12064 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Free pages with an error in btrfsuringreadextent In this function, the ‘pages’ object is never freed, in the hope that it will be picked up by btrfsuringreadfinished whenever that function is executed in the future. But...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: caam – fixed DMA corruption when dealing with long HMAC keys. When a key is longer than the block size, it is copied and then hashed into the actual key. The memory allocated for this copy needs to be rounded to the DMA...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: SELinux: The use of both GFPKERNEL and GFPATOMIC in convertcontext was enabled. The following warning was triggered in a hardware environment: SELinux: Converting 162 SID table entries... BUG: The sleeping function was called...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: spi: mchp-pci1xxx: Fixed a possible null pointer derefrence in pci1xxxspiprobe. In the function pci1xxxxspiprobe, there is a potential null pointer that may be caused by a failed memory allocation performed by the function...
Astra Linux – Vulnerability in pillow
In Pillow before 8.1.2, attackers can cause a denial of service due to excessive memory consumption. This occurs because the reported size of the contained image is not properly checked for an ICO container. As a result, a memory allocation attempt can be quite large...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: The block operation involving GFPNOIO around the sysfs-store function. The sysfs-store function is called with the queue frozen. Meanwhile, there are several -store callbacks such as updatenrrequests, wbt, scheduler that use...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: brcm80211 – Handle PMKOP allocation failures The kzalloc function in brcm80211pmksav3op will return null if physical memory runs out. As a result, if we dereference the null value, a null pointer dereference bug will occur...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
A issue was discovered in the Linux kernel through version 5.16-rc6. The lkdtmARRAYBOUNDS function in drivers/misc/lkdtm/bugs.c lacks a check for the return value of kmalloc, which can lead to a null pointer derefrence...
Astra Linux – Vulnerability in imlib2
It was discovered that imlib2 v1.9.1 mishandles memory allocation in the initimlibfonts function...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: clk: zynq – Prevent null pointer dereferencing caused by kmalloc failures The kmalloc function in zynqclksetup will return null if physical memory runs out. As a result, if we use snprintf to write data to a null address, a null...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: There is an issue with the correct reference to the devm device for the hidinput inputdevice name. The reference should be made to the HID device, not the input device, when allocating the inputdev name. Referring t...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: nfc: fixed a segfault in nfcgenldumpdevicesdone When kmalloc in nfcgenldumpdevices fails, nfcgenldumpdevicesdone causes a segfault as follows: KASAN: null-ptr-deref in range 0x0000000000000008-0x000000000000000f CPU: 0 PID: 25...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: udplite: Fixed a NULL pointer dereference in skmemraiseallocated. syzbot reported a NULL pointer dereference in skgetrmem0 while using IPPROTOUDPLITE 0x88: 14:25:52 executing program 1: r0 = socket$inet60xa, 0x80002, 0x88 We...
Astra Linux – Vulnerability in Linux 5.15
A issue was discovered in the Linux kernel before version 6.3.4. In the fs/ksmbd/connection.c file of ksmbd, there is an off-by-one error in memory allocation due to ksmbdsmb2checkmessage, which may lead to out-of-bounds access...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: xfrm: Update ipcompscratches with NULL when freed Currently, if ipcompallocscratches fails to allocate memory, ipcompscratches holds an obsolete address. Therefore, when we try to free the percpu scratches using...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ext4: a potential memory leak has been fixed in ext4fcrecordregions. Since krealloc may return NULL, in this case, state-fcregions may not be freed by krealloc. However, state-fcregions is already set to NULL. This could lead to ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Driver: soc: xilinx: fixed a memory leak in xlnxaddcbfornotifyevent. The kfree function should be called when memory fails to be allocated for cbdata in xlnxaddcbfornotifyevent. Otherwise, a memory leak will occur; therefore,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: skmsg: The allocskmsg function can be called from a non-sleepable context. The skpsockverdictrecv function uses rcureadlock protection. We need the callers to pass a gfpt argument to avoid issues. The report from syzbot stated:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix resource leaks in vdecmsgqueueinit If any error occurs in vdecmsgqueueinit, we need to set msgqueue-wdmaaddr.size = 0;. Normally, this is done inside the vdecmsgqueuedeinit function. However, if the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: xfs: removed calls to xchkxfiledescr macros. The xchkxfiledescr macros use kasprintf, which may fail to allocate memory if the formatted string is longer than 16 bytes or whatever value nofail currently guarantees. Some of the...