224304 matches found
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
A use-after-free vulnerability in the Linux kernel’s ipv4:igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited, causing a timer to be mistakenly registered on a RCU read-locked object that is then freed by another thread. We recommend upgrading ...
Astra Linux - уязвимость в linux-5.10, linux, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject iftype changes with mesh ID changes It is currently possible to change the mesh ID when the interface is not yet in mesh mode, while also changing it into mesh mode. This leads to an overwrite of data in the...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: cpufreq: brcmstb-avs-cpufreq – added a check for the return value of cpufreqcpuget. cpufreqcpuget may return NULL. To avoid NULL-reference checks, it should return 0 in case of an error. This issue was identified by the Linux...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: phy: ti: phy-omap-usb2: Fixed NULL pointer dereferencing for SRP. If the external PHY working together with phy-omap-usb2 does not implement sendsrp, we may still attempt to call it. This can occur on an idle Ethernet device that...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
A issue was discovered in the Linux kernel before version 6.6.8. The dovccioctl function in net/atm/ioctl.c has a use-after-free issue due to a race condition involving vccrecvmsg...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Audit: Added missing syscalls to the read class. The “at” variant of getxattr and listxattr are missing from the audit read class. Calling getxattrat or listxattrat on a file to read its extended attributes will bypass audit rule...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: pcigeneric: Remove the WQMEMRECLAIM flag from the state workqueue. A recent change created a dedicated workqueue for the state-change work, with WQHIGHPRI and WQMEMRECLAIM flags. However, the state-change work...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: prevented RCU stalls in kasanreleasevmallocnode When CONFIGPAGEOWNER is enabled, freeing KASAN shadow pages during vmalloc cleanup triggers expensive stack unwinding that acquires RCU read locks. Processing a large...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fixed the issue where the fence was put before waiting in amdgpuamdkfdsubmitib. The amdgpuamdkfdsubmitib function submits a GPU job and obtains a fence from amdgpuibschedule. This fence is used to wait for the job to...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: dm: verity-loadpin: Only trust verity targets with enforcement Verity targets can be configured to ignore corrupted data blocks. LoadPin must only trust verity targets that are configured to perform some kind of enforcement when...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ice: A NULL pointer dereferencing issue was fixed in iceupdatevsitxringstats. It is possible to cause a NULL pointer dereferencing in routines that update Tx ring statistics. Currently, only statistics and bytes are updated when...
Astra Linux - уязвимость в linux-5.10, linux
A flaw was discovered in the Linux kernel’s implementation of proxied virtualized TPM devices. In a system where virtualized TPM devices are enabled which is not the default setting, a local attacker can exploit this flaw to create a “use-after-free” condition, potentially allowing them to escala...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: of/fdt: Perform SOC memory setup when earlyinitdtscanmemory fails. If memory is found, earlyinitdtscanmemory now returns 1. If no memory is found, it returns 0, allowing other memory setup mechanisms to proceed. Previously,...
Astra Linux - уязвимость в linux, linux-5.10
A vulnerability was discovered in btrfsalloctreeb in fs/btrfs/extent-tree.c within the Linux kernel, due to an improper lock operation in btrfs. This flaw allows a user with local privileges to cause a denial of service DOS due to a deadlock issue...
Astra Linux - уязвимость в linux, linux-5.10
A vulnerability was discovered in the cgroupreleaseagentwrite function of the Linux kernel, within the kernel/cgroup/cgroup-v1.c file. Under certain circumstances, this flaw allows the use of the cgroups v1 releaseagent feature to escalate privileges and bypass namespace isolation unexpectedly...
Astra Linux - уязвимость в linux
A issue was discovered in the Linux kernel before version 5.11.11. The netfilter subsystem allows attackers to cause a denial of service panic because net/netfilter/xtables.c and include/linux/netfilter/xtables.h lack a proper memory barrier when assigning a new table value, known as...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: The clearwalkcontrol function sets ctx-walkcontrol to the control structure provided by the caller before checking whether the context is running. If the context is inactive i.e., damonisrunning returns false, the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k: The peer lookup in ath12kdpmonrxdelivermsdu failed because rxcb-peerid was not updated with a valid value. This issue is expected in monitor mode, where RX frames bypass the regular RX descriptor path, which typical...
Astra Linux - уязвимость в linux-5.10, linux
There is a use-after-free vulnerability in the Linux kernel that can be exploited to achieve local privilege escalation. To exploit this vulnerability, the CONFIGTLS or CONFIGXFRMESPINTCP kernel configuration flags must be set; however, the operation does not require any special privileges. There...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: tee: amdtee: fixed an issue where ISERR returned NULL instead of an error pointer. The getfreepages function does not return error pointers; it returns NULL instead. Therefore, this condition needs to be corrected to avoid NUL...