Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mshv: Fixed an infinite fault loop that occurred during GPA intercepts when permissions were denied. This issue prevents infinite fault loops when guests access memory regions without proper permissions. Currently,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pd-mapper: Fixed the element length in servreglocpfrreqei. The element length declared in servreglocpfrreqei does not match the reason field of servreglocpfrreq. This caused a decoding error during PD crashes. In the...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: rejecting new basechains after table flags are updated When the “dormant” flag is toggled, hooks are disabled during the commit phase by iterating over existing and new chains in the table. The following...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: libceph: Potential out-of-bounds reads in processmessageheader have been prevented. If the message frame is maliciously corrupted in such a way that the length of the control segment becomes shorter than the size of the message...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: dm: verity-loadpin: Only trust verity targets with enforcement Verity targets can be configured to ignore corrupted data blocks. LoadPin must only trust verity targets that are configured to perform some kind of enforcement when...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: mmc: vub300: fix warning – do not call blocking ops when !TASKRUNNING vub300enablesdioirq works with a mutex and requires TASKRUNNING. Ensure that we mark the current context as TASKRUNNING for sleepable contexts. 77.554641 Do...

Astra Linux - уязвимость в linux-5.10

A flaw was discovered in the way the “flags” member of the new pipe buffer structure lacked proper initialization in the copypagetoiterpipe and pushpipe functions of the Linux kernel. As a result, these members could contain stale values. An unprivileged local user could exploit this flaw to writ...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Networks: qcom/emac – fixed a UAF Use-after-Free issue in emacremove. “adpt” is netdev private data, and it cannot be used after the freenetdev call. Using “adpt” after freenetdev can cause a UAF bug. This issue was fixed by movi...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm: A use-after-free issue in drmgetunique has been fixed. There is a time-of-check-to-time-of-use error in drmgetunique, caused by retrieving fpriv-master before locking the device’s master mutex. An example of this error can b...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: USB: Fixed various issues related to null pointer dereferencing on 10Gbps cables. This prevented null pointer dereferences in functions fecm,eem,hid,loopback,printer,rndis,serial,sourcesink,subset,tcm by simply reusing the 5Gbps...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fixed the initialization of the CQ fragments buffer. The function initcqfragbuf can be used to initialize the current CQ fragments buffer cq-buf, or the temporary cq-resizebuf that is filled during the CQ resize operatio...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: net: usb: fixed a memory leak in smsc75xxbind Syzbot reported a memory leak in smsc75xxBind. The issue occurred when non-freeed memory remained after memory allocation due to errors. Backtrace: kmalloc include/linux/slab.h:556...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: ti: fix UAF in tlanremoveone. priv is netdev’s private data, and it cannot be used after a freenetdev call. Using priv after freenetdev can cause a UAF bug. This issue is fixed by moving the freenetdev call to the end of the...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: Fix memory leak in netlblcipsov4addstd Reported by syzkaller: BUG: Memory leak Unreferenced object: 0xffff888105df7000 size 64 Process: “syz-executor842”, PID: 360, Jiffies: 4294824824 Age: 22.546 seconds Hex dump firs...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: fix OOB Read in qrtrendpointpost Syzbot reported a slab-out-of-bounds Read in qrtrendpointpost. The problem was with the wrong sizetype: if len != ALIGNsize, 4 + hdrlen goto err; If the size from qrtrhdr is 4294967293...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: can: mcbausb: fixed a memory leak in mcbausb Syzbot reported a memory leak in the SocketCAN driver for the Microchip CAN BUS Analyzer Tool. The problem occurred in unfreeing the usbcoherent object. In the mcbausbstart function...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: smb: server: Fixed a leak in activenumconn when there is a failure in transport allocation. The commit 77ffbcac4e56 “smb: server: fixed the leak of activenumconn in ksmbdtcpnewconnection” addresses the failure path in kthreadrun...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: mm: Handle invalid large leaf mappings correctly It has been possible for a long time to mark ptes in the linear map as invalid. This is done for secretmem, kfence, realmdma memory un/share, and others, by simply clearing...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: MGMT: Fixed corruption in command completion handlers and UAFs Commit 302a1f674c00 “Bluetooth: MGMT: Fixed possible UAFs” introduced mgmtpendingvalid, which not only validates pending commands but also unlinks them...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: vhost: moved the bound check for vdpa group to vhostvdpa. Duplications have been removed by consolidating them here. This reduces the possibility that a parent driver may miss them. Additionally, we’ve fixed a bug in vdpasim,...