’s schedclass from fair to ext. Since fair has a higher...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: atlantic: Fixed handling of fragment overflow in the RX path. The atlantic driver can receive packets with more than MAXSKBFRAGS 17 fragments when handling large multi-descriptor packets. This causes an out-of-bounds writ...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ALSA: hda: Fixed an error related to surround channel names in version 9.1. The getlineoutpfx function may trigger an error due to overflowing a static array with more than 8 channels. This issue was reported on MacBookPro 12....

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: A memory leak has been fixed in error handling paths. If the vmbusestablishgpadl function fails, the recv|sendgpadl functions will not be updated, and the hvuiocleanup function in the error handling path will not be...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: media: rkisp1: Fixed handling of IRQs due to shared interrupts. The driver requests interrupts using IRQFSHARED, so the interrupt handlers can be called at any time. If such a call occurs while the ISP is powered down, the SoC wi...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: The issue of the refcount leak in the PCI device during amdgpuatrmgetbios has been fixed. According to the comments on pcigetclass, it returns a pcidevice with its refcount being incremented. Additionally, the refcoun...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Converted spinlock to mutex to lock the evlworkqueue. drainworkqueue cannot be called safely in a spinlocked context due to possible task rescheduling. In the multi-task scenario, calling queuework while...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iouring: A memory leak was fixed when removing provided buffers. When removing provided buffers, the iobuffer structures were not being disposed of properly, resulting in a memory leak. These structures cannot be freed...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: hfs: Replace BUGON with error handling for CNID count checks. In the fields nextid, foldercount, and filecount in the super block, the values were expanded to 64 bits, and mechanisms like BUGON were added to detect overflow...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: The admin tagset is released if the initialization fails. The nvmefabrics function creates a NVMe/FC controller in the following path: nvmfdevwrite → nvmfcreatectrl → nvmefccreatectrl → nvmefcinitctrl The nvmefcinitctrl...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Team: Fix for checking whether the port is enabled in teamqueueoverrideportpriochanged. A syzkaller bug was recently reported with the following trace: listdel corruption; ffff888058bea080-prev is LISTPOISON2 dead000000000122...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: fixed the use-of-free issue in probe deferment. The driver is no longer retaining references to larb devices during probe operations after a successful lookup, as well as in case of errors. This could potentially...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: exfat: Fixed a reference count leak in exfatfind. Fixed reference count leaks related to exfatgetdentryset in exfatfind. The function exfatgetdentryset would increment the reference counter of es-bh on success. Therefore,...