224336 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: lan966x: Fixed error handling for pagepool in lan966xfdmarxallocpagepool. pagepoolcreate may return an ERRPTR upon failure. This return value is used unconditionally in the subsequent loop. The error pointer is passed throug...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fixed the double dmabufunpin in the failure path. In ibumemdmabufgetpinnedwithdmadevice, the call to ibumemdmabufmappages may fail. If this occurs, the dmabuf is immediately unpinned, but the umemdmabuf-pinned flag...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: rtw89: pci: validate sequence number of TX release report Hardware rarely reports an abnormal sequence number in the TX release report, which may lead to an out-of-bounds access to the wdring-pages array, causing a NULL...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: fixed a use-after-free case in tcpmregistersourcecaps. There might be a potential use-after-free case in tcpmregistersourcecaps. This could occur when: - New say, invalid source caps are advertised. - Existing...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: TCP: Properly terminate timers for kernel sockets We received various reports from syzbot regarding TCP timers being fired after the corresponding netns has been dismantled. Fortunately, Josef Bacik was able to trigger this issue...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM – Flushing pages under kvm-lock to fix a Use-After-Free error in svmregisterencregion It is necessary to flush the cached pages in svmregisterencregion before releasing kvm-lock to address use-after-free issues. In such...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: cpumap: The xdprxqinfo structure must be initialized to zero before running the XDP program. When running an XDP program that is associated with a cpumap entry, we do not initialize the xdprxqinfo data structure, which is used in...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Fixed a potential data race in nftexprtypeget. The function nftunregisterexpr can occur concurrently with nftexprtypeget. There is no protection when iterating over the nftablesexpressions list in...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: target: pscsi: Fixed bioput for error cases As of commit 066ff571011d “block: turning biokmalloc into a simple kmalloc wrapper”, a memory block allocated by biokmalloc must be freed using biouninit and kfree. This process i...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
A heap out-of-bounds write vulnerability in the Linux Kernel Performance Events perf component of the Linux kernel can be exploited to achieve local privilege escalation. If the perfreadgroup function is called when the siblinglist of an event is smaller than that of its child, it may increment o...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: nilfs2: The OOB issue in nilfssetdetype has been fixed. The size of the nilfstypebymode array in the fs/nilfs2/dir.c file is defined as “SIFT SSHIFT”. However, the nilfssetdetype function, which uses this array, specifies the ind...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: mac802154: fixed the issue where key resources were released in mac802154llseckeydel. The mac802154llseckeydel function can free resources associated with a key directly, without following the RCU rules for waiting before the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nfconntrackh323: Added protection against bmp length being out of range. The UBSAN load reports an exception due to bitwise shifts that are out of bounds for their data type. vmlinux getbitmapb=75 + 712 vmlinux...
Astra Linux - уязвимость в linux, linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: cachefiles: fixed a memory leak in cachefilesaddcache The following memory leak was reported after unbinding /dev/cachefiles: ================================================================== Unreferenced object...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
A race condition was detected in the Linux kernel’s media/xc4000 device driver, specifically in the xc4000getfrequency function. This can lead to a return value overflow issue, potentially causing malfunctions or denial-of-service problems...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
A out-of-bounds read vulnerability was discovered in smbCalcSize in the fs/smb/client/netmisc.c file within the Linux kernel. This issue could allow a local attacker to crash the system or leak internal kernel information...
Astra Linux - уязвимость в linux-5.15, linux-6.1, linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: mvm – Fixed a memory corruption issue A few lines above, space is allocated using kzalloc for: sizeofstruct iwlnvmdata + sizeofstruct ieee80211channel + sizeofstruct ieee80211rate mvm-nvmdata is a struct iwlnvmdata...
Astra Linux - уязвимость в linux, linux-5.15, linux-6.1, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211gtkrekeyadd is called, and ieee80211gtkrekeyadd returns 0 due to KRACK protection identical key reinstall, ieee80211gtkrekeyadd will still return a pointer to the key...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
A use-after-free vulnerability in the Linux kernel’s ipv4:igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited, causing a timer to be mistakenly registered on a RCU read-locked object that is then freed by another thread. We recommend upgrading ...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: arm64/sve: Stale CPU state is discarded when handling SVE traps. The logic for handling SVE traps incorrectly manipulates the saved FPSIMD/SVE state. A race condition can occur where preemption causes a task to have TIFSVE set an...