9977 matches found
Astra Linux - уязвимость в golang-1.19
Using Parse with a build tag line like "// +build" and deeply nested expressions can lead to a panic due to stack exhaustion...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: - spi: spi-qpic-snand: reallocate BAM transactions When using the mtdnandbiterrs module to test the driver, occasional issues arise, such as the following: 1. The swiotlb mapping fails with the following message: 85.926216...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fixed potential crashes during module unloading The vmbus driver relies on the panic notifier infrastructure to perform certain operations when a panic event is detected. Since vmbus can be built as a module, ...
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: usb: mtu3: Fixed the kernel panic that occurred during the qmu transfer done interrupt handler. When handling the qmu transfer interrupt, the @mtu-lock is unlocked before returning the request. If another thread handles the...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net:bcmgenet: Added a check for oversized packets. Occasionally, we may receive oversized packets from the hardware that exceed the maximum buffer size of 2 KiB allocated for SKBs. A proactive check is added to discard such...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: sh: dma: Fixed the DMA channel offset calculation. Various SoCs from the SH3, SH4, and SH4A family, which use this driver, have different numbers of DMA channels, and these channels can be distributed across up to two DMAC...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Net: wangxun: fixed a kernel panic caused by a null pointer. When the device uses a custom subsystem vendor ID, the function wxswinit returns before the memory of ‘wx-mactable’ is allocated. A null pointer will cause the kernel...
Astra Linux - уязвимость в golang-1.19
Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/TLS clients, as well as servers that have Config.ClientAuth set to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: f2fs: A sanity check was added for the block address in the f2fsdozerorange function. As reported by Yanming in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215894 I have encountered a bug in the F2FS file system in the...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: amd-xgbe: Fixed an issue with the data length underflow in SKB structures. A BUGON will be triggered in the include/linux/skbuff.h file, resulting in intermittent kernel panics when a data length underflow is detected. This...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: qede: Ensure that the skb is allocated before use. The qedebuildskb function assumes that buildskb always works and proceeds directly to skbreserve. However, buildskb may fail under memory pressure. This can lead to a kernel pani...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: bpf: fixed the ktls panic when using sockmap 2172.936997 ------------ Cut here ------------ 2172.936999 Kernel bug in lib/ioviter.c:629! ...... 2172.944996 PKRU: 55555554 2172.945155 Call trace: 2172.945299 2172.945428 ?...
Astra Linux - уязвимость в rustc
In the standard library of Rust before version 1.49.0, the String::retain function has a panic security issue. It allows the creation of a non-UTF-8 Rust string when the provided closure panics. This bug could lead to a memory safety violation if other string APIs assume that UTF-8 encoding is us...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: Firmware: stratix10-svc – fixed an error in saving controller data. The incorrect use of platformsetdrvdata and devsetdrvdata has also been corrected. Both these functions refer to the same data, and they override each other...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ARM: 9317/1: kexec: Make smp stop calls asynchronous If a panic is triggered by a hrtimer interrupt, all online CPUs will be notified and set to offline. However, as highlighted in the commit 19dbdcb8039c “smp: Warn on function...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: Reverted the behavior from “scsi: core: Do not increase scsidevice’s iorequestcnt if dispatch failed”. The use of “atomicinc&cmd-device-iorequestcnt” in scsiqueuerq would cause kernel panic, as cmd-device might be freed aft...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Update log-pagemask,bits if log-pagesize changes. If an NTFS file system is mounted to another system with a different PAGESIZE than the original system, log-pagesize will change in logreplay, but log-pagemask,bits will...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: drm/msm/adreno: Fixed null pointer access in adrenogpucleanup Fixed the kernel panic caused by null pointer access: 18.504431 Unable to handle kernel NULL pointer dereference at virtual address 0000000000000048 18.513464 Mem...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: lapb: increase LAPBHEADERLEN It is unclear whether the net/lapb code is supposed to be ready for 8021q. We can at least avoid crashes like the following: skbuff: skbunderpanic: text:ffffffff8aabe1f6 len:24 put:20...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: dm rq: Do not queue the request to blk-mq during DM suspension. DM uses blk-mq’s quiesce/unquiesce to stop/start the device mapper queue. However, blk-mq’s unquiesce may be triggered by external events, such as changes in the...