224265 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ipv6: A bug in rt6getpcpuroute under PREEMPTRT has been fixed. On PREEMPTRT kernels, after rt6getpcpuroute returns NULL, the current task can be preempted. Another task running on the same CPU may then execute rt6makepcpuroute an...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: ath10k: Added cleanup of the peer map when deleting a peer in ath10kstastate. When peer deletion fails due to a disconnection operation, a use-after-free occurs. This issue was detected by KFENCE in the log. This happens...
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ubifs: Fixed a memory leak when insertoldidx failed. The following process may cause a memory leak for the copied znode: dirtycowznode zn = copyznodec, znode; err = insertoldidxc, zbr-lnum, zbr-offs; if unlikelyerr return...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k: hifusb: A memory leak in urbs has been fixed in ath9khifusbdealloctxurbs. Syzkaller reported a well-known leak of urbs in ath9khifusbdealloctxurbs. The cause of the leak is that usbgeturb is called, but usbfreeurb or...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
A denial-of-service vulnerability due to a deadlock was discovered in sctpautoasconfinit in net/sctp/socket.c within the SCTP subsystem of the Linux kernel. This flaw allows users with local user privileges to trigger a deadlock and potentially cause the system to crash...
Astra Linux - уязвимость в linux-5.10, linux
A issue was discovered in the Linux kernel through version 5.16-rc6. The function netvscgetethtoolstats in the drivers/net/hyperv/netvscdrv.c file lacks a check on the return value of kvmallocarray, which can lead to a null pointer derefrence...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: mt76: mt7996: Added a NULL check in mt7996thermalinit. devmkasprintf may return a NULL pointer if it fails, but this returned value in mt7996thermalinit is not checked. Add a NULL check in mt7996thermalinit to handle the...
Astra Linux - уязвимость в linux-5.15
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ext4: Do not set SBRDONLY after filesystem errors When the filesystem is mounted with errors=remount-ro, we previously set the SBRDONLY flag to prevent any further modifications to the filesystem. We knew that this approach misse...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: netsched: Keep allochash updated after hash allocation. In commit 599be01ee567 “netsched: fix an OOB access in clstcindex”, I moved the cp-hash calculation before the first tcindexallocperfecthash call. However, cp-allochash...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiqgswip: The operation gswipremove should perform the ofnodeputpriv-ds-slavemiibus-dev.ofnode before calling mdiobusfreepriv-ds-slavemiibus...
Astra Linux - уязвимость в linux
A vulnerability was discovered in the Linux kernel, where a reference count leak occurs in the llcpsockbind function, leading to a use-after-free condition. This could result in privilege escalation...
Astra Linux - уязвимость в linux
Shiftfs is a tree-based stacking file system included in Ubuntu Linux kernels. It did not handle faults that occurred during the copyfromuser function properly. This could lead to situations where resources were freed twice, or where no memory was actually freed at all. An attacker could exploit...
Astra Linux - уязвимость в linux
An out-of-bounds memory access flaw was discovered in the fs/f2fs/node.c file within the f2fs module of the Linux kernel, in versions prior to 5.12.0-rc4. A failure in the bounds check allows a local attacker to gain access to out-of-bounds memory, resulting in a system crash or the leakage of...
Astra Linux – Vulnerability in Linux
Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of the Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in orde...
Astra Linux - уязвимость в linux
A flaw involving double-free memory corruption in the Linux kernel’s HCI device initialization subsystem was discovered. This flaw allows a malicious HCI TTY Bluetooth device to be attached to the system. A local user could exploit this flaw to crash the system. This flaw affects all Linux kernel...
Astra Linux - уязвимость в linux
A out-of-bounds memory write flaw was discovered in the Linux kernel’s joystick devices subsystem in versions prior to 5.9-rc1. This flaw allows a local user to crash the system or potentially escalate their privileges on the system. The greatest threat posed by this vulnerability is related to...
Astra Linux - уязвимость в linux
A memory-bound write flaw 1 or 2 bytes of memory was identified in the Linux kernel’s NFS subsystem, related to the way users use mirroring replication of files via NFS. A user with access to the NFS mount could potentially exploit this flaw to crash the system or escalate privileges on the syste...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: locking/qrwlock: Fixed the ordering in queuedwritelockslowpath While this code is executed with waitlock held, a reader can acquire the lock without holding waitlock. The writer checks the value using atomiccondreadacquire, but...