224345 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: usb: legacy: ncm: Fixed an NPE in gncmBind. The commit 56a512a9b410 “usb: gadget: fncm: Aligned netdevice lifecycle with bind/unbind” deferred the allocation of the netdevice. This change results in a NULL pointer derefrence in t...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/panel: A possible null pointer dereference in jdipaneldsiremove has been fixed. In jdipaneldsiremove, jdi is explicitly checked, indicating that it may be NULL: c if !jdi mipidsidetachdsi; However, when jdi is NULL, the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: BPF: Sleepable kprobemulti programs are rejected during attachment. kprobe.multi programs run in atomic/RCU contexts and cannot sleep. However, bpfkprobemultilinkattach did not validate whether the program being attached had the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net.manap: Null servicewq on setup error to prevent double destruction. In the managdsetup error path, set gc-servicewq to NULL after destroyworkqueue, to match the cleanup in managdcleanup. This prevents a use-after-free if the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mfd: macsmc: Initialize mutex The mutex of the struct applesmc is initialized in the applesmcprobe function. Surprisingly, using the uninitialized mutex only resulted in occasional NULL pointer dereferences in calls to applesmcre...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: hwmon: pmbus/q54sj108a2 Fixed a stack overflow issue in the debugfs read operation. The q54sj108a2debugfsread function suffers from a stack buffer overflow due to incorrect arguments being passed to bin2hex. Currently, the functi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: xfrm: fixed the refcount leak in xfrmmigratepolicyfind Syzkaller reported a memory leak in xfrmpolicyalloc: BUG: Memory leak Unreferenced object 0xffff888114d79000 size 1024: comm “syz.1.17”, pid 931 … xfrmpolicyalloc+0xb3/0x4b0...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/tests: shmem: Holding the reservation lock around vmap/vunmap operations Acquiring and releasing the reservation lock of the GEM object during vmap and vunmap operations. The tests used vmaplocked, which caused errors such...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fixed the race condition between the scrub and refill paths. The iozcrxputniovuref function uses a non-atomic check-then-decrement pattern atomicread followed by an atomicdec to manipulate userrefs. This pattern is...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Thermal: Core – Issues related to race conditions during the removal of thermal zones and resumption of operations. Since thermalzonepmcomplete and thermalzonedeviceresume reinitialize the delayed work of the pollqueue for the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: “Revert ‘media: iris’: Add a sanity check for stopping streaming.” This change is reflected in the commit ad699fa78b59241c9d71a8cafb51525f3dab04d4. The check that previously skipped “stopstreaming” when the instance was in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Skips the dev-iotlb flush for inaccessible PCIe devices without scalable mode. PCIe endpoints with ATS enabled and passed through to userspace e.g., QEMU, DPDK can cause a system hard lock when their link fails, eithe...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: GPIO: sysfs: fix the issue where removing a chip with GPIOs exported through sysfs occurs. Currently, if we export a GPIO through sysfs and unbind the parent GPIO controller, the exported attribute will remain under...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: Ensure that we call ipv6mcdown at most once. There are two reasons why addrconfnotify is called with NETDEVDOWN: Either the network device is actually going down, or IPv6 was disabled on the interface. If either of the...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: drm/sti: The return type of stidvo,hda,hdmiconnectormodevalid has been corrected. With Clang’s Kernel Control Flow Integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer...
Astra Linux - уязвимость в linux-5.10
A race condition was detected in the Linux kernel’s watch queue due to a missing lock in the piperesizering function. The specific flaw lies in the handling of pipe buffers. The problem arises from the lack of proper locking when performing operations on an object. This flaw allows a local user t...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: sched/core: Page allocation is disabled in tasktickmmcid. With KASAN and PREEMPTRT enabled, calling taskworkadd within tasktickmmcid may cause the following crash. 63.696416 BUG: A sleeping function is called from an invalid...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fixed a slab-out-of-bounds issue in sesintfremove. A fix for the issue is as follows: BUG: KASAN: A slab-out-of-bounds condition occurred in sesintfremove+0x23f/0x270 ses. The size of the read operation was 8 bytes at...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: mac80211: A potential double-free operation occurred during mesh join. While commit 6a01afcf8468 “mac80211: Mesh: Deleting ie data when leaving the mesh” fixed a memory leak that occurred during mesh leave/teardown, it introduced...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: iio: accel: sca3300: fixed uninitialized iio scan data Fixed the potential leak of uninitialized stack data into the user space by ensuring that the channels array is cleared before use...