184 matches found
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fixed a possible memory leak in ovsmetercmdset. oldmeter needs to be freed after it is detached, regardless of whether the new meter is successfully attached...
Astra Linux - уязвимость в linux, linux-5.10
The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling ‘file’ pointer...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: vpvdpa: fixed the crash that occurs when the vpvdpa device is unplugged suddenly. When the vpvdpa device is unplugged, it triggers a kernel panic. The root cause is that vdpamgmtdevunregister will access modern devices, leadin...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: bpf: Disabling preemption in bpfeventoutput We received a report 1 regarding a kernel crash, which was caused by using nesting protection without disabling preemption. The bpfprogrunarraycg function calls bpfeventoutput, which...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: Drivers: tty: serial: Fixed a deadlock in sa1100settermios There is a deadlock in sa1100settermios, as shown below: Thread 1 | Thread 2 | sa1100enablems sa1100settermios | modtimer spinlockirqsave //1 | Wait for a while ... |...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: gpio: mockup: Fixed a NULL pointer dereferencing issue when removing debugfs. We now remove the debugfs entries of the device when unbinding the driver. This now causes a NULL-pointer dereference at the end of the module’s...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: clk: Get runtime PM before walking the tree during disableunused. Doug reported 1 the following hung task: INFO: task swapper/0:1 was blocked for more than 122 seconds. Not tainted 5.15.149-21875-gf795ebc40eb8 1 “echo 0...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Watchdog: Fixed a memory leak in watchdogcdevregister. The kmemleak report indicates memory leaks in watchdogdevregister. The details are as follows: Unreferenced object: 0xffff888116233000 size 2048: - Command: “modprobe”, PID...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: usb: cdns3 – Fix for use-after-free at workaround 2 BUG: KFENCE – Use-after-free during read operation in listdelentryvalid+0x10/0xac The code snippet cdns3wa2removeoldrequest includes the following steps: c...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkosf: fixed a possible incorrect match in nfosffind. nfosffind incorrectly returns true in case of a mismatch, which leads to copying uninitialized memory areas in nftosf. This can result in leaking stale kerne...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: AppArmor: Fixed a memory leak in aasimplewritetobuffer. When copyfromuser failed, memory was freed using kvfree. However, the management structure and data blob are allocated independently. Therefore, only kvfreedata causes the...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: atm: nicstar: Fixed a possible use-after-free in nicstarcleanup The remove path of this module calls deltimer. However, that function does not wait until the timer handler is finished. This means that the timer handler may still ...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6797 – Added a check for the return value of mtkallocclkdata. The check is added to avoid dereferencing a NULL pointer...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: objtool: A memory leak has been fixed in the createStaticcallsections function. strdup allocates memory for keyname. We need to release this allocated memory in the following error-prone code paths. Add free to avoid the memory...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: macsec: sync features on RTMNEWLINK Syzkaller was able to lock the lower device via ETHTOOLSFEATURES: - netdevlock, include/linux/netdevice.h: 2761 inline - netdevops, include/net/netdevlock.h: 42 inline -...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm/devfreq: Fixed the OPP refcnt leak...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: virtio-net: The received length check for large packets has been fixed. Since commit 4959aebba8c0 “virtio-net: Use MTU size as buffer length for large packets”, when the guest gso is disabled, the allocated size for large packets...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: afs: Fixed the failure condition due to the merge preference rule syzbot reported a lock that remained held when returning to user space1. This occurs because if argc is less than 0 and the function returns directly, the held...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix use-after-free We have already freed the assocdata at this point, so we need to use another copy of the AP MLD address instead...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: s390/syscalls: Added a spectre boundary for the syscall dispatch table. The s390 syscall number is directly controlled by the user space, but there is no arrayindexnospec boundary to prevent access beyond the syscall function...