95 matches found
DLA-4476-1 linux-6.1 - security update
Bulletin has no description...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: media: mc: Clear minor number before putting device The device minor number should not be cleared after the device is released...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: netlink: avoided infinite retry loops in netlinkunicast The netlinkattachskb function checks the read memory allocation constraints of the socket. First, it checks whether the newly increased rmem value fits within the socket’...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed to avoid UAF in f2fssync inodemeta syzbot reported a UAF issue as follows: 1 2 1 https://syzkaller.appspot.com/text?tag=CrashReport&x=16594c60580000 =================================================================...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: Check linkres-hpodplinkenc before using it. WHAT & HOW The functions dpenablelinkPhy and dpdisablelinkPhy can pass linkres without initializing hpodplinkenc. It is necessary to check for null values before...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: virtio-net: Ensure that the received length does not exceed the allocated size. In xdplinearizepage, when reading the following buffers from the ring, we forget to check the received length against the actual allocated size. This...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed out-of-bounds access in cgroup local storage Lonial reported that an out-of-bounds access in cgroup local storage can occur through tail calls. This occurs when two programs each utilize a cgroup local storage with...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: btrfs: Do not allow relocation of partially dropped subvolumes BUG There is an internal report indicating that a balance-related transaction aborted, with the following call trace: item 85 key 594509824 169 0 itemoff 12599 itemsi...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: PCI: vmd: Makes vmddev::cfglock of type rawspinlockt Access to the PCI configuration space via pciops::read and pciops::write is a low-level hardware operation. These functions can be accessed with disabled interrupts, even on...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: isofs: Prevention of using too small fid values. syzbot reported a slab-out-of-bounds read in isofsfhtoparent. 1 The handlebytes value passed by the reproducing program is equal to 12. In handletopath, only 12 bytes of memory...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to unset link speed It isn’t guaranteed that NETWORKINTERFACEINFO::LinkSpeed will always be set by the server. Therefore, the client must handle any possible values and prevent such oopses from occurring...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: dropmonitor: fix incorrect initialization order Syzkaller reports the following bug: BUG: spinlock bad magic on CPU1, syz-executor.0/7995 lock: 0xffff88805303f3e0, .magic: 00000000, .owner: /-1, .ownercpu: 0 CPU: 1 PID: 7995 Comm...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix NULL pointer access Resources should only be released after all threads that utilize them have been destroyed. This commit ensures that resources are not released prematurely by waiting for the associated...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: Added a check for mgmtallocskb in mgmtremotename. Added a check on the return value of mgmtallocskb in mgmtremotename to prevent null pointer dereferencing...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: batman-adv: fixed a panic that occurred during the removal of an interface. Reference counting is used to ensure that batadvhardifneighnode and batadvhardiface are not freed before/during the completion of...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ntbhwswitchtec: Fixed an out-of-bounds situation in switchtecntbmwsettrans. There is a kernel API called ntbmwcleartrans, which passes 0 to both addr and size. This would cause xlatepos to become negative. 23.734156 switchtec...
[SECURITY] [DLA 4193-1] linux-6.1 security update
Debian LTS Advisory DLA-4193-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings May 30, 2025 https://wiki.debian.org/LTS Package : linux-6.1 Version : 6.1.137-1deb11u1 CVE ID : CVE-2023-52857 CVE-2023-52927 CVE-2023-53034 CVE-2024-24855 CVE-2024-26656 CVE-2024-26739...
Debian dla-4102 : linux-config-6.1 - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4102 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4102-1 [email protected]...
[SECURITY] [DLA 4076-1] linux-6.1 security update
Debian LTS Advisory DLA-4076-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings March 01, 2025 https://wiki.debian.org/LTS Package : linux-6.1 Version : 6.1.6.1.128-1deb11u1 CVE ID : CVE-2022-49034 CVE-2023-52916 CVE-2023-52926 CVE-2024-26595 CVE-2024-27407...
Debian dla-4076 : linux-config-6.1 - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4076 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4076-1 [email protected]...