251647 matches found
Astra Linux - уязвимость в node-semver
Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service ReDoS via the function new Range, when untrusted user data is provided as a range...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/logicvc: A reference leak of the device node was fixed in the logicvcdrmconfigParse function. The logicvcdrmconfigParse function calls ogetchildbyname to find the “layers” node, but it fails to release the reference, resultin...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: soc: qcom: smsmm: Fixed refcount leaks in qcomsmsmprobe. There are two refcount leaks in qcomsmsmprobe: 1 The localnode variable is escaped from foreachchildofnode at the end of the iteration. We should call ofnodeput for it i...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed the issue of clearing dirty inodes in f2fsevictinode. As reported by Yanming in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215904 The kernel message is as follows: Kernel BUG at fs/f2fs/inode.c:825! Call...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed an out-of-bounds write in triegetnextkey The triegetnextkey function allocates a node stack with a size of trie-maxprefixlen. However, it writes trie-maxprefixlen + 1 nodes to the stack when the stack is full. For...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fixed a potential memory leak in “addwidgetnode”. Since “kobjectadd” may allocate memory for “kobject-name” when returning an error. In this function, if the call to “kobjectadd” fails, the memory is not freed...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: schhtb: Make htbdeactivate idempotent. Alan reported a NULL pointer dereference in htbnextrbnode after we made htbqlennotify idempotent. It turned out that this issue introduced some regression in the following scenario:...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoc: audio-graph-card2 – Fixed a refcount leak issue in graphgettype. We should call ofnodeput for the reference before its replacement, since the reference was returned by ofgetparent, which increased the refcount. Additionally...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: mediatek: common: Fixed a reference count leak in parsedailinkinfo. Added calls to ofnodeput before the returns from ofnodeget and ofnodeput, which can prevent imbalance if the “foreachavailablechildofnode” loop terminat...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fixed the use of memory after freeing it in scsihexpandernoderemove. The function mpt3sastransportportremove called in scsihexpandernoderemove frees the port field of the sasexpander structure. This leads to a...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ipmi:ipmb: The refcount leak in ipmiipmbprobe has been fixed. ofparsephandle returns a node pointer with a refcount incremented. We should use ofnodeput on it after processing. Add the missing ofnodeput call to avoid the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: iio: adc: aspeed: Fixed a refcount leak in aspeedadcsettrimdata. The function offindnodebyname returns a node pointer with a refcount incremented. We should use ofnodeput on it after processing. Add the necessary ofnodeput cal...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iio: adc: adi-axi-adc: Fixed a refcount leak in adiaxiadcattachclient. The ofparsephandle function returns a node pointer with a refcount incremented. We should use ofnodeput on it when there is no longer a need for it. Add the...
Astra Linux - уязвимость в firefox
By causing a transition on a parent node by removing a CSS rule, an invalid property for a marker could be applied, leading to memory corruption and potentially exploitable crashes. This vulnerability affects Firefox versions less than 87...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: hwmon: nct7363 A resource leak has been fixed in nct7363presentpwmfanin. When calling parsephandlewithargs, the caller is responsible for calling nodeput to release the reference to the device node. In nct7363presentpwmfanin, thi...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: ARM: OMAP2+: display: Fixed refcount leak bug In omapdssinitfbdev, offindnodebyname will return a node pointer with the refcount incremented. We should use ofnodeput when it is no longer needed...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: aoss: The issue of a reference count leak in qmpcoolingdevicesregister has been fixed. In every iteration of the foreachavailablechildofnode loop, the reference count of the previous node is decremented. When exiting t...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid cycles in the h-tree A maliciously corrupted filesystem can contain cycles in the h-tree stored inside a directory. This can easily lead to the kernel corrupting tree nodes that have already been verified during...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Memory: Samsung; Exynos5422-DMC: Fixed the refcount leak in ofgetdramtimings. ofparsephandle returns a node pointer with a refcount incremented. We should use ofnodeput on it when it is no longer needed. This function does not...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: MIPS: Cavium-Octeon: The issue of missing nodeput in octeon2usbclocksstart has been fixed. We should call nodeput for the reference uctlnode returned by ofgetparent, as this will increase the refcount. Otherwise, there will be a...