5124 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: lltemac: The function platformgetresource was replaced with the function devmplatformioremapresourcebyname. This replacement affects the call using 0 as the resource name. This ultimately leads to a null pointer in the strcm...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: x86/ioremap: Maps EFI-reserved memory as encrypted for SEV. Some drivers require memory that is marked as EFI boot services data. To prevent this memory from being reused by the kernel after ExitBootServices, efimemreserve is use...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Error handling was added in xhcimapurbfordma. Currently, xhcimapurbfordma creates a temporary buffer and copies the SG list to the new linear buffer. However, if kzallocnode fails, the call to sgpcopytobuffer may lead ...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Prevent leaking grants Prior to this commit, if a grant mapping operation failed partially, some of the entries in the mapops array would be invalid, while all of the entries in the kmapops array would be valid. This...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: Fixed the error path in multi-packet WQE transmit. Removed the erroneous unmap if no DMA mapping was established. The multi-packet WQE transmit code attempts to obtain a DMA mapping for the skb. This may fail, for...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: bcmasp: fixed a potential memory leak in bcmaspxmit. The bcmaspxmit function returns NETDEVTXOK without freeing the skb object in case of mapping failures. Add devkfreeskb to address this issue...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ksm: The range-walk function is used to bypass holes in scangetnextrmapitem. Currently, scangetnextrmapitem walks every page address in a VMA to locate mergeable pages. This approach becomes highly inefficient when scanning large...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: rvc: Sparse-Memory/vmemmap out-of-bounds fix The offset of vmemmap has been adjusted so that the first page of vmemmap is mapped to the first page of physical memory. This ensures that the bounds of vmemmap are respected durin...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcrrt5651 – Fixed invalid quirk input mapping. When an invalid value is passed via the quirk option, the bytcrrt5640 driver currently simply ignores it and leaves it unchanged. This may lead to unexpected results,...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath11k: Fix peer HE MCS assignment In ath11kwmisendpeerassoccmd, the peer’s transmit MCS is sent to the firmware as the receive MCS, while the peer’s receive MCS is sent as the transmit MCS. This contradicts the definitions...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211 – Correctly decodes TTLM with the default link map. The TID-to-link mapping TTLM elements do not contain any link mapping presence indicators when a default mapping is used, and parsing is skipped. It should be not...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: regulator: stm32-pwr: fix ofiomap leak Suggestions: - In the file drivers/regulator/stm32-pwr.c at line 166, the function stm32pwrregulatorprobe generates a warning: “The ‘base’ from ofiomap is not released.” This issue occurs wh...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: The issue of using NULL for folio handling in movepageshugepmd has been fixed. movepageshugepmd handles UFFDIOMOVE operations for both normal THPs and huge zero pages. For the huge zero page, srcfolio is explicitly...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/etnaviv: checking for the reaped mapping in etnaviviommuunmapgem. When the mapping has already been reaped, the unmap operation must be a no-op. Otherwise, we would try to remove the mapping twice, corrupting the involved dat...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
Guests running on Arm can cause Denial of Service DoS attacks on Dom0 through PV devices. When mapping memory pages of guests on Arm, Dom0 uses an rbtree to keep track of the foreign mappings. The update of this rbtree does not always occur completely with the relevant lock held, resulting in a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/msm: Fixed null pointer dereferencing without IOMMU. Check whether ‘aspace’ is set before using it, as it will remain null without IOMMU, especially on devices like msm8974...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: ioam6: fix OOB and missing lock issues When trace-type.bit6 is set: if trace-type.bit6 ... queue = skbgettxqueuedev, skb; qdisc = rcudereferencequeue-qdisc; This code can lead to an out-of-bounds access of the dev-tx array...
Astra Linux – Vulnerability in Linux, Linux 5.10
A memory leak flaw in the Linux kernel’s hugetlbfs memory usage was discovered in the way that the system maps some regions of memory twice using shmget. These mappings are aligned according to PUD alignment, resulting in some memory pages being misaligned. A local user could exploit this flaw to...
CVE-2026-11989
The Bit integrations – Form Integration, Webhook, Spreadsheets, CRM, LMS & Email Automation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.8.7 via the uploadattachment. This makes it possible for unauthenticated attackers to make web...
CVE-2026-11989
The Bit integrations – Form Integration, Webhook, Spreadsheets, CRM, LMS & Email Automation plugin for WordPress is affected by a Server-Side Request Forgery in versions