4636 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Do not call kfree on devices managed by devres. Since the allocation of the driver’s main structure was changed to devmdrmdevalloc, the rdev is managed by devres, and we should not call kfree on it. This fix prevents...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: usbnet: Fixed an issue in usbnetstartxmit/usbsubmiturb. The syzbot fuzzer identified a problem with the usbnet driver: usb 1-1: BOGUS urb xfer, pipe 3 != type 1 WARNING: CPU: 0 PID: 754 at drivers/usb/core/urb.c:504;...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: irqchip: The refcount leak in platformirqchipprobe has been fixed. The function ofirqfindparent returns a node pointer with the refcount incremented. We should use ofnodeput on it when it is no longer necessary. Add the missing...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: sai: fixed the OF node leak during probe operations. The reference to the sync provider’s OF node during platform device probing is currently only dropped if the setsync callback fails during DAI probe. Make sure tha...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: lib/fonts: Fixed undefined behavior in bit shifting for getdefaultfont. Shifting a signed 32-bit value by 31 bits is undefined; therefore, the significant bit was changed to unsigned. The UBSAN warning “calltrace” is as follow...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Check if there is a station first in the client probe. When probing a client, first check if one exists, and then check the channel context. Otherwise, a warning can easily be triggered by probing when the AP hasn...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: The NETDEVICEREGISTER call was missed when registering VF in netvscprobe. If the hvnetvsc driver is unloaded and reloaded, the NETDEVICEREGISTER handler cannot successfully register VF, as the register call is received...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ALSA: bcd2000 – Fixed a UAF bug in the error path of probing. When the driver fails in sndcardregister during probing, it will free the bcd2k-midiouturb before terminating it, which could lead to a UAF bug. The following log can...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: iio: light: isl29028: Fixed the warning in isl29028remove The driver uses a non-managed form of the register function in isl29028remove. To maintain the release order that mirrors the ordering in probe, the driver should also use...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: power:supply:max77705: Fixed the error handling in the probe function related to the workqueue. The createsinglethreadworkqueue function no longer returns error pointers; instead, it returns NULL. Additionally, the workqueue was...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: The probe fails when the workqueue cannot be enabled The workqueue is enabled when the appropriate driver is loaded, and disabled when the driver is removed. When the driver is removed, it assumes that the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Driver Core: Fixed the interaction between waitfordeviceprobe and deferredprobetimeout. The mounting of NFS rootfs timed out when deferredprobetimeout was non-zero 1. This occurred because the ipautoconfig initcall timed out...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb: usbip: fixed a reference count leak in stubprobe The usbgetdev function is called in stubdevicealloc. When stubprobe fails, usbputdev must be called to release the reference. This issue was fixed by moving usbputdev into the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed the issue where “tcpmtupprobesuccess” was displayed instead of “wrong sndcwnd”. The syzbot received a new report 1, which finally pointed to a very old bug. This bug was addressed in the initial support for MTU probing...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: dpaa2-ptp: Fixed the refcount leak in dpaa2ptpprobe. This node pointer is returned by offindcompatiblenode, and the refcount is incremented. Calling ofnodeput is required to address the refcount leak...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: pinctrl: fixed a deadlock issue in the createpinctrl function when handling -EPROBEDEFER. In createpinctrl, the pinctrlmapsmutex is acquired before calling addsetting. If addsetting returns -EPROBEDEFER, createpinctrl calls...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: backlight: hx8357: Fixed potential NULL pointer dereferencing issues. The “im” pins are optional. Added a missing check in the hx8357probe function...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: virtio-net: The recursive rtnllock function occurs during the probe operation. This deadlock appears in a stack trace like this: virtnetprobe rtnllock virtioconfigChangedWork netdevNotifyPeers rtnllock This occurs when the VMM...
Astra Linux – Vulnerability in Linux 5.10, Linux
A flaw related to the use of “free” in the Linux kernel’s Video4Linux driver was discovered in the way that triggers em28xxusbprobe, for Empia 28xx-based TV cards. A local user could exploit this flaw to crash the system or potentially escalate their privileges on the system...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: rcarfdp1: Fixed a reference count leak in the probe and remove functions. rcarfcpget takes a reference, which should be balanced with rcarfcpput. Added the missing rcarfcpput function in fdp1remove, and corrected the error...