Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: sched/deadline: Only the freecpus field is set for online runqueues. Commit 16b269436b72 “sched/deadline: Modified cpudl::freecpus to reflect rd-online“” introduced the cpudlset/clearfreecpu functions, allowing the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: added a bounds check for ifid in the IRQ handler. The IRQ handler extracts ifid from the upper 16 bits of the hardware status register and uses it to index into ethsw-ports, without any validation. Since ifid can be...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: octeonep: Fixed a memory leak in octepdevicesetup. In octepdevicesetup, if octepctrlnetinit fails, the function returns directly without unmapping the mapped resources and freeing the allocated configuration memory. This issue wa...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: The spinlock is used as a lock for protecting the context list. Previously, a mutex was added to protect the encoder and decoder context lists from unexpected changes originating from the SCP IP block. Th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: smb/server: The function ksmbdsessionrpcclose is called on the error path in the createsmb2pipe function. When the ksmbdiovpinrsp function fails, we should call ksmbdsessionrpcclose...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fixed a use-after-free in inet6addrdel. syzbot reported a use-after-free of inet6ifaddr in inet6addrdel. 0 The referenced commit accidentally moved ipv6deladdr for mngtmpaddr before reading its ifp-flags for temporary...

Astra Linux – Vulnerability in Linux

In intelpmudrainpebsnhm in arch/x86/events/intel/ds.c of the Linux kernel, up to version 5.11.8 on some Haswell CPUs, user-space applications such as perf-fuzzer can cause a system crash due to improper handling of the PEBS status in a PEBS record, also known as CID-d88d05a9e0b6...

Astra Linux - уязвимость в linux

A NULL pointer dereference flaw was discovered in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem, regarding the way the user terminates the LR-WPAN connection. This flaw allows a local user to crash the system. The greatest threat posed by this vulnerability is to system...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Fixed a use-after-free in the migration restore process. When an error is returned from xesriovpfmigrationrestoreproduce, the data pointer is not set to NULL, which can lead to a use-after-free in subsequent .write...

Astra Linux - уязвимость в linux-5.10

A use-after-free vulnerability was discovered in the nfs42sscopen function in the fs/nfs/nfs4file.c file within the Linux kernel. This flaw allows an attacker to perform remote denial-of-service attacks...

Astra Linux - уязвимость в linux-5.10, linux

A vulnerability classified as critical was discovered in the Linux kernel. The vulnerability affects the function l2capreassemblesdu in the file net/bluetooth/l2capcore.c of the Bluetooth component. This vulnerability stems from improper memory management, leading to an attempt to reuse freed...

Astra Linux - уязвимость в linux, linux-5.10

A vulnerability, classified as critical, has been discovered in the Linux kernel. The affected component is the deltimer function in the file drivers/isdn/mISDN/l1oipcore.c of the Bluetooth module. This vulnerability allows for manipulation leading to memory deallocation after it has been freed. ...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: net: usb: fixed a memory leak in smsc75xxbind Syzbot reported a memory leak in smsc75xxBind. The issue occurred when non-freeed memory remained after memory allocation due to errors. Backtrace: kmalloc include/linux/slab.h:556...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

A use-after-free flaw was discovered in btsdioremove in the drivers\bluetooth\btsdio.c file within the Linux kernel. In this flaw, calling btsdioremove with an unfinished job may lead to a race condition, resulting in a User Account Fault UAF on HDev devices...

Astra Linux - уязвимость в linux-5.10, linux

A use-after-free flaw was discovered in vhostnetsetbackend in drivers/vhost/net.c within the virtio network subcomponent of the Linux kernel, due to a double fget operation. This flaw could allow a local attacker to cause the system to crash, and could even lead to a kernel information leak issue...

Astra Linux - уязвимость в linux-5.10, linux

A use-after-free flaw was discovered in vmxnet3rqallocrxbuf in drivers/net/vmxnet3/vmxnet3drv.c within VMware’s vmxnet3 Ethernet NIC driver in the Linux kernel. This issue could allow a local attacker to cause the system to crash due to a double-free operation while cleaning up vmxnet3rqcleanupal...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: hwmon: In coretemp, a leak of the reference count for PCI devices was addressed in nv1aramnew. According to the comments on pcigetdomainbusandslot, it returns a PCI device whose reference count is incremented after use. The calle...

Astra Linux - уязвимость в linux-5.10, linux

A vulnerability has been discovered in the Linux kernel. It has been identified as a problem. This vulnerability affects the function vsockconnect in the file net/vmwvsock/afvsock.c. Manipulation of this function leads to a memory leak. The complexity of an attack is quite high. Exploitation of...

Astra Linux - уязвимость в linux-5.15

A use-after-free flaw was discovered in the smb2isstatusiotimeout function in CIFS within the Linux kernel. After CIFS transfers response data via a system call, there are still local variables pointing to the memory region. If the system call frees those pointers faster than CIFS uses them, CIFS...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: Soundwire: Stream – Fixing a memory leak in the stream configuration error path When the stream configuration fails, the master runtime will release all slave runtimes from the slavertlist. However, at this point, the slave...