Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: r6040: Fixed the kmemleak in the probe function and removed it. There is a memory leak reported by kmemleak: - Unreferenced object 0xffff888116111000 size 2048: comm “modprobe”, pid 817, jiffies 4294759745 age 76.502s Hex dump...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: phy: allowing MDIO bus PM operations to initiate/stop the state machine for phylink-controlled PHYs. DSA has two types of drivers: 1. Those that call dsaswitchsuspend and dsaswitchresume from their device’s PM operations:...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: netsec: fixed error handling in netsecregistermdio. If phydeviceregister fails, phydevicefree must be called to reset the reference count; thus, the memory associated with the phy device and its name can be freed in the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: - net: dsa: felix: do not use devres for mdiobus. As explained in the commits: - 74b6d7d13307: “net: dsa: realtek: register the MDIO bus using devres”. - 5135e96a3dd2: “net: dsa: do not allocate the slavemiibus using devres”...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: phy: mdio: fix memory leak Syzbot reported a memory leak in the MDIO bus interface. The problem lay in incorrect state logic. The MDIOBUSALLOCATED state indicates two possible statuses: 1. The bus is only allocated. 2. The bus is...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: - In the dsa module, potential memory leaks were fixed in dsaloopinit. - kmemleak reported memory leaks in dsaloopinit: 12 new suspected memory leaks. - The unreferenced object 0xffff8880138ce000 size 2048 contains the followi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: don't use devres for mdiobus As explained in commits: 74b6d7d13307 "net: dsa: realtek: register the MDIO bus under devres" 5135e96a3dd2 "net: dsa: don't allocate the slavemiibus using devres" mdiobusfree will...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: It was resolved that holding a reference to the PM usage count is necessary to avoid deadlocks between PM and MDIO operations along with RTNL. It is important to prevent USB runtime PM autosuspend for the AX88772...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxxmdiosregister ofgetchildbyname returns a node pointer with refcount incremented, we should use ofnodeput on it when done. mv88e6xxxmdioregister pass the device node to...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix undefined behavior in bit shift for mdiobusregister Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN: shift-out-of-bounds ...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: dsa: bcmsf2: Fixed a possible memory leak in bcmsf2mdioregister. The bcmsf2mdioregister function calls of Phyfinddevice and then phydeviceremove in a loop to remove existing PHY devices. The of Phyfinddevice function...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: net: mdio: unexport init-annotated mdiobusinit EXPORTSYMBOL and init are a bad combination because the .init.text section is freed after initialization. As a result, modules cannot use symbols annotated with init. Accessing a fre...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: mdio: Fixed an unbalanced fwnode reference count in mdiodevicerelease. There is a warning report regarding a refcount leak when probing the mdio device: OF: Error: Memory leak; the expected refcount was 1 instead of 2. The...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013339)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013339 advisory. In the Linux kernel, the following vulnerability has been resolved: asix: fix uninit-value in asixmdioread asixreadcmd may read less than sizeofsmsr bytes and in thi...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011018)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011018 advisory. In the Linux kernel, the following vulnerability has been resolved: net: netsec: fix error handling in netsecregistermdio If phydeviceregister fails, phydevicefree...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007371)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007371 advisory. In the Linux kernel, the following vulnerability has been resolved: net: netsec: fix error handling in netsecregistermdio If phydeviceregister fails, phydevicefree...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006675)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006675 advisory. In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix unbalanced fwnode reference count in mdiodevicerelease There is warning report abo...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004863)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004863 advisory. In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix undefined behavior in bit shift for mdiobusregister Shifting signed 32-bit value b...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38110)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38110 advisory. - In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of- bound...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38111)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38111 advisory. - In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of- bound...