224265 matches found
Astra Linux - уязвимость в linux-5.15
A flaw was discovered in the MCTP protocol within the Linux kernel. The function mctpunregister reclaims the device’s related resources when a netcard is detached. However, a running program may be unaware of this flaw, leading to a use-after-free of the mdev-addrs object, which could potentially...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: mmc: sdio: fixed possible resource leaks in some error paths. If sdioaddfunc or sdioinitfunc fails, sdioremovefunc may not properly release resources. In these cases, the sdio function is not called, and functions like ofnodep...
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Perform lockless command completion in the abort path When adding or removing controllers, the following call trace was observed: WARNING: CPU: 3 PID: 623596 at kernel/dma/mapping.c:532 dmafree attrs+0x33/0x50 CPU:...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: dm crypt: added condresched to dmcryptwrite The loop in dmcryptwrite may run for an unlimited amount of time; therefore, condresched is needed. This commit fixes the following warning: 3391.153255 C12 watchdog: BUG: soft lockup –...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: igb: revert rtnllock that causes deadlock The commit 6faee3d4ee8b "igb: Add lock to avoid data race" adds rtnllock to eliminate a false data race shown below FREE from device detaching | USE from netdev core igbremove |...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net/smc: fixed the issue where NULL sndbufdesc was used in smccdctxhandler. When performing a stress test on SMC-R using the rmmod mlx5ib driver during the wrk/nginx test, we found that there is a possibility of triggering a pani...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: tcp: tcpmakesynack can now be called from process context. tcpv6RtXsynack can now be called in process context, as explained in 0a375c822497 "tcp: tcpv6RtXsynack can be called from process context". tcpv6RtXsynack may call...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: ila: Do not generate empty messages in ilaxlatnlcmdgetmapping. ilaxlatnlcmdgetmapping generates an empty skb, triggering a recent sanity check. Instead, an error code should be returned so that it can be handled by the user...
Astra Linux - уязвимость в linux-5.15, linux-6.1
A use-after-free flaw was discovered in the setupasyncwork function in the KSMBD implementation of the in-kernel Samba server and CIFS services in the Linux kernel. This issue could allow an attacker to crash the system by accessing freed resources...
Astra Linux - уязвимость в linux-5.15
A issue was discovered in the Linux kernel before version 6.3.8. In the file fs/smb/server/connection.c of ksmbd, the relationship between the length field of the NetBIOS header and the sizes of the SMB headers is not validated, as handled through the pdudsize function in ksmbdconnhandlerloop. Th...
Astra Linux - уязвимость в linux-5.15
A flaw was discovered in KVM AMD Secure Encrypted Virtualization SEV within the Linux kernel. A KVM guest that uses SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler...
Astra Linux - уязвимость в linux-6.1
In drivers/accel/habanalabs/common/habanalabsioctl.c of the Linux kernel, from version 6.6.5 onwards, an information leak to user space is possible because info-pad0 is not initialized...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Avoid leaking tags when processing the OPCINBSETCONTROLLERCONFIG command. The tags allocated for the OPCINBSETCONTROLLERCONFIG command need to be freed when we receive the response...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Ring Buffer: Do not attempt to read beyond the “commit” boundary. When iterating over the ring buffer while the ring buffer is active, the writer can corrupt the reader. There are mechanisms to detect and handle this issue, but t...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: mm/damon/vaddr-test: fixed a memory leak in damondotestapplythreeregions. When CONFIGDAMONVADDRKUNITTEST=y, and CONFIGDEBUGKMEMLEAK=y as well as CONFIGDEBUGKMEMLEAKAUTOSCAN=y, the aforementioned memory leak is detected. Since...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: vfio/mdev: Fixed a null-ptr-deref bug for mdevunregisterparent Inject a fault while probing mdpy.ko. If the kstrdup function fails in kobjectaddinternal, which occurs in kobjectinitandadd, mdevtypeadd, parentcreatesysfsfiles, it...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: “power: supply: rk817” – Fixed the node refcount leak. Dan Carpenter reported that the Smatch static checker identified another refcount leak in the probe function. While the ofnodeput function was added in one of the return...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: net/core: Fixed the ETHP1588 flow dissector When a PTP Ethernet raw frame with a size of more than 256 bytes followed by a 0xff pattern is sent to skbflowdissect, the calculation of the nhoff value is incorrect. For example,...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: jfs: fixed an array-index-out-of-bounds issue in dbAdjTree. Currently, there is a missing bounds check when accessing the dmtstree within dbAdjTree. To address this issue, a boolean variable named “isctl” was added. This variable...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: net/sched: actct: fix skb leak and crash on ooo frags actct adds skb-users before defragmentation. If frags arrive in order, the reference of the last frag is reset in inetfragreasmprepare, skbmorph. This is not straightforwar...