224294 matches found
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: net/core: Fixed the ETHP1588 flow dissector When a PTP Ethernet raw frame with a size of more than 256 bytes followed by a 0xff pattern is sent to skbflowdissect, the calculation of the nhoff value is incorrect. For example,...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: jfs: fixed an array-index-out-of-bounds issue in dbAdjTree. Currently, there is a missing bounds check when accessing the dmtstree within dbAdjTree. To address this issue, a boolean variable named “isctl” was added. This variable...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: net/sched: actct: fix skb leak and crash on ooo frags actct adds skb-users before defragmentation. If frags arrive in order, the reference of the last frag is reset in inetfragreasmprepare, skbmorph. This is not straightforwar...
Astra Linux - уязвимость в linux, linux-6.1, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: BPF: Check rcureadlockTraceheld before calling BPF map helpers. These three BPFmaplookup,update,deleteelem helpers are also available for sleepable BPF programs. Therefore, add the corresponding lock assertions for sleepable B...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fixed a double-free in sidpminit When the allocation of adev-pm.dpm.dynstate.vddcDependenceondispclk.entries fails, amdgpufreeextendedpowertable is called to free some fields of adev. However, when the control flow...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: arm64: Restrict CPUBIGENDIAN to GNU as or LLVM IAS 15.x or newer Prior to LLVM 15.0.0, LLVM’s integrated assembler would incorrectly byte-swap NOPs when compiling for big-endian, and the resulting bytes happened to match the...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: The BUGON flag has been removed when the event pool is empty. In practice, the driver should never send more commands than are allocated to the event pool. If this happens, the code will assert the BUGON flag. In th...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: cpu/hotplug: Do not offline the last non-isolated CPU. If a system has isolated CPUs via the “isolcpus=” command-line parameter, then attempting to offline the last housekeeping CPU will result in a WARNON message when rebuilding...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: media: vidtv: mux: Added checks and calls to kstrdup. A check is performed on the return value of kstrdup; if it fails, an error is returned to avoid NULL pointer dereferencing. Additionally, kfree is used in the subsequent error...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: IB/mlx5: Fixed error handling during the init stage to avoid double-freeing of the same QP and UAF. In the unlikely event that workqueue allocation fails and returns NULL in mlx5mkeycacheinit, delete the call to...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6765 – Added a check for the return value of mtkallocclkdata. The check is added to avoid dereferencing a NULL pointer...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: llcc: Handle a second device without data corruption. Usually, there is only one llcc device. But if there were a second one, even a failed probe call would modify the global drvdata pointer. Therefore, check whether...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: TCP: Do not accept ACKs for bytes that we never sent. This patch is based on a detailed report and ideas from Yepeng Pan and Christian Rossow. The validation of ACK sequences currently follows the guidelines outlined in RFC 5961,...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
A null pointer dereference flaw was discovered in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configurations, which could allow a local user to crash the system or escalate their...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
A flaw was discovered in the Linux kernel’s NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packets when using NVMe over TCP. This can lead to the NVMe driver dereferencing a NULL pointer, resulting in kernel panic and a denial of service...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
A flaw was discovered in the Linux kernel’s NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packets when using NVMe over TCP. This can lead to the NVMe driver dereferencing a NULL pointer, resulting in kernel panic and a denial of service...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
A flaw was discovered in the Linux kernel’s NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packets when using NVMe over TCP. This can lead to the NVMe driver dereferencing a NULL pointer, resulting in kernel panic and a denial of service...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
A Null pointer dereference problem was detected in idafree in lib/idr.c within the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a lack of proper checks at function returns...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
A flaw was discovered in the Netfilter subsystem of the Linux kernel. The issue lies with the nftbyteordereval function, where the code iterates through an loop and writes to the dst array. In each iteration, 8 bytes are written, but dst is an array of u32 values; therefore, each element in the...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: Regenerate the buddy structure after block freeing fails when under fc replay. This fix primarily reverts to commit 6bd97bf273bd “ext4: Remove redundant mbregeneratebuddy”, and reintroduces the function mbregeneratebuddy...