Astra Linux - уязвимость в linux-5.10, linux

A flaw related to the use of “free” in the Linux kernel’s Video4Linux driver was discovered in the way that triggers em28xxusbprobe, for Empia 28xx-based TV cards. A local user could exploit this flaw to crash the system or potentially escalate their privileges on the system...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: lcdmipid: Fixed an error handling path in mipidspiprobe. If ‘mipiddetect’ fails, we must free ‘md’ to avoid a memory leak...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: virtio-net: The recursive rtnllock function occurs during the probe operation. This deadlock appears in a stack trace like this: virtnetprobe rtnllock virtioconfigChangedWork netdevNotifyPeers rtnllock This occurs when the VMM...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Fixed NULL pointer dereferencing when printing devname When larbdev is NULL in the case I encountered, the node is incorrectly set as iommu = &iommu NUM, it will cause devicelinkadd to fail and the kernel to crash...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Firmware: stratix10-svc: Fixed a potential resource leak in svccreatememorypool. The svccreatememorypool function is only called from stratix10svcdrvprobe. Most of the resources within the probe are managed, but this memremap...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Drivers: Serial: JSM – fixed some leaks in the probe. This error path needs to be unwound instead of just being returned directly...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix invalid probe error return value After the DME Link startup, the error return value is set to the MIPI UniPro GenericErrorCode, which can be either 0 SUCCESS or 1 FAILURE. During a driver probe, an error code...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecuart: properly fixed the race condition The crosecuartprobe function calls devmserdevdeviceopen before calling serdevdevicesetclientops. This can lead to a NULL pointer dereference: BUG: NULL pointer...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: serial: sprd: Fixed the DMA buffer leak issue. Release the DMA buffer when probe returns an error to avoid memory leaks...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: vop2: Failure to properly handle cases where a primary plane for a video-port is missing. Each window of vop2 is usable by a specific set of video ports. Therefore, when binding vop2, we iterate through the list of...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Platform/x86: panasonic-laptop: Fixed out-of-bounds accesses to the SINF array. The panasonic laptop code in various places uses the SINF array with index values ranging from 0 to SINFCURBRIGHT0x0d, without checking whether the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: spi: mchp-pci1xxx: Fixed a possible null pointer derefrence in pci1xxxspiprobe. In the function pci1xxxxspiprobe, there is a potential null pointer that may be caused by a failed memory allocation performed by the function...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/fence: Fixed an oops due to incorrect initialization of drmsched before its fini function was called. Currently, the amdgpu function calls drmschedfini from the fence driver’s fini routine. Such a call is expected to...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: scsi: aacraid: Fixed a double-free on probe failure. The aacprobeone function calls hardware-specific initialization functions through the aacdriverident::init pointer. All of these functions ultimately call aacinitadapter. If...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssgprueth: Fixed NULL pointer dereferencing in pruethprobe. In the pruethprobe function, if one of the calls to emacPhyConnect fails because of ofPhyConnect returning NULL, then the subsequent call to phyattachedinfo...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ICMP: Prevent possible NULL dereferencing from icmpbuildprobe. The first issue involves a double call to indevgetrcu; since the second call might return NULL. The code should be written as follows: if indevgetrcudev &&...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: i2c: tc358743: Fix crash in the probe error path when using polling If an error occurs in the probe function, we should remove the polling timer that was alarmed earlier, otherwise the timer is called with arguments that a...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Block: Fix for UAF when flushing the rq while iterating tags. The function blkmqclearFlushrqMapping is not called during SCIS probe. This issue is addressed by checking blkqueueinitdone. However, the QUEUEFLAGINITDONE flag is...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: power:supply:max77705: Fixed the error handling in the probe function related to the workqueue. The createsinglethreadworkqueue function no longer returns error pointers; instead, it returns NULL. Additionally, the workqueue was...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: i2c: cros-ec-tunnel: defer probe if parent EC is not present When i2c-cros-ec-tunnel and the EC driver are built-in, the EC parent device will not be found, leading to NULL pointer dereference. That can also be reproduced by...