224388 matches found
Astra Linux – Vulnerability in Linux
Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of the Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in orde...
Astra Linux - уязвимость в linux
A flaw involving double-free memory corruption in the Linux kernel’s HCI device initialization subsystem was discovered. This flaw allows a malicious HCI TTY Bluetooth device to be attached to the system. A local user could exploit this flaw to crash the system. This flaw affects all Linux kernel...
Astra Linux - уязвимость в linux
A memory-bound write flaw 1 or 2 bytes of memory was identified in the Linux kernel’s NFS subsystem, related to the way users use mirroring replication of files via NFS. A user with access to the NFS mount could potentially exploit this flaw to crash the system or escalate privileges on the syste...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: locking/qrwlock: Fixed the ordering in queuedwritelockslowpath While this code is executed with waitlock held, a reader can acquire the lock without holding waitlock. The writer checks the value using atomiccondreadacquire, but...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerabilities have been resolved: irqchip/gic-v3: Do not enable IRQs when handling spurious interrupts. The following error occurred while running our 4.19 kernel with the pseudo-NMI patches backported to it: 14.816231 ------------ Cut here ------------...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: i40e: Fixed a use-after-free in i40eclientsubtask. Currently, the call to i40eclientdelinstance frees the object pf-cinst. However, pf-cinst-laninfo is accessed after the object is freed. This issue was fixed by adding the...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: In the net subsystem, it is now allowed only for the init netns to set the default tcpcongestioncontrol to a restricted algorithm. The tcpsetdefaultcongestioncontrol function is netns-safe because it writes to...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: spi: fsl-lpspi: The issue of a reference leak during lpspipreparexferhardware has been fixed. pmruntimegetsync will increment the pm usage counter even if the operation fails. Forgetting to replace this operation with...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: HID: magicmouse: fix NULL dereferencing on disconnection Commit 9d7b18668956 “HID: magicmouse: add support for Apple Magic Trackpad 2” added a sanity check for an Apple trackpad. If the check fails, it returns success instead of...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: net: caif: fixed a memory leak in cfusbldevicenotify. In the case of a failure in caifenrolldev, the allocated linksupport will not be assigned to the corresponding structure. Therefore, simply free the allocated pointer in case ...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerabilities have been resolved: USB: usbfs: Do not issue a WARN message regarding excessively large memory allocations. Syzbot discovered that the kernel generates a WARN message if the user attempts to perform a bulk transfer using usbfs with a buffer that ...
Astra Linux - уязвимость в linux, linux-5.10
A vulnerability was discovered in the Linux kernel, where a use-after-free condition could occur in nouveau’s postclose handler if a device is removed. This situation occurs when removing a device—a process that isn’t common for physically removing a video card without shutting down the system...
Astra Linux - уязвимость в linux
A vulnerability was discovered in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory...
Astra Linux - уязвимость в linux, linux-5.10
A NULL pointer dereference flaw was discovered in the btrfsrmdevice function in fs/btrfs/volumes.c within the Linux Kernel. Triggering this bug requires CAPSYSADMIN. This flaw allows a local attacker to crash the system or leak kernel internal information. The greatest threat posed by this...
Astra Linux - уязвимость в linux, linux-5.10
A memory overflow vulnerability was discovered in the ipc functionality of the memcg subsystem in the Linux kernel. This vulnerability occurs when a user calls the semget function multiple times, thereby creating semaphores. This flaw allows a local user to deplete resources, resulting in a denia...
Astra Linux - уязвимость в linux-5.10
A flaw in the Linux kernel’s implementation of the RDMA communication manager listener code allowed an attacker with local access to set up a socket to listen on a high port. This allowed for a memory element to be used after it was freed. With the ability to execute code, a local attacker could...
Astra Linux - уязвимость в linux, linux-5.10
A vulnerability was discovered in the fs/inode.c:inodeinitowner function logic of the Linux kernel. This vulnerability allows local users to create files for the XFS file system with unintended group ownership, along with group execution and SGID permission bits set. This occurs in a scenario whe...
Astra Linux - уязвимость в linux, linux-5.10
A non-privileged write-to-file handler flaw exists in the Linux kernel’s control groups and namespaces subsystem. This flaw allows users to gain access to certain less-privileged processes that are controlled by cgroups, even when those processes have higher-privileged parent processes. This issu...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Binder: Make sure that fd closes completely. During the processing of BCFREEBUFFER, the BINDERTYPEFDA object cleanup may close one or more fds. The close operations are completed using the task work mechanism—which means that the...
Astra Linux - уязвимость в linux-5.10
A flaw was discovered in the Linux kernel. A null pointer dereference in the bondipsecaddsa function may lead to a local denial of service...