Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: MOST: Fix for double-free operations during late probe failures. The MOST subsystem includes a non-standard registration function that releases the interface when registration failures occur or when deregistration is required. Th...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: remove unused checkbuddypriv Commit 2461c7d60f9f “rtlwifi: Update header file” introduced a global list of private data structures. Later, commit 26634c4b1868 “rtlwifi: Modify existing bits to match vendor version...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Fixed error handling in sam9x5wm8731driverprobe The devicenode pointer is returned by ofparsephandle, with the refcount incremented. We should use ofnodeput on it after that operation. This function only calls...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: padata: Do not leak the reference count in reorderwork A recent patch that addressed a UAF introduced a reference count leak: The reference count of paralleldata is incremented unconditionally, regardless of the return value of...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix for constant blinding in PROBEMEM32 stores The immediate stores of BPFST|BPFMEM32 are not handled by bpfjitblindinsn. As a result, user-controlled 32-bit immediate values can survive blinding and be stored in JIT-compile...

Astra Linux - уязвимость в firefox, thunderbird

Firefox behaved slightly differently for already-known resources when loading CSS resources that involved CSS variables. This could have been used to probe the browser history. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: clk: spacemit: mark K1 pll1d8 as critical The pll1d8 clock is enabled by the bootloader, and it is ultimately a parent clock for numerous other clocks, including those used by the APB and AXI buses. Guodong Xu discovered that thi...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: media: usb: go7007: s2250-board: fix leak in probe Call i2cunregisterdeviceaudio on this error path...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Input: raydiumtsi2c – fixed a memory leak in raydiumi2csend A kmemleak occurs when testing raydiumi2cts using the bpf mock device: Unreferenced object 0xffff88812d3675a0 size 8: Comm “python3”, PID 349, Jiffies 4294741067 Age...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Staging: media: tegra-video: Fixed the use of devicenode after freeing it. At the time of testing, the following code path is followed: - tegracsiinit - tegracsichannelsalloc - foreachchildofnodenode, channel – Iterates over...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: soc: samsung: exynos-chipid: A NULL pointer check was added in exynoschipidprobe. socdevattr-revision could potentially be NULL; therefore, a pointer check was added to prevent potential NULL pointer dereferencing. This is simila...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: perf: arm-ni: Unregistering PMUs due to probe failure When a resource allocation fails in one clock domain of an NI device, we need to properly roll back all previously registered perf PMUs in other clock domains of the same...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Check whether a station exists first in the client probe. When probing a client, first check whether a station exists, and then check the channel context. Otherwise, a warning can easily be triggered by probing wh...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: rcarfdp1: Fixed a reference count leak in the probe and remove functions. rcarfcpget takes a reference, which should be balanced with rcarfcpput. Added the missing rcarfcpput function in fdp1remove, and corrected the error...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: pinctrl: at91: Fixed possible out-of-boundary access issues The at91gpioprobe function does not check whether the given OF alias is available, or if something went wrong during the attempt to use it. This could lead to problems...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: spi: cadence-quadspi: – Parsing the DT Device Tree for flashes along with the rest of the DT parsing. The recent refactoring of the code responsible for enabling runtime PM was implemented in the commit f1eb4e792bb1 „spi:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mux: mmio: Fixed the regmap leak that occurs during probe failures. The regmap that may be allocated during a probe is never released. We have switched to using the device-managed allocator, so that the regmap is released in case...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: serial: liteuart: fix minor-number leak on probe errors Be sure to release the allocated minor number before returning on probe errors...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: soc: imx8m: Probe the SoC driver as a platform driver. With driverasyncprobe= enabled in the kernel command line, the following issue occurs because on the i.MX8M Plus hardware, the soc-imx8m.c driver calls clkgetbyname, which...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: st: fixed the issue where the reference count of the platform device was checked during the error path. The probe function never performs any platform device allocation. Therefore, the error path “undoplatformdevalloc”...