224388 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Team: Fix for checking whether the port is enabled in teamqueueoverrideportpriochanged. A syzkaller bug was recently reported with the following trace: listdel corruption; ffff888058bea080-prev is LISTPOISON2 dead000000000122...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: fixed the use-of-free issue in probe deferment. The driver is no longer retaining references to larb devices during probe operations after a successful lookup, as well as in case of errors. This could potentially...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: exfat: Fixed a reference count leak in exfatfind. Fixed reference count leaks related to exfatgetdentryset in exfatfind. The function exfatgetdentryset would increment the reference counter of es-bh on success. Therefore,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: cifs: Fixed memory and information leaks in smb3reconfigure In smb3reconfigure, if the smb3syncsessionctxpasswords function fails, the function returns immediately without freeing and erasing the newly allocated newpassword an...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Platform/x86: hp-bioscfg: Fixed warnings regarding empty attribute names in kobjects. The hp-bioscfg driver attempts to register kobjects with empty names when the HP BIOS returns attributes with empty name strings. This causes...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: added a bounds check for ifid in the IRQ handler. The IRQ handler extracts ifid from the upper 16 bits of the hardware status register and uses it to index into ethsw-ports, without any validation. Since ifid can be...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: octeonep: Fixed a memory leak in octepdevicesetup. In octepdevicesetup, if octepctrlnetinit fails, the function returns directly without unmapping the mapped resources and freeing the allocated configuration memory. This issue wa...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fixed a use-after-free in inet6addrdel. syzbot reported a use-after-free of inet6ifaddr in inet6addrdel. 0 The referenced commit accidentally moved ipv6deladdr for mngtmpaddr before reading its ifp-flags for temporary...
Astra Linux – Vulnerability in Linux
In intelpmudrainpebsnhm in arch/x86/events/intel/ds.c of the Linux kernel, up to version 5.11.8 on some Haswell CPUs, user-space applications such as perf-fuzzer can cause a system crash due to improper handling of the PEBS status in a PEBS record, also known as CID-d88d05a9e0b6...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Fixed a use-after-free in the migration restore process. When an error is returned from xesriovpfmigrationrestoreproduce, the data pointer is not set to NULL, which can lead to a use-after-free in subsequent .write...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
A use-after-free flaw was discovered in btsdioremove in the drivers\bluetooth\btsdio.c file within the Linux kernel. In this flaw, calling btsdioremove with an unfinished job may lead to a race condition, resulting in a User Account Fault UAF on HDev devices...
Astra Linux - уязвимость в linux-5.10, linux
A use-after-free flaw was discovered in vmxnet3rqallocrxbuf in drivers/net/vmxnet3/vmxnet3drv.c within VMware’s vmxnet3 Ethernet NIC driver in the Linux kernel. This issue could allow a local attacker to cause the system to crash due to a double-free operation while cleaning up vmxnet3rqcleanupal...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: hwmon: In coretemp, a leak of the reference count for PCI devices was addressed in nv1aramnew. According to the comments on pcigetdomainbusandslot, it returns a PCI device whose reference count is incremented after use. The calle...
Astra Linux - уязвимость в linux-5.10, linux
A vulnerability has been discovered in the Linux kernel. It has been identified as a problem. This vulnerability affects the function vsockconnect in the file net/vmwvsock/afvsock.c. Manipulation of this function leads to a memory leak. The complexity of an attack is quite high. Exploitation of...
Astra Linux - уязвимость в linux-5.15
A issue was discovered in the Linux kernel before version 6.3.9. ksmbd does not validate the SMB request protocol ID, resulting in an out-of-bounds read...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: wilc1000: added the missing unregisternetdev function in wilcnetdevifcinit. The fault injection test reports this issue as follows: Kernel BUG at net/core/dev.c:10731! Invalid opcode: 0000 1 PREEMPT SMP KASAN PTI Call trace...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Disabled the unnecessary interrupt to avoid kernel panic. There is a hardware bug where the interrupt STMBUFHALF may be triggered after or when the interrupt is disabled. This can lead to unexpected kernel panics...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: Driver core: Fixed a deadlock in deviceattach. In the deviceattach function, the lock-holding logic is as follows: … deviceattach devicelockdev // Get the lock for dev asyncscheduledevdeviceattachasynchelper, dev; // Function cal...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: axp288fuelgauge: Fixed the race condition related to externalpowerchanged. The function fuelgaugeexternalpowerchanged dereferes the variable info-bat, which is then set in the function axp288fuelgaugeprobe. This process looks lik...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: vop: fixed a possible null-ptr-deref in vopbind. This issue could lead to a null-ptr-deref in resourcesize if platformgetresource returns NULL. Moving the call to resourcesize after devmioremapresource and checking...