Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: The inode is marked as “bad” as soon as an error is detected using the mienumattr function. The interface of the miEnumAttr function was extended by adding an additional parameter, struct ntfsinode ni. This allows the...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb:typec:tipd: The WARNON message in tps6598xblockread has been removed. Calling tps6598xblockread with a parameter length greater than allowed can be handled by simply returning an error. There is no need to cause system crashe...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: The issue of the refcount leak in the PCI device was fixed in radeonatrmgetbios. According to the comments on pcigetclass, it returns a pcidevice with its refcount being incremented, and the refcount of the input...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: rt2x00 – Memory leak fixed when handling survey data When removing a rt2x00 device, the associated channel surveys are not freed, resulting in a memory leak that can be observed using kmemleak. The affected object is:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: added a missing boundary check in vmaccess A missing bounds check in vmaccess can lead to an out-of-bounds read or write in the adjacent memory area. This occurs because the len attribute is not validated before the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: The call to fini during the creation of an execution queue fails. Every call to queue initialization should include a corresponding fini call. Skipping this would mean failing to remove the queue from the GuC list...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: APEI/GHES: ARM processor Error: Do not go beyond the allocated memory If the BIOS generates a very small ARM Processor Error, or an incomplete one, the current logic will fail to deferrence err-sectionlength and ctxinfo-size...

Astra Linux - уязвимость в linux-5.15

A out-of-bounds memory read flaw was discovered in the parseleasestate function within the KSMBD implementation of the in-kernel Samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command along with a malformed payload to KSMBD, due to a lack of checks on the NameOffset...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Fixed a deadlock in the soft reset sequence. The soft reset sequence is currently executed from the threaded IRQ handler. Therefore, it cannot call disableirq because it internally waits for the IRQ handlers—i.e....

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Media: MediTech: vcodec – Added a lock to protect the decoder context list. Added a lock for the ctxlist to prevent accessing a NULL pointer within the ‘vpudecipihandler’ function when the ctxlist is deleted due to an unexpect...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/sched: Only allow actct to bind to clsact/ingress qdiscs and shared blocks. As Paolo mentioned earlier 1: “Since the problematic commit below, classify can return TCACTCONSUMED while holding a skb that is currently being...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ipv6: A bug in rt6getpcpuroute under PREEMPTRT has been fixed. On PREEMPTRT kernels, after rt6getpcpuroute returns NULL, the current task can be preempted. Another task running on the same CPU may then execute rt6makepcpuroute an...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: ath10k: Added cleanup of the peer map when deleting a peer in ath10kstastate. When peer deletion fails due to a disconnection operation, a use-after-free occurs. This issue was detected by KFENCE in the log. This happens...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ubifs: Fixed a memory leak when insertoldidx failed. The following process may cause a memory leak for the copied znode: dirtycowznode zn = copyznodec, znode; err = insertoldidxc, zbr-lnum, zbr-offs; if unlikelyerr return...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k: hifusb: A memory leak in urbs has been fixed in ath9khifusbdealloctxurbs. Syzkaller reported a well-known leak of urbs in ath9khifusbdealloctxurbs. The cause of the leak is that usbgeturb is called, but usbfreeurb or...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

A denial-of-service vulnerability due to a deadlock was discovered in sctpautoasconfinit in net/sctp/socket.c within the SCTP subsystem of the Linux kernel. This flaw allows users with local user privileges to trigger a deadlock and potentially cause the system to crash...

Astra Linux - уязвимость в linux-5.10, linux

A issue was discovered in the Linux kernel through version 5.16-rc6. The function netvscgetethtoolstats in the drivers/net/hyperv/netvscdrv.c file lacks a check on the return value of kvmallocarray, which can lead to a null pointer derefrence...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: mt76: mt7996: Added a NULL check in mt7996thermalinit. devmkasprintf may return a NULL pointer if it fails, but this returned value in mt7996thermalinit is not checked. Add a NULL check in mt7996thermalinit to handle the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: Do not set SBRDONLY after filesystem errors When the filesystem is mounted with errors=remount-ro, we previously set the SBRDONLY flag to prevent any further modifications to the filesystem. We knew that this approach misse...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...