Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: mdiobus: fix unbalanced node reference count I encountered the following issue during the devicemscc-miim load test, with CONFIGOFUNITTEST and CONFIGOFDYNAMIC enabled: - ERROR: Memory leak; the expected reference count was 2...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: phy: It is now possible to allow the MDIO bus’s PM operations to initiate/stop the state machine for the phylink-controlled PHY. There are two types of DSA drivers: 1. Those that call dsaswitchsuspend and dsaswitchresume...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy. For some reason, the driver that added support for the Exynos5420 MIPI phy back in 2016 was not applied to the Exynos5420 device, resulting in a kernel panic. Th...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: phy: qcom-qmp: Fixed the issue where the struct clk structure was leaked during probe errors. Be sure to release the pipe clock reference in case of a late probe error e.g., probe deferral...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fixed the sashba.phy memory leak in mpi3mrremove Released mrioc-sashba.phy at .remove...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: phylib: fixed potential use-after-free issues. The commit bafbdd527d56 “phylib: Added support for device reset GPIO” includes a call to phydeviceresetphydev after the putdevice call in phydetach. The comment before the putdevice...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: phy: mscc: Fixed a memory leak that occurred when using one-step timestamping. When running one-step sync timestamping, the hardware is configured to insert the TX time into the frame. There is therefore no reason to keep th...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: phy: hisilicon: A out-of-bounds check has been fixed in hisiliconinnophyprobe. The size of the array priv-ports is INNOPHYPORTNUM. In the for loop, i is used as the index for the array priv-ports. There is a check i INNOPHYPORTNU...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssgprueth: Fixed NULL pointer dereferencing in pruethprobe. In the pruethprobe function, if one of the calls to emacPhyConnect fails because of ofPhyConnect returning NULL, then the subsequent call to phyattachedinfo...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: macb: The call order for unregisternetdev in macbremove has been corrected. When removing a macb device, the driver calls phyexit before unregisternetdev. This results in a warning from kernfs: ------------ Cut here...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: usb: asixdevices: add phymask for ax88772 mdio bus Without setting the phymask for the ax88772 mdio bus, the current driver may create at most 32 mdio PHY devices with PHY addresses ranging from 0x00 to 0x1f. The DLink...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: phy: Do not register LEDs for genphy. If a PHY has no driver, the genphy driver is probed with respect to the PHY during the phyattach or phydetach functions. If the PHY’s ofnode has a “leds” subnode, then the LEDs will be...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the net: phy section, phydev-devlink should be cleared when the device link is deleted. There is a potential crash issue when disabling and re-enabling the network port. When disabling the network port, phydetach calls...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: validate PHY address before use The ASIX driver reads the PHY address from the USB device via asixreadphyaddr. A malicious or faulty device may return an invalid address = PHYMAXADDR, which causes a warning in...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: usb: asixdevices: The PHY address mask in MDIO bus initialization was corrected. Syzbot reported a shift-out-of-bounds exception during MDIO bus initialization. The PHY address should be masked to 5 bits 0-31. Without this...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: tulip: de4x5: fixed the issue where the array ‘lp-phy8’ might be out of bounds. In line 5001, if all values in the array ‘lp-phy8’ are not 0, then at the end of the ‘for’ loop, the value of ‘k’ will be 8. At this point, the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: phy: ralink: mt7621-pci: add sentinel to quirks table By fixing socdevattr to register the SOC as a device, the kernel will encounter an OOPs error in socdevicematchattr. This quirks test was introduced in the staging driver in t...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: imx8mm-verdin: Do not power down eth-phy Currently, if suspending the system using “freeze” or “memory state”, the fec driver attempts to power down the PHY, which leads to a kernel crash and an unresponsive kernel. T...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: phy: leds: fix memory leak A network restart test on a router caused an out-of-memory condition, which was traced to a memory leak in the PHY LED trigger code. The root cause is the misuse of the devm API. The registration...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: phy: Fix for accessing an empty array when the phygetinternaldelay function is called, provided that the driver calls phygetinternaldelay without defining delayvalues, and rx-internal-delay-ps or tx-internal-delay-ps is...