3050 matches found
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: udplite: A NULL pointer dereference issue was fixed in skmemraiseallocated. syzbot reported a NULL pointer dereference in skgetrmem0 when using IPPROTOUDPLITE 0x88. 14:25:52, executing program 1: r0 = socket$inet60xa, 0x80002,...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: net: iptunnel: prevents perpetual headroom growth The issue was triggered after the kasan function: BUG: KASAN: use-after-free in skbflowdissect+0x19d1/0x7a50 net/core/flowdissector.c:1170 A size 1 read was performed at addres...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Fixed the jump offset calculation in tailcall operations. The additional call to bpfintjitcompile skips the JIT context initialization. This effectively skips the offset calculation, resulting in outoffset being s...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: Do not rely on user vaddr alignment. There is no guaranteed alignment for user pointers. However, the calculation of the offset from the first page to a folio after coalescing uses some strange bit mask logic;...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: A NULL pointer dereference issue was fixed in hnsrocemapmrsg. The function ibmapmrsg allows ULPs to specify NULL as the sgoffset argument. The driver needs to check whether the argument is a NULL pointer before...
Astra Linux - уязвимость в imagemagick
In the functions CatromWeights, MeshInterpolate, InterpolatePixelChannel, InterpolatePixelChannels, and InterpolatePixelInfo, which are all part of /MagickCore/pixel.c, there were multiple unconstrained pixel offset calculations that were used with the floor function. These calculations resulted ...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: md/md-bitmap: corrected incorrect usage of sbindex The commit d7038f951828 "md-bitmap: do not use -index for pages backing the bitmap file" removed page-index from the bitmap code. However, incorrect code logic remained in...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm/damon/vaddr: Do not repeatedly call pteoffsetmaplock until success. DAMON’s virtual address space operation implementation vaddr calls pteoffsetmaplock within the page table walk callback function. This is necessary for readin...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: The current directory offset allocator based on mtreealloccyclic stores the next offset value to be returned in octx-nextoffset. This mechanism typically returns values that increase monotonically over time. Eventually, however,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: iouring/rsrc: Validates the buffer count with an offset for cloning. syzbot reports that it can trigger a WARNON when a kmalloc attempt is too large. WARNING: CPU: 0, PID: 6488, at mm/slub.c:5024, kvmallocnodenoprof+0x520/0x64...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ftruncate: passing a signed offset. The old ftruncate system call, which used the 32-bit offt type, missed a sign extension when called in compat mode on 64-bit architectures. As a result, passing a negative length accidentally...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: filemap: Avoid truncating the 64-bit offset to 32 bits. On 32-bit kernels, the folioseekholedata function inadvertently truncated a 64-bit value to 32 bits, which could lead to an infinite loop when writing to an xfs filesystem...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: mvm – fixed a potential array out-of-bounds access issue. The parameter IWLSECWEPKEYOFFSET will be used as needed during verification, along with determining the keylen value in the iwlmvmseckeyadd function...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate data run offset This adds sanity checks for the data run offset. We should ensure that the data run offset is valid before attempting to unpack the data; otherwise, we may encounter use-after-free errors or...
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ACPICA: Avoid undefined behavior: applying zero offset to a null pointer ACPICA commit: 770653e3ba67c30a629ca7d12e352d83c2541b1e Before this change, the following UBSAN stack trace was seen in Fuchsia: 0 0x000021e4213b3302 in...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: CDC-NCM: Avoid overflow in sanity checks. A malfunctioning device may produce an extreme offset like 0xFFF0, along with a fragment of reasonable length. In the currently formulated sanity check, this will cause an integer overflo...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: BPF: Rejects negative offsets for ALU operations When verifying BPF programs, the checkaluop function validates instructions involving ALU operations. The “offset” field in these instructions is a signed 16-bit integer. The...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: rustbinder: Avoid reading the written value in the offset array. When sending a transaction, its offset array is first copied into the target process’s virtual memory area vma. Then, the values are read back from there. This is...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validating the command header size against SVGACMDMAXDATASIZE This data originates from user space and is used in buffer offset calculations, which may potentially lead to an out-of-bounds access due to overflow...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ksmbd: A out-of-bounds read vulnerability in ksmbdvfsstreamread has been fixed. The offset from the client can be a negative value, which may lead to an out-of-bounds read of the streambuf. Note that this issue occurs when settin...