Astra Linux - уязвимость в linux-5.10, linux

A vulnerability was discovered in the Linux kernel. It has been classified as critical. This issue affects the devlinkparamset/devlinkparamget functions in the net/core/devlink.c file of the IPsec component. The vulnerability allows for exploitation after memory allocation. It is recommended that...

Astra Linux - уязвимость в linux-5.10, linux

A vulnerability classified as problematic has been discovered in the Linux kernel. The affected function is j1939sessiondestroy in the file net/can/j1939/transport.c. This manipulation leads to a memory leak. It is recommended that a patch be applied to fix this issue. The identifier of this...

Astra Linux - уязвимость в linux-5.10

A issue was discovered in the Linux kernel before version 6.0.11. Missing validation of the IEEE80211P2PATTRCHANNELLIST in the drivers/net/wireless/microchip/wilc1000/cfg80211.c file, within the WILC1000 wireless driver, can lead to a heap-based buffer overflow when parsing the operating channel...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: hwmon: nct6775 Fixed the crash in clearcaseopen. Paweł Marciniak reported the following crash, which occurred when clearing the chassis intrusion alarm. Bug: NULL pointer dereferencing in the kernel; address: 0000000000000028. PG...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: xhci-plat: Fix for crashes when suspending if remote wake-up is enabled Crashes occurred on the i.mx8qm platform when suspending if remote wake-up was enabled. Internal error: Synchronous external abort: 96000210 1 PREEMPT S...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm: vmscan: removed deadlock caused by throttling failing to progress. A soft lockup bug in kcompactd was reported in a private bugzilla. The following messages were observed in dmesg: watchdog: BUG: soft lockup – CPU33 stuck...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ima: fixed a reference leak in asymmetricverify Do not leak a reference to the key if its algorithm is unknown...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iavf: Fix for hang during reboot/shutdown The recent commit 974578017fc1 “iavf: Add waiting so that the port is initialized in remove” adds a wait-loop at the beginning of iavfremove, to ensure that port initialization is complet...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net-sysfs: added a check to ensure netdevice is present before using speedshow. When disabling the netdevice or during system shutdown, a panic may occur when accessing the sysfs path, because the device has already been removed...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: vdpa: fixed a use-after-free in vpvdparemove. When the vpvdpa driver is unbound, vpvdpa is freed in vdpaunregisterdevice, and then vpvdpa-mdev.pcidev is dereferenced in vpmodernremove, triggering a use-after-free. Call trace for...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Ethernet: Fixed error handling in xemacliteofprobe The node pointer is returned by ofparsephandle, and the reference count is incremented in this function. Calling ofnodeput is used to avoid the reference count leak. The remove...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: sched/fair: Fixed an error in reweightentity. Syzbot detected a GPF in reweightentity. This issue has been fixed in commit 4ef0c5c6b5ba “kernel/sched: Fixed the issue where schedfork accesses an invalid schedtaskgroup”. There ...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: Net: Ethernet: stmmac: fixed the altrtsepcs function when using a fixed-link. When using a fixed-link, the altrtsepcs driver crashes due to a null-pointer dereference, as no phydevice is provided to the tsepcsfixmacspeed function...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: fbdev: Fixed the issue of unregistering framebuffers without a device. Framebuffers in OF do not have a underlying device in the Linux device hierarchy. Instead of hot-unplugging such non-existent devices, a regular unregister...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/panel: ili9341: fix optional regulator handling If the optional regulator lookup fails, reset the pointer to NULL. Other functions such as mipidbipoweronconditional only perform a NULL pointer check; otherwise, they will...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fixed the mpolnew leak in sharedpolicyreplace. If mpolnew is allocated but not used during the restart loop, mpolnew will be freed via mpolput before returning to the caller. However, refcnt has not been initialized...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: highmem: Fixed the checks in kmaplocalschedin,out$. When CONFIGDEBUGKMAPLOCAL is enabled, the check in kmaplocalschedin,out ensures that even slots in tsk-kmapctrl.ptval are unmapped. These slots are initialized with a value o...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: Fixed an issue involving a use-after-free in hcisendacl. This fix addresses the issue caused by receiving HCIEVDISCONNPHYLINKCOMPLETE, which does not call hciconndel without first checking whether conn-type is indee...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: pm8001: Fix tag leaks on error In functions like pm8001chipsetdevstatereq, pm8001chipfwflashupdatereq, pm80xxchipPhyCTLreq, and pm8001chipregdevreq, missing calls to pm8001tagfree were added to free the allocated tags wh...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ath11k: mhi: use mhisyncpowerup If amss.bin is missing, ath11k will crash during the ‘rmmod ath11kpci’ command. The reason for this is that we were using mhipowerup, which does not check for any errors. However, mhisyncpowerup do...