4275 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: genirq/irqdesc: Prevent use-after-free in irqfindatorafter The irqfindatorafter function dereferences the interrupt descriptor returned by mtfind, without holding the sparseirqlock or RCU read lock. This means that the descriptor...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerabilities have been resolved: nvmet-tcp: fixed incorrect locking in the statechange sk callback We are not changing anything in the TCP connection state, so we should not use a writelock but rather a read lock. This caused a deadlock when running nvmet-tcp...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: Sysv: Do not call sbbread with pointerlock held. syzbot reports sleep in atomic context in the SysV filesystem 1. For sbbread, the function is called with rwspinlock held. There were two bugs: one was a “deadlock due to...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fixed recursive locking in RPC handle list access Since commit 305853cce3794 “ksmbd: Fixed race condition in RPC handle list access”, the ksmbdsessionrpcmethod function attempts to lock sess-rpclock. This causes hung...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: systemport: Added global locking for the descriptor lifecycle. The descriptor list is a shared resource across all transmit queues. The locking mechanism currently used only protects concurrency within a given transmit queue...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath11k – Fixed the issue with htt.pktlog locking. The ath11k active PDevs are protected by RCUs, but the code that handles htt.pktlog, namely ath11kmacgetarbypdevid, was not marked as a read-side critical section. This code...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Media: wl128x – Fix for atomicity violation in fmcsendcmd An atomicity violation occurs when the fmcsendcmd function is executed simultaneously with the modification of the fmdev-respskb value. Consider a scenario where, after...
Astra Linux - уязвимость в linux-5.15
A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw exists in the processing of SMB2LOGOFF and SMB2CLOSE commands. The issue arises from the lack of proper locking when performing operations on an object. An attacker can...
Astra Linux - уязвимость в linux-5.10, linux
In bindervmaclose of binder.c, there is a potential exploit after the free function call due to improper locking. This could lead to a local escalation of privileges without the need for additional execution privileges. User interaction is not required for this exploitation. Product: Android...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: ixgbe: Added locking to prevent panic when setting sriovnumvfs to zero. It is possible to disable VFs while the PF driver is processing requests from the VF driver. This can result in a panic. BUG: Unable to handle kernel pagi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: - For cgroup and freezer: The requirement to hold cpuhotpluglock before freezermutex has been removed. - syzbot reports a circular locking dependency between cpuhotpluglock and freezermutex. To address this, the commit...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: interconnect: Fixed locking issues related to runpm and reclaim. For cases where iccbwset can be called in contexts that may lead to deadlocks with shrinker/reclaim, such as during runpm resume, we need to separate the icc...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed a memory leak in the LRU and LRUPERCPU hash maps The LRU and LRUPERCPU maps allocate a new element during updates, before locking the target hash table bucket. Immediately afterwards, the maps attempt to lock the bucke...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: dma: xilinxdpdma: Fixing locking issues There are several places where either chan-lock or chan-vchan.lock was not held. Appropriate locking measures were added. This fixes lockdep warnings such as: 31.077578 ------------ Cut...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: Locking is provided for v4endgrace. Writing to v4endgrace can cause a race condition with server shutdown, resulting in memory being accessed after it has been freed—especially in the case of reclaimstrhashtbl. We cannot ho...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed the locking usage for tcon fields. Previously, we used cifstcpseslock to protect many objects that weren’t just server, ses, or tcon lists. Later, we introduced srvlock, seslock, and tclock to protect fields within th...
Astra Linux - уязвимость в linux-5.15
A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw exists in the processing of SMB2TREEDISCONNECT commands. The issue arises due to the lack of proper locking when performing operations on an object. An attacker can exploit...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: posix-clock: There was an issue with unbalanced locking in pcclocksettime. If getclockdesc succeeds, it calls fget for the fd associated with the clockid. It also acquires a read lock on clk-rwsem. Therefore, the error path shoul...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: ipv6: mcast: fixed a data race in ipv6mcdown / mldifcwork. idev-mcifccount can be written to 0xffff88813a80c832, which is 1 byte, by task 3771 on CPU 0: mldifcstopwork in net/ipv6/mcast.c:1080 inline ipv6mcdown+0x10a/0x280 in...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: ISO: fixed issues related to locking and validity checks for isoconn sk-skstate indicates whether isopisk-conn is valid. Operations that check or update skstate and access conn should hold locksock; otherwise, they...