Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtIDLETIMER: Fixed a panic that occurs when timertype has a garbage value. Currently, when a rule related to IDLETIMER is added, the idletimertg timer structure is initialized using kmalloc during the execution of the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/mlx5: Initialize the ODP xarray when creating an ODP MR Normally, zero filling would hide the missing initialization. However, setting descsize in regcreate incorrectly causes a crash: BUG: Unable to handle a page fault f...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: fixed the re-dirty process of tree-log nodes There is a report of a transaction abort with the following script: !/bin/sh for d in sda sdb; do mkfs.btrfs -d single -m single -f /dev/$d done mount /dev/sda /mnt/test moun...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fixed the mmap function to include VMIO and VMDONTDUMP. In commit 510410bfc034 “drm/msm: Implement mmap as a GEM object function”, we switched to a new and cleaner approach for handling this issue. That’s good, but we...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum: Protect the driver from buggy firmware When processing port up/down events generated by the device’s firmware, the driver attempts to protect itself from events reported for non-existent local ports. However, it...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: i2c: virtio: Disable timeout handling If a timeout occurs, it can lead to incorrect data on the I2C bus and/or memory corruption in the guest, since the device can still be operating on the buffers it was given, even after the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Staging: r8188eu: fixed a memory leak in rtwwxread32 Free “ptmp” before returning – EINVIL...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mptcp: Fixed a deadlock issue in mptcppushpending. mptcppushPending may call mptcpFlushJoinList with a subflow socket lock held. If this call encounters mptcpSockOptSyncAll, then mptcpSockOptSync might attempt to lock the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ARM: davinci: da850evm: Avoid NULL pointer dereferencing In newer versions of GCC, a panic occurs in da850evmconfigemac when booting multiv5defconfig in QEMU under the palmetto-bmc machine. The issue arises from attempting to...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: cirrusfb: check pixclock to avoid divide by zero Perform a sanity check on the pixclock value to avoid division by zero. If the pixclock value is zero, the cirrusfb driver will round up the pixclock value to make th...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-compress: prevented the potential use of a null pointer. There is one call trace that involves sndsocregistercard -sndsocbindcard-socinitpcmruntime -sndsocdaicompressnew-sndsocnewcompress. In this trace, ‘codecdai’ is...

Astra Linux - уязвимость в linux-5.10, linux

A denial-of-service DOS issue was detected in the smb2ioctlqueryinfo function of the Linux kernel, within the fs/cifs/smb2ops.c Common Internet File System. This issue arises due to an incorrect return value from the memdupuser function. This flaw allows a local, privileged attacker with...

Astra Linux - уязвимость в linux-5.10

An information leak flaw was discovered due to uninitialized memory in the Linux kernel’s TIPC protocol subsystem, during the process of a user sending a TIPC datagram to one or more destinations. This flaw allows a local user to read certain parts of the kernel’s memory. The affected data is no...

Astra Linux - уязвимость в linux-5.10, linux

A flaw in the use of free after the NILFS file system in the Linux kernel was discovered. This flaw causes the function security inodealloc to fail, leading to a call to the nilfsmdtdestroy function. A local user could exploit this flaw to crash the system or potentially escalate their privileges...

Astra Linux - уязвимость в linux-5.10, linux

A race condition was detected in the Linux kernel’s IP framework for transforming packets XFRM subsystem, where multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

Astra Linux - уязвимость в linux-5.10

A issue was discovered in the Linux kernel through version 5.16-rc6. In the file mtkvcodecfwvpuinit located in drivers/media/platform/mtk-vcodec/mtkvcodecfwvpu.c, there is a lack of check for the return value of devmkzalloc. This could lead to a null pointer dereferencing...

Astra Linux - уязвимость в linux-5.10, linux

A memory write vulnerability that is outside the bounds of the system’s protection was discovered in the Linux kernel’s Kid-friendly Wired Controller driver. This vulnerability allows a local user to crash the system or potentially escalate their privileges. The issue lies in the bigbenprobe...

Astra Linux - уязвимость в linux-5.10

A vulnerability has been discovered in the Linux kernel. It has been rated as problematic. The affected component is the sessfreebuffer function in the fs/cifs/sess.c file of the CIFS Handler module. This vulnerability can lead to double-free operations. It is recommended that patches be applied ...

Astra Linux - уязвимость в linux-5.10

A vulnerability was discovered in the Linux kernel and is classified as problematic. The affected component is the function rlbarpxmit in the file drivers/net/bonding/bondalb.c of the IPsec module. This vulnerability causes a memory leak. It is recommended that a patch be applied to address this...

Astra Linux - уязвимость в linux-5.10, linux

A vulnerability was discovered in the Linux kernel. It has been classified as critical. This issue affects the devlinkparamset/devlinkparamget functions in the net/core/devlink.c file of the IPsec component. The vulnerability allows for exploitation after memory allocation. It is recommended that...