224265 matches found
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerabilities have been resolved: USB: usbfs: Do not issue a WARN message regarding excessively large memory allocations. Syzbot discovered that the kernel generates a WARN message if the user attempts to perform a bulk transfer using usbfs with a buffer that ...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: can: mcbausb: fixed a memory leak in mcbausb Syzbot reported a memory leak in the SocketCAN driver for the Microchip CAN BUS Analyzer Tool. The problem occurred in unfreeing the usbcoherent object. In the mcbausbstart function...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: ipv4: Fix memory leak in netlblcipsov4addstd Reported by syzkaller: BUG: Memory leak Unreferenced object: 0xffff888105df7000 size 64 Process: “syz-executor842”, PID: 360, Jiffies: 4294824824 Age: 22.546 seconds Hex dump firs...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fixed the initialization of the CQ fragments buffer. The function initcqfragbuf can be used to initialize the current CQ fragments buffer cq-buf, or the temporary cq-resizebuf that is filled during the CQ resize operatio...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm: A use-after-free issue in drmgetunique has been fixed. There is a time-of-check-to-time-of-use error in drmgetunique, caused by retrieving fpriv-master before locking the device’s master mutex. An example of this error can b...
Astra Linux - уязвимость в linux, linux-5.10
A vulnerability was discovered in the Linux kernel, where a use-after-free condition could occur in nouveau’s postclose handler if a device is removed. This situation occurs when removing a device—a process that isn’t common for physically removing a video card without shutting down the system...
Astra Linux - уязвимость в linux
A vulnerability was discovered in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory...
Astra Linux - уязвимость в linux, linux-5.10
A NULL pointer dereference flaw was discovered in the btrfsrmdevice function in fs/btrfs/volumes.c within the Linux Kernel. Triggering this bug requires CAPSYSADMIN. This flaw allows a local attacker to crash the system or leak kernel internal information. The greatest threat posed by this...
Astra Linux - уязвимость в linux, linux-5.10
A memory overflow vulnerability was discovered in the ipc functionality of the memcg subsystem in the Linux kernel. This vulnerability occurs when a user calls the semget function multiple times, thereby creating semaphores. This flaw allows a local user to deplete resources, resulting in a denia...
Astra Linux - уязвимость в linux-5.10
A flaw in the Linux kernel’s implementation of the RDMA communication manager listener code allowed an attacker with local access to set up a socket to listen on a high port. This allowed for a memory element to be used after it was freed. With the ability to execute code, a local attacker could...
Astra Linux - уязвимость в linux, linux-5.10
A vulnerability was discovered in the fs/inode.c:inodeinitowner function logic of the Linux kernel. This vulnerability allows local users to create files for the XFS file system with unintended group ownership, along with group execution and SGID permission bits set. This occurs in a scenario whe...
Astra Linux - уязвимость в linux, linux-5.10
A memory flaw after deallocation was discovered in the Linux kernel’s garbage collection for Unix domain socket file handlers. This flaw occurs when users call close and fget simultaneously, potentially triggering a race condition. This flaw allows a local user to crash the system or escalate the...
Astra Linux - уязвимость в linux-5.10
A vulnerability was discovered in the Linux kernel’s blockinvalidatepage function in the fs/buffer.c file of the filesystem. A missing sanity check may allow a local attacker with user privileges to cause a denial of service DOS issue...
Astra Linux - уязвимость в linux, linux-5.10
A non-privileged write-to-file handler flaw exists in the Linux kernel’s control groups and namespaces subsystem. This flaw allows users to gain access to certain less-privileged processes that are controlled by cgroups, even when those processes have higher-privileged parent processes. This issu...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ipmi: Fixed UAF when uninstalling the ipmisi and ipmimsghandler modules Hi, During testing the installation and uninstallation of ipmisi.ko and ipmimsghandler.ko, the system crashed. The log message is as follows: 141.087026...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: usb: musb: tusb6010: check return value after calling platformgetresource This vulnerability could lead to a nullptrderef error if platformgetresource returns NULL. Therefore, we need to check the return value of this function...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: perf bpf: Avoid memory leak from perfenvinsertbtf The perfenvinsertbtf function does not insert entries if a duplicate BTF ID is encountered, which can lead to a memory leak. The function should now return a success/error value; ...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: tty: serial: 8250: serialcs: Fixed a memory leak in the error handling path In the probe function, if the serialconfig function fails, resources are being leaked. Add a resource handling mechanism to free up this memory...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: jfs: fixed GPF in diFree Avoid passing an inode with JFSSBIinode-isb-ipimap == NULL to diFree1. GFP will be returned: struct inode ipimap = JFSSBIip-isb-ipimap; struct inomap imap = JFSIPipimap-iimap; JFSIP will return an...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Binder: Make sure that fd closes completely. During the processing of BCFREEBUFFER, the BINDERTYPEFDA object cleanup may close one or more fds. The close operations are completed using the task work mechanism—which means that the...