Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: In the siparsepowertable function, the array adev-pm.dpm.ps and its members are allocated. If the allocation of each member fails, the array itself is freed and returned with an error code. However, the array is later freed again...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: usb: isp1760: Fixed out-of-bounds array access issues Running the driver through KASAN reveals the following issues: BUG: KASAN: Global out-of-bounds access in isp1760register+0x180/0x70c Reading a size of 20 bytes from addr...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: gpio: gpio-xilinx: Fix integer overflow The current implementation cannot configure more than 32 pins due to an incorrect data type. Therefore, type casting using unsigned long is used to avoid this issue...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed issues related to data races around sysctltcpmaxreordering. When modifying sysctltcpmaxreordering, it’s possible for multiple changes to occur simultaneously. Therefore, we need to add READONCE to its readers...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: A data race issue around the sysctltcpfwmarkaccept function has been fixed. When reading sysctltcpfwmarkaccept, it can be changed concurrently. Therefore, we need to add a READONCE call to its reader...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: tipc: fixed a possible refcount leak in tipcskcreate Free sk in case tipcskinsert fails...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: raw: Fixed a data race around sysctlrawl3mdevaccept. While reading sysctlrawl3mdevaccept, it can be changed concurrently. Therefore, we need to add READONCE to its reader function...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: sysctl: Data race issues in procdouintvecminmax have been fixed. A sysctl variable is accessed concurrently, and there is always a risk of data races. Therefore, both readers and writers need some basic protection to avoid data...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: sysctl: Data race issues in procdouintvec have been fixed. A sysctl variable is accessed concurrently, and there is always a risk of data races. Therefore, both readers and writers need some basic protection to avoid data...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/cm: Fixed a memory leak in ibcminsertlisten. The function cmallocidpriv allocates resources for the cmidpriv. When cminitlisten fails, it does not free those allocated resources, resulting in a memory leak. Added missing...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: mm/slub: Added missing TID updates when the slab is deactivated. The fastpath in slaballocnode assumes that c-slab remains stable as long as the TID remains the same. However, there are two places in slaballoc where the TID is...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: iouring: Fixed the issue where multishot accept requests could lead to leaks. Setting REQFPOLLED does not guarantee that the request will be executed as a multishot from the polling path. Fortunately, if the code misidentifies...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: dmaengine: ti: k3-udma-glue: A memory leak was fixed when the deviceregister function failed. If deviceregister fails, it should call putdevice to release the reference. The name allocated by devsetname can be freed in the...

Astra Linux - уязвимость в linux-5.10

A race condition was detected in the fs/proc/taskmmu.c file, which is part of the memory management sub-component in the Linux kernel. This issue may allow a local attacker with user privileges to cause a denial of service...

Astra Linux - уязвимость в linux-5.10, linux

A null pointer dereference issue was discovered in the SCTP network protocol within the net/sctp/streamsched.c file in the Linux kernel. If the streamin allocation fails, the streamout resource is freed, allowing further access to it. A local user could exploit this vulnerability to crash the...

Astra Linux - уязвимость в linux-5.10, linux

A NULL pointer dereference flaw was discovered in dbFree in the fs/jfs/jfsdmap.c file of the Journaling File System JFS within the Linux kernel. This issue may allow a local attacker to cause the system to crash due to a missing sanity check...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed an out-of-band issue in ntfslistxattr. The length of a name cannot exceed the space occupied by “ea”...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: rgb: Fixed the missing clkput in the error handling code for tegradcrgbprobe. If the call to clkgetsys..., "plld2out0" fails, the call to clkgetsys must be undone. Added the missing clkput function and a new label...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Split the initial and dynamic conditions for extentcache. Let’s allocate the extentcache tree without dynamic conditions to avoid a panic caused by a missing condition, as shown below. Create a file with a compressed fla...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: iommu/iova: Fixed the issue where alloc iova overflows occurred. In allocandinsertiovarange, there is a issue where retrypfn overflows. The value of iovad-anchor.pfnhi is 0UL. When iovad-cachednode is equal to iovad-anchor,...