11902 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: PCI: ofproperty: Return error for intmap allocation failure The “ENOMEM” return value occurs when kcalloc fails to prevent a NULL pointer dereferencing in this case. bhelgaas: commit log...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: media: atomisp: Added a check for a failure in memory allocation for rgbydata. In iacss3astatisticsallocate, there is no check on the allocation result of the rgbydata memory. If rgbydata is not successfully allocated, it may...
Astra Linux - уязвимость в thrift
In Apache Thrift versions 0.9.3 to 0.13.0, malicious RPC clients could send short messages, resulting in a large memory allocation and potentially causing a denial of service...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: clk: zynq – Prevent null pointer dereferencing caused by kmalloc failures The kmalloc function in zynqclksetup will return null if physical memory runs out. As a result, if we use snprintf to write data to a null address, a null...
Astra Linux - уязвимость в u-boot
Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur due to a crafted squashfs filesystem using sbrk, request2size, or because ptrdifft is mishandled on x8664...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: The pointer to debugfsdir is set to NULL after removing debugfs. If init debugfs fails during device registration due to a memory allocation failure, the function debugfsremoverecursive is called. However, debugfsd...
Astra Linux - уязвимость в linux-5.10
A issue was discovered in the Linux kernel through version 5.16-rc6. The ef100updatestats function in drivers/net/ethernet/sfc/ef100nic.c lacks a check for the return value of kmalloc...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: dma: fixed the call order in dmamfreecoherent. The dmamfreecoherent function frees a DMA allocation, making the freed vaddr available for reuse. Then, it calls devresDestroy to remove and free the data structure used to track the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: soc: ti: tiscipmdomains: Check for a null return from devmkcalloc. The devmkcalloc allocation function may fail and return a null pointer. This could lead to a null-pointer dereferencing later. It might be better to check this an...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: nvme: fixed memory allocation in nvmeprreadkeys nvmeprreadkeys takes numkeys from userspace and uses it to calculate the allocation size for rse via structsize. The upper limit is PRKEYSMAX 64K. A malicious or buggy userspace...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: clk: imx: clk-imx8mn: fixed a memory leak in imx8mnclocksprobe. Use devmofiomap instead of ofiomap to automatically manage the unused ioremap regions. If any errors occur, the memory allocated by kzalloc may leak; however, usi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: amd/sdwutils: avoid NULL deref when devmkasprintf fails devmkasprintf may return NULL when memory allocation fails. However, the debug message prints cpus-dainame before checking it. Move the devdbg call after the NULL chec...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: arcnet: Add a NULL check in com20020pciprobe. devmkasprintf returns NULL when memory allocation fails. Currently, com20020pciprobe does not check for this case, resulting in a NULL pointer being dereferenced. Add a NULL check aft...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Fixed the error handling code for allocrange. A few users have reported display corruption when booting the machine into KDE Plasma or playing games. We identified a problem where, whenever allocrange failed to find th...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: capabilities: A potential memory leak was fixed in the error path of vfsgetxattralloc. In capinodegetsecurity, we use vfsgetxattralloc to complete the memory allocation of tmpbuf. If we have completed the memory allocation of...
Astra Linux – Vulnerability in WebKit2GTK
In WebKitGTK before 2.32.4, there is an incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, which leads to a segmentation violation and an application crash. This is a different vulnerability than CVE-2021-30889...
Astra Linux - уязвимость в grub2
A flaw was discovered in grub2, where the grubextcmddispatcher function calls grubarglistalloc to allocate memory for the grub’s argument list. However, it does not check in case the memory allocation fails. Once the allocation fails, a NULL pointer will be processed by the parseoption function,...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Wifi: mwifiex: The chanstats array is initialized to zero. The adapter-chanstats array is initialized in mwifiexinitchannelscangap using vmalloc, which does not zero out the memory. The array is filled in during...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: In tomoyowritecontrol, do not emit a warning. syzbot reports a “too-large allocation” warning in tomoyowritecontrol. It’s possible to write a very long line without a newline character. To fix this warning, I use GFPNOWARN instea...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Driver: soc: xilinx: fixed a memory leak in xlnxaddcbfornotifyevent. The kfree function should be called when memory fails to be allocated for cbdata in xlnxaddcbfornotifyevent. Otherwise, a memory leak will occur; therefore,...