Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed the issue where “tcpmtupprobesuccess” was displayed instead of “wrong sndcwnd”. The syzbot received a new report 1 that pointed to a very old bug. This bug was addressed in the initial support for MTU probing. The...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: nfc: st21nfca: fixed memory leaks in EVTTRANSACTION handling Error paths do not free the previously allocated memory. Add devmkfree to those failure paths...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Clear prog-jitedlen along with prog-jited syzbot reported an illegal copytouser attempt from bpfproggetinfobyfd. There has been no further reports of this bug yet, but I think that the commit 0aef499f3172 “mm/usercopy...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: mdio: unexport init-annotated mdiobusinit EXPORTSYMBOL and init are a bad combination because the .init.text section is freed after initialization. As a result, modules cannot use symbols annotated with init. Accessing a fre...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: altera: Fixed the reference count leak in alteratsemdiocreate. In every iteration of foreachchildofnode, the reference count of the previous node is decremented. When exiting a foreachchildofnode loop, we need to explicitly...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: Firmware: dmi-sysfs: Fixed a memory leak in dmisysfsregisterhandle. The kobjectinitandadd function takes a reference even when it fails. According to the documentation of kobjectinitandadd: If this function returns an error,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: remoteproc: mtkscp: Fixed a potential double-free issue. scp-rproc is allocated using devmrprocalloc, so there is no need to explicitly free it in the remove function...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: md: Do not set mddev’s private field to NULL in raid0 with pers-free. In a normal stop process, the following sequence of operations occurs: domdstop | mdstop pers-free; mddev-private=NULL | mdfree free mddev The mdstop function...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Tracing: Fixed a potential double-free issue in createvarref. In createvarref, initvarref is called to initialize the fields of the reffield variable. This variable is allocated in the previous function call, to createhistfield...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Video: fbdev: clcdfb: Fixed the refcount leak in clcdfbofvramsetup. In clcdfbofvramsetup, ofparsephandle returns a node pointer with the refcount incremented. We should use ofnodeput on it when it is no longer needed. Add the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Added ofnodeput in iommuinitearlydart. The devicenode pointer is returned by offindcompatiblenode, and its reference count is incremented. We should use ofnodeput to avoid the reference count leak...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Firmware: armscmi: Fixed the enumeration of protocols in the base protocol. When enumerating the protocols implemented by the SCMI platform using BASEDISCOVERLISTPROTOCOLS, the number of protocols returned is currently validated ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: amt: Fixed memory leak for advertisement messages. When a gateway receives an advertisement message, it extracts relay information and then it should be freed. However, the advertisement handler does not free that memory after...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: PM /devfreq: rk3399dmc: Disabled edev upon removal Otherwise, we encountered an unhandled enable-count when unbinding the DFI device: 1279.659119 ------------ Cut here ------------ 1279.659179 WARNING: CPU: 2 PID: 5638 at...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-hdmi: Fixed a reference count leak in imxhdmiprobe. The offinddevicebynode function takes a reference; we should use putdevice to release that reference. When devmkzalloc fails, there is no putdevice to release the...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: - regulator: pfuze100 – Fixed the refcount leak in pfuzeparseregulatorsdt. - ofnodeget now returns a node with the refcount incremented. - calling ofnodeput to drop the reference when it’s no longer needed...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: drm/msm/mdp5: The return error code in mdp5piperelease occurs when a deadlock is detected. mdp5getglobalstate runs the risk of encountering an -EDEADLK error when acquiring the modeset lock. Currently, mdp5piperelease does not...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: wl1251: Dynamic allocation of memory used for DMA. With the introduction of vmap-ed stacks, stack parameters can no longer be used for DMA, which can lead to kernel panic. This issue occurs in several locations related to wl1251...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: arm64: compat: Do not treat syscall number as ESRELx for a bad syscall If a compat process tries to execute an unknown system call above the ARMNRCOMPATEND number, the kernel sends a SIGILL signal to the offending process...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed a resource leak in lpfcsli4sendseqtoulp If no handler is found in lpfccompleteunsoliocb that matches the received frame’s RCTL, the frame is discarded, and resources may be leaked. This issue was fixed by...