Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Do not keep the queue frozen during system suspension. The commit 4ce6e2db00de “virtio-blk: Ensure no requests are in the virtqueues before deleting the vqs.” replaces “queue quiesce” with “queue freeze” in virtio-blk...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: kcm: Fixed error handling for SOCKDGRAM in kcmsendmsg. syzkaller discovered a memory leak in kcmsendmsg, and the commit c821a88bd720 "kcm: Fix memory leak in the error path of kcmsendmsg" suppressed this issue by updating...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fixed the issue with mlx5pollone’s update of the curqp. When curqp is not NULL, in order to avoid fetching the QP from the radix tree again, we check if the next CQE QP is identical to the one we already have. However,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: watchqueue: Fixed NULL dereference in error cleanup. In watchqueuesetsize, the error cleanup code does not take into account that freepage cannot handle a NULL pointer when trying to free buffer pages that have been allocated. Th...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: rtl818x – Kill URBs before clearing the txstatusqueue. In rtl8187stop, the call to usbkillanchoredurbs is moved before clearing the btxstatusqueue. This change prevents callbacks from using already freed skb if the anchor...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Thunderbolt: Do not double-dequeue a configuration request. Some of our devices may crash when calling tbcfgrequestdequeue: This issue is likely due to a general protection fault, possibly related to the non-canonical address...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netsched: prio: fix a race in priotune Gerrard Tai reported a race condition in PRIO, whenever the SFQ perturb timer fires at the wrong time. The race sequence is as follows: CPU 0 CPU 1 1: lock root 2: qdisctreeFlushBacklog 3:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fixed unsafe code that drained send or recv work queues before they were actually created. If the createqp function does not succeed completely, it is possible for the qp cleanup code to attempt to drain the send or rec...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fixed resource leaks in vdecmsgqueueinit. If any error occurs during the execution of vdecmsgqueueinit, we need to set msgqueue-wdmaaddr.size = 0;. Normally, this is done within the vdecmsgqueuedeinit...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed idx validation in i40evalidatequeuemap. Ensured that the idx value is within the range of active/initialized TC’s when iterating over vf-chidx in i40evalidatequeuemap...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: Net: If sock is not available, do not access sock's skwq in skstreamwaitmemory. The following NULL pointer dereferences have also been fixed: ... 14.471200 Call Trace: 14.471562 14.471882 lockacquire+0x245/0x2e0 14.472416 ?...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Fixed the acceptqueue memory leak. Since the final stages of socket destruction may be delayed, it is possible that virtiotransportrecvlisten will be called after the acceptqueue has been flushed, but before the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ipc: A memory leak has been fixed in initmqueuefs. When setupmqsysctls failed in initmqueuefs, the mqueueinodecachep variable was not released. To address this issue, the release path has been reordered...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Remove the “MHI autoqueue” feature for IPCR DL channels. The MHI stack provides the “autoqueue” feature, which allows the MHI stack to automatically queue buffers for the RX path DL channels. Although this feature...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: The hash table is now created per queue. Sharing a global hash table among all queues is tempting, but it can lead to crashes. Bug: KASAN: A “slab-use-after-free” issue exists in...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: - ice: Block the switchdev mode when ADQ is active, and vice versa. ADQ and switchdev are not allowed to be enabled simultaneously. Enabling both at the same time can lead to nullptr dereferencing. To prevent this, check wheth...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: bpf: devmap: Provide rxq after a redirect. rxq contains a pointer to the device from which the redirect occurred. Currently, the BPF program executed after a redirect via BPFMAPTYPEDEVMAP does not set this pointer. This is...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: wl1251 – Fixed a memory leak in wl1251txwork. The skb packet dequeued from txqueue is lost when the wl1251pselpwakeup function fails with an -ETIMEDOUT error. This issue was fixed by re-queuing the skb packet back into...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: - Block: Fixed the issue where queues could freeze, compared to the lock order in sysfs store methods. The queueattrstore function always freezes the device queue before calling the attribute store operation. For attributes th...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Media: Venus: HFI – Add a check to handle incorrect queue size. qsize represents the size of the shared queue between the driver and the firmware. The firmware can modify this value to an invalid, large value. In such situations,...