Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fixed SError causing kernel panic upon closing. The occurrence of SError causing kernel panic was rare during testing. The root cause was entering suspend mode due to an timeout of the autosuspend delay...

Astra Linux - уязвимость в linux-5.10

A NULL pointer dereference flaw was discovered in the Linux kernel’s X.25 set of standardized network protocol functions. This flaw allows a local user to crash the system by terminating their session using a simulated Ethernet card while continuing to use that connection...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Staging: GPIB – Fixed an Oops after disconnection in agilent USB. If the agilent USB dongle is disconnected, subsequent calls to the driver will cause a NULL dereference Oops, as the businterface is set to NULL upon disconnection...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fixed possible out-of-bounds accesses to addldescptr. Sanitized possible out-of-bounds accesses to addldescptr in sesenclosuredataprocess...

Astra Linux - уязвимость в linux-5.10

A double-free flaw was discovered in the Linux kernel’s TUN/TAP device driver functionality, particularly in how a user registers the device when the registernetdevice function fails with the NETDEVREGISTER notifier. This flaw allows a local user to crash the system or potentially escalate their...

Astra Linux - уязвимость в linux, linux-6.1, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: BPF: Check rcureadlockTraceheld before calling BPF map helpers. These three BPFmaplookup,update,deleteelem helpers are also available for sleepable BPF programs. Therefore, add the corresponding lock assertions for sleepable B...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Perform lockless command completion in the abort path When adding or removing controllers, the following call trace was observed: WARNING: CPU: 3 PID: 623596 at kernel/dma/mapping.c:532 dmafree attrs+0x33/0x50 CPU:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mshvvtl: Fixed the issue where vmemmapshift exceeded MAXFOLIOORDER. When registering VTL0 memory via MSHVADDVTL0MEMORY, the kernel calculates pgmap-vmemmapshift as the number of trailing zeros in the OR of startpfn and lastpfn. T...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: The admin tagset is released if the initialization fails. The nvmefabrics function creates a NVMe/FC controller in the following path: nvmfdevwrite → nvmfcreatectrl → nvmefccreatectrl → nvmefcinitctrl The nvmefcinitctrl...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: libceph: freechooseargmap has been made resistant to partial allocations that may lead to NULL pointer dereferencing. freechooseargmap may dereference a NULL pointer if its caller fails after a partial allocation. For example, in...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Counter: Interrupt-cnt: Remove the IRQFNOTHREAD flag An IRQ handler can either use IRQFNOTHREAD or acquire spinlockt. As noted by CONFIGPROVERAWLOCKNESTING: ============================= BUG: Invalid wait context 6.18.0-rc1+git...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fixed a null pointer dereference in ext4raw inode If ext4getinodeloc fails e.g., if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattr inodedecrefall lacks error checking, this will lead to a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Fixed the crash that occurs during profile change rollback failure. The mlx5enetdevchangeprofile function may fail to attach a new profile and may also fail to roll back to the old profile. In such cases, we might e...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ocfs2: A bug in the ocfs2findvictimchain function was fixed. The syzbot reported a kernel bug in ocfs2findvictimchain. This bug occurs because the clnextfreerec field of the allocation chain list the next free slot in the chain...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath11k: Fix peer HE MCS assignment In ath11kwmisendpeerassoccmd, the peer’s transmit MCS is sent to the firmware as the receive MCS, while the peer’s receive MCS is sent as the transmit MCS. This contradicts the definitions...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: The spinlock is used as a lock for protecting the context list. Previously, a mutex was added to protect the encoder and decoder context lists from unexpected changes originating from the SCP IP block. Th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: MGMT: Fixed a memory leak in setsspcomplete. A memory leak was fixed in setsspcomplete, where the mgmtpendingcmd structures are not freed after they are removed from the pending list. Commit 302a1f674c00 “Bluetooth:...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: gve: Added NULL pointer checks when freeing irqs. When freeing notification blocks, we use priv-msixvectors as an index. If we fail to allocate priv-msixvectors as seen in the case of abortwithmsixvectors, it could lead to a NULL...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: HID: bpf: preventing buffer overflow in hidhwrequest. Currently, the returned value is considered to be always valid. However, when working with HID-BPF, the returned value can be arbitrarily large, because it is the returned val...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nfsd: A cred reference leak was fixed in nfsdnllistenersetdoit. The function nfsdnllistenersetdoit uses getcurrentcred without using putcred. As we can see from other calls, svcxprtcreatefromsa does not require an additional...