137 matches found
PT-2026-44482
Name of the Vulnerable Software and Affected Versions Ubuntu Linux version 6.8 Ubuntu Linux version 6.17 Ubuntu Linux version 7.0 Description AppArmor SAUCE patches contain a flaw that can lead to an incorrect computation of an internal buffer size. This results in a heap memory out-of-bounds...
PT-2026-44478
Name of the Vulnerable Software and Affected Versions Ubuntu Linux version 6.8 Ubuntu Linux version 6.17 Ubuntu Linux version 7.0 Description SAUCE patches fail to validate invalid sizes of the name field in AppAmor notification responses. This issue can be triggered by an unprivileged local user...
Stable Channel Update for Desktop
The Stable channel has been updated to 148.0.7778.216/217 for Windows and 148.0.7778.215/216 Mac and 148.0.7778.215 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log Security Fixes and Rewards Note: Access to bug details and...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: serial: core: check uartclk for zero to avoid divide by zero Calling ioctl TIOCSSERIAL with an invalid baudbase can result in uartclk being zero, which will cause a divide by zero error in uartgetdivisor. The check for uartclk...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: mmc: core: Avoid negative index with array access The commit 4d0c8d0aef63 “mmc: core: Use mrq.sbc in close-ended ffu” assigns previdata = idatasi - 1, but does not check that the iterator i is greater than zero. We will fix this ...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: coresight: syscfg: Fixed a memory leak that occurred during registration failures in cscfgcreatedevice. deviceregister calls deviceinitialize. According to the documentation for deviceinitialize: “Use putdevice to release the...
Astra Linux - уязвимость в linux-5.10, linux
The atmtcenqueue function in the net/sched/schatm.c file of the Linux kernel, as of version 6.1.4, allows attackers to cause a denial of service due to type confusion. In some cases, non-negative numbers can indicate a TCACTSHOT condition instead of valid classification results...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: A memory leak has been fixed when scanning for an adapter. The ssifinfofind function sets info-adaptername if the adapter information comes from the SMBIOS; otherwise, it isn’t set. However, this function can be called...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: The issue lies in ofparsephandlewithargsmap. In this function, the inner loop that iterates through the map entries calls ofnodeputnew to free the reference acquired during the previous iteration of the inner loop. This assumes...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: media: bttv: fix use after free error due to btv-timeout timer There may be some a race condition between timer function bttvirqtimeout and bttvremove. The timer is setup in probe and there is no timerdelete operation in remove...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: removed one synchronizenet call from ipv6mcdown. As discussed in previous discussions commit 2d3916f31891 “ipv6: fix skb drops in igmp6eventquery and igmp6eventreport”, the synchronizenet call in ipv6mcdown is not...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix possible panic during hotplug remove During hotplug remove it is possible that the update counters work might be pending, and may run after memory has been freed. Cancel the update counters work before freeing memory...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: modpost: fix off by one in isexecutablesection The comparison should be = to prevent an out of bounds array access...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
A use-after-free vulnerability was discovered in iscsiswtcpsessioncreate in drivers/scsi/iscsitcp.c within the SCSI sub-component of the Linux kernel. This flaw allows an attacker to access internal kernel information...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: scsitransportsas: Fixed error handling in sasphyadd. If transportadddevice fails in sasPhyadd, the kernel may crash when trying to delete the device using transportremovedevice, which is called from sasremovehost. The kerne...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix race between freeswapandcache and swapoff There was previously a theoretical scenario where swapoff could execute and tear down the swapinfostruct while a call to freeswapandcache was running in another thread. This...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: cifs: prevent NULL pointer dereference in UTF16 conversion There can be a NULL pointer dereference bug here. NULL is passed to cifssfumakenode without checks, which passes it unchecked to cifsstrnduptoutf16, which in turn passes ...
Astra Linux - уязвимость в linux
The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup would result in...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: hfsplus: removed the mutexlock check in hfsplusfreeextents Syzbot reported an issue with the hfsplus filesystem: ------------ Cut here --- WARNING: CPU: 0 PID: 4400 at fs/hfsplus/extents.c:346 hfsplusfreeextents+0x700/0xad0 Ca...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: uprobes: The shared zeropage was rejected in uprobewriteopcode. The following crashes were triggered in syzkaller tests: BUG: Incorrect page state in process syz.7.38, pfn:1eff3 Page: refcount:0, mapcount:0,...