8 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Start the MHI channel after endpoint creation The MHI channel may generate an event/interrupt right after enabling. This can lead to two race condition issues: 1 Such events may be dropped by the qcommhiqrtrdlcallback...
CVE-2026-43491
In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the maximum server registration per node Current code does no bound checking on the number of servers added per node. A malicious client can flood NEWSERVER messages and exhaust memory. Fix this issue by...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Fix an uninit variable access bug in qrtrtxresume Syzbot reported a bug as following: ===================================================== BUG: KMSAN: uninit-value in qrtrtxresume+0x185/0x1f0 net/qrtr/afqrtr.c:230...
CVE-2026-43041
In the Linux kernel, the following vulnerability has been resolved: net: qrtr: replace qrtrtxflow radixtree with xarray to fix memory leak radixtreecreate allocates and links intermediate nodes into the tree one by one. If a subsequent allocation fails, the already-linked nodes remain in the tree...
CVE-2023-53578
In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Fix an uninit variable access bug in qrtrtxresume Syzbot reported a bug as following: ===================================================== BUG: KMSAN: uninit-value in qrtrtxresume+0x185/0x1f0 net/qrtr/afqrtr.c:230...
CVE-2023-53445 net: qrtr: Fix a refcount bug in qrtr_recvmsg()
In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Fix a refcount bug in qrtrrecvmsg Syzbot reported a bug as following: refcountt: addition on 0; use-after-free. ... RIP: 0010:refcountwarnsaturate+0x17c/0x1f0 lib/refcount.c:25 ... Call Trace: refcountadd...
kernel: net: qrtr: Fix an uninit variable access bug in qrtr_tx_resume()
An uninitialized memory access flaw was found in the Linux kernel's QRTR Qualcomm IPC Router protocol in the transmit resume handling. When processing RESUMETX messages, if the packet size is smaller than the expected control structure, the qrtrtxresume function reads uninitialized memory from th...
UBUNTU-CVE-2021-29647
An issue was discovered in the Linux kernel before 5.11.11. qrtrrecvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized data structure, aka CID-50535249f624...