Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mm: Move page table sync declarations to linux/pgtable.h During our internal testing, we began observing intermittent boot failures when the machine uses 4-level paging and has a large amount of persistent memory: BUG: Unable to...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ipv6: fixed a panic that occurred when forwarding a packet without an in6 dev associated. Kongweibin reported a kernel panic in ip6forward when the input interface does not have an in6 dev associated. The following tc commands we...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: vdpasimblk: The number of address spaces and virtqueue groups was set. The commit bda324fd037a “vdpasim: control virtqueue support” added two new fields nas, ngroups to vdpasimdevattr. However, we forgot to initialize these field...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: RISCV: kprobe: Fixed kernel panic when probing an illegal position The kernel would panic when trying to probe an illegal position. For example: CONFIGRISCVISAC=n Example code: bash echo 'p:hello kernelclone+0x16 a0=%a0'...

Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Range checks for the CHDBOFF and ERDBOFF registers. If the values read from the CHDBOFF and ERDBOFF registers are outside the range of the MHI register space, an invalid address may be calculated, which can later...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Fixed NULL pointer access via aerinfo. The kzallocGFPKERNEL function may return NULL, resulting in kernel panic when accessing aerinfo-xxx. This issue has been fixed...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: blk-mq: Fixed the issue where blkmqtags double-freeed memory when nrrequests increases. In cases where user-triggered tags increase due to the nrrequests attribute in the queue sysfs, hctx-schedtags will be directly freed and...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy for BIOS version The strlcat function with FORTIFY support triggers a panic because it assumes that the target buffer will overflow, even though the correct target buffer size is properly passed. Instead of...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: f2fs: Fix to correctly check the readonly condition. In the following case, it is possible to mount a multi-device image with the rw option. However, if one of the secondary devices is set as ro, subsequent updates will cause a...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: i3c: master: mipi-i3c-hci: A kernel panic occurs when accessing DATdata. The i3cmasterbusinit function may attach the I2C devices before I3C bus initialization. In this case, the DAT allocentry will be used before the DAT init...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: A bug was fixed regarding accessing an array out of bounds. When an error occurs during the parsing of JPEG data, the slot may not be properly acquired. This could be due to the default value MXCMAXSLOTS. If the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mmc: davincimmc: Prevents the transmitted data size from exceeding the length of sgm. No check is performed on the size of the data to be transmitted. This can lead to a kernel panic when the transmitted data size exceeds the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Netwerk: Ethernet: mtkethsoc: fixed SER panic with 4GB+ RAM If the mtkpollrx function detects the MTKRESETTING flag, it will jump to releasedesc and refill the high word of the SDP on the 4GB RFB. Subsequently, mtkrxclean will...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Ensure power suppliers are suspended before detaching them. Power suppliers are always requested to suspend asynchronously. devpmdomaindetach requires the caller to ensure proper synchronization of this function...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: wwan: t7xx: Fixed the FSM command timeout issue When the driver processes the internal state change command, it uses an asynchronous thread to handle the command operation. If the main thread detects that the task has tim...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: soc-compress: Repositioned and added pcmmutex. If paniconwarn is set and the compress stream DPCM is initiated, then a kernel panic occurs because card-pcmmutex is not properly locked. In the following functions, a warni...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: x86/mm, kexec, ima: Use memblockfreelate instead of imafreekexecbuffer. The code that calls imafreekexecbuffer is executed long after the memblock allocator has already been removed. This may lead to a use-after-free in...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: PCI: brcmstb: Fixed the error handling path after a call to regulatorbulkget. If regulatorbulkget returns an error and no regulators are created, we need to set their number to zero. If we do not do this and the PCIe link up fail...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: Mediatek: Added an intf release flow when the USB connection is disconnected. Mediatek claims that there is a special USB interface for ISO data transmission. This interface must be released before unregistering...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: tee, amdtee: fixed a race condition in amdteeopenSession. There is a potential race condition in amdteeopenSession that may lead to a “use-after-free” situation. For example, after sess-sessmask is set, and before the following...