Astra Linux - уязвимость в linux-5.10

A flaw was discovered in the Linux kernel, specifically in the linux/net/netfilter/nftablesapi.c file of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue...

Astra Linux - уязвимость в linux, linux-5.10

A out-of-bounds memory access vulnerability was discovered in the vmwgfx driver, located in the vmxgfx/vmxgfxkms.c file within the GPU component of the Linux kernel. The vulnerability affects device files such as '/dev/dri/renderD128 or Dxxx'. This flaw allows a local attacker with a user account...

Astra Linux - уязвимость в linux-5.10, linux

A flaw was discovered in the Linux kernel. A denial-of-service attack may occur if a consecutive request for NVMEIOCTLRESET and NVMEIOCTLSUBSYSRESET is made through the device file of the driver, resulting in a disconnection of the PCIe link...

Astra Linux - уязвимость в linux, linux-5.10

A flaw was discovered in the Linux kernel’s driver for ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet devices. The vulnerability involves multiple out-of-bounds reads and possible out-of-bounds writes...

Astra Linux - уязвимость в linux, linux-5.10

A vulnerability was discovered in the pfkeyregister function in the net/key/afkey.c file within the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, resulting in a system crash or the leakage of internal kernel information...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: bug fix while parsing mipi-sdca-control-cn-list The struct sdcacontrol structure declares the “values” field as an integer array. However, the memory allocated for this field is actually a char array. This causes a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: l2tp: All race conditions in l2tptunnelregister have been fixed. The code within l2tptunnelregister is problematic in several ways: 1. It modifies the tunnel socket after it is published. 2. It calls setupudptunnelsock on an...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

A vulnerability was reported in the Open vSwitch sub-component of the Linux kernel. The flaw occurs when a recursive operation of the code push calls into the code block recursively. The OVS module does not validate the stack depth, causing too many frames to be pushed onto the stack, leading to ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: i2c: designware: Fix handling of real but unexpected device interrupts The commit c7b79a752871 “mfd: intel-lpss: Add Intel Alder Lake PCH-S PCI IDs” caused a regression on certain Gigabyte motherboards for Intel Alder Lake-S...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xsk: Check IFFUP earlier in the Tx path. The Xsk Tx operation can be triggered via either sendmsg or poll system calls. Both paths involve a call to the common function xskxmit, which contains two sanity checks. Here’s a...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

A use-after-free vulnerability in the Linux kernel’s afunix component can be exploited to achieve local privilege escalation. The unixstreamsendpage function attempts to add data to the last skb in the peer’s recv queue without locking the queue. This creates a race condition where...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Avoid potential “vm use-after-free” situations. By adding the virtual machine to the vmxa table, it becomes visible to user space. This could potentially cause user space to attempt to close the virtual machine at the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: mdio: unexport init-annotated mdiobusinit EXPORTSYMBOL and init are a bad combination because the .init.text section is freed after initialization. As a result, modules cannot use symbols annotated with init. Accessing a fre...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: mmc: vub300 – Fixed the return value check in mmcaddhost. If we ignore the return value of mmcaddhost, the memory allocated in mmcallochost may be leaked, leading to a kernel crash due to the removal of devices that were not...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: schedext: Preemption between scxclaimexit and the kicking of helper tasks is disabled. scxclaimexit atomically sets the exitkind value, preventing scxerror from triggering further error handling. After claiming exit, the caller...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: i2c: designware: amdisp: Fixed the race condition involving the resume-probe function. The race condition was identified in kernel version 7.0, with the commit code 38fa29b01a6a „i2c: designware: Combine the init functions“...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: cxl: fixed a possible null-ptr-deref in cxlguestinitafu|adapter. If deviceregister fails in cxlregisterafu|adapter, the device is not added. In this case, deviceunregister cannot be called in the error path. Otherwise, a...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: Memory: pl353-smc: Fixed a refcount leak issue in pl353smcprobe. The break in foreachavailablechildofnode requires a corresponding ofnodeput when the reference ‘child’ is no longer used. In this case, we don’t need to call...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: Set buffer sampling frequency for accelerometer only The stlsm6dsxhwfifoodrstore function, which is called when the user space writes the buffer sampling frequency sysfs attribute, calls stlsm6dsxcheckodr,...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Avoid leaking tags when processing the OPCINBSETCONTROLLERCONFIG command. The tags allocated for the OPCINBSETCONTROLLERCONFIG command need to be freed when we receive the response...