224333 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: x86/cpu: Avoid running off the end of an AMD erratum table. The NULL array terminator at the end of erratum1386microcode was removed during the switch from x86cpudesc to x86cpuid. This causes readers to run off the end of the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: devlink: rate: Unset parent pointer in devlratenodesdestroy The function devlratenodesdestroy is documented to “Unset the parent pointer for all rate objects”. However, it only calls the driver-specific rateleafparentset or...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: vhost: moved the bound check for vdpa group to vhostvdpa. Duplications have been removed by consolidating them here. This reduces the possibility that a parent driver may miss them. Additionally, we’ve fixed a bug in vdpasim,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: libwx: fixed a memory leak in wxsetuprxresources When wxallocpagepool fails in wxsetuprxresources, it does not release the DMA buffer. Adding dmafreecoherent in the error handling path is necessary to release the DMA buffer...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mac80211: fixed the issue of locking in the ieee80211startap error path. We need to hold the local-mtx to release the channel context; this is even encoded in the lockdepassertheld function. Fix this issue...
Astra Linux - уязвимость в linux
Shiftfs is a tree-based stacking file system included in Ubuntu Linux kernels. It did not handle faults that occurred during the copyfromuser function properly. This could lead to situations where resources were freed twice, or where no memory was actually freed at all. An attacker could exploit...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Memory: renesas-rpc-if – fixed the platform-device leak in the error path. Make sure the flash platform device is freed in case registration fails during the probe...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm/damon/stat: The failure to deallocate the damoncall function leads to the leakage of the damonctx object. The damonstatstart function always allocates the damonctx object of the module i.e., damonstatcontext. Meanwhile, if the...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: - drm/amdgpu/gfx: Disable gfx9 cpeccerrorirq only when enabling legacy gfx ras. - gfx9 cpeccerrorirq is only enabled when legacy gfx ras is asserted. - In gfxv90hwfini, the disabling of cpeccerrorirq should be executed under...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: xhci: Remove device endpoints from the bandwidth list when freeing the device. Endpoints are normally deleted from the bandwidth list when they are dropped, before the virt device is freed. If the xHCI host is dying or being...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Avoid device tree lookups in rtasosterm. rtasosterm is called during panic. Its behavior depends on several conditions in the /rtas node of the device tree; traversing these nodes involves locking and changes to loc...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: rpmsg: char: Avoid double destruction of the default endpoint The rpmsgdevremove function in rpmsgcore is the place where this default endpoint is released. Therefore, it is necessary to avoid destroying the default endpoint in...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ethtool: eeprom: fixed the null-dereference on genlinfo in the dump. A similar fix, as described in commit 46cdedf2a0fa “ethtool: pse-pd: fixed the null-dereference on genlinfo in the dump”, is also required for ethtool eeprom...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: dma: xilinxdpdma: Fixing locking issues There are several places where either chan-lock or chan-vchan.lock was not held. Appropriate locking measures were added. This fixes lockdep warnings such as: 31.077578 ------------ Cut...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iio: imu: adis: Fixed NULL pointer dereferencing in adisinit. The adisinit function dereferences adis-ops to check whether the individual function pointers write, read, reset are NULL. However, it does not first check whether...
Astra Linux - уязвимость в linux-5.10, linux
A use-after-free flaw was discovered in vhostnetsetbackend in drivers/vhost/net.c within the virtio network subcomponent of the Linux kernel, due to a double fget operation. This flaw could allow a local attacker to cause the system to crash, and could even lead to a kernel information leak issue...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcisync: If hcicmdsyncqueueonce returns -EEXIST, it indicates that a queue item already exists. hcicmdsyncqueueonce needs to indicate whether a queue item was added, so that the caller can know if callbacks are...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Media: MediTech; vcodec: Fix for use-after-free in the encoder release path. The fopsvcodecrelease function frees the context structure ctx without first canceling any pending or ongoing operations in ctx-encodework. This creates...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: s390/fpu: Fixed a false-positive KMSAN report in fpuvstl A false-positive KMSAN report was detected when running the ping command. The inline assembly instruction “vstl” can write varying amounts of bytes, depending on the val...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: btusb: Fixed a potential NULL dereferencing on a kmalloc failure. Avoid potential NULL pointer dereferences by checking the return value of kmalloc and properly handling allocation failures...