7252 matches found
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: ata: satadwc460ex: Fixed a crash that occurred due to out-of-bounds writing. The driver utilizes the “tag” values from various arrays provided by libata. Since the mentioned patch increased the value of ATATAGINTERNAL to 32, the...
Astra Linux - уязвимость в linux
A issue was discovered in the Linux kernel through version 5.11.10. In the drivers/net/ethernet/freescale/gianfar.c file of the Freescale Gianfar Ethernet driver, it was found that a negative fragment size can be calculated in situations where an rx queue overrun occurs when jumbo packets are use...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: ibmvnic: A memory leak was fixed when flushing the reset work queue...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: mana: The use-after-free issue in manahwcdestroychannel has been fixed by reordering the teardown process. There is a potential race condition in manahwcdestroychannel. In this situation, hwc-callerctx is freed before the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: NFSD: Deferred sub-object cleanup in export put callbacks The svcexportput function calls pathput and authdomainput immediately when the last reference is dropped, before the RCU grace period. RCU readers in eshow and cshow...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iavf: corrected out-of-bounds writes in iavfgetethtoolstats iavf incorrectly uses realnumtxqueues for ETHSSSTATS. Since the value could change during runtime, we should use numtxqueues instead. Additionally, iavfgetethtoolstats...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: schcake: Fixed incorrect qlen reduction in cakedrop In cakedrop, qdisctreereducebacklog is used to update the qlen and backlog of the qdisc hierarchy. Its caller, cakeenqueue, assumes that the parent qdisc will enqueue...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Add a check for a null pointer when cleaning up the lpfcvport structure. If a call to lpfcsli4readrev from lpfcsli4hbasetup fails, the resulting cleanup routine lpfcsli4vportdeletefcpxriaborted may occur before the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/efa: Fixed the issue of using the completion context after it was freed. Regarding the handling of admin queue completion, if the admin command completes with an error, we print data from the completion context. The issue...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: net: mana: Fixed error handling for TX CQE messages. For an unknown type of TX CQE error likely due to newer hardware, still free the SKB, update the queue tail, etc. Otherwise, the accounting data will be incorrect...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Packets are queued in the IRQ handler instead of being disabled during the BH handling. Currently, the driver uses localbhdisable/localbhenable in its IRQ handler to avoid triggering netrxaction in the softirq contex...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Ensure that the DAID handling is completed before deleting an NPIV instance. Deleting an NPIV instance requires that all fabric ndlps be released before NPIV’s resources can be destroyed. Failure to release the fabric...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Net: Do not write to msggetinq in the callee. This fix addresses the issue of NULL pointer dereferencing. msggetinq is an input field from the caller to the callee. Do not set it in the callee, as the caller may not clear it duri...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: net, neigh: Fixed the null-ptr-deref in neihtableclear. When the IPv6 module is initialized, an error occurs in the middle. This results in a kernel panic with the following error message: KASAN: Null-ptr-deref in range...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: blk-mq: Fixed a possible memory leak when registering the ‘hctx’ variable failed. There is one issue that arises during fault injection tests: An unreferenced object: 0xffff888132a9f400 size 512. The following operations were...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: net: mana: Fixed error handling in manacreatetxq/rxq’s NAPI cleanup Currently, the napidisable function is called during the cleanup of rxq and txq, even before napi is enabled and hrtimer is initialized. This causes a kernel...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: kyber: Fix for out-of-bounds access when preempted. The function blkmqschedbiomerge obtains the ctx and hctx for the current CPU, and passes the hctx to -biomerge. The function kyberbiomerge then obtains the ctx for the current C...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: iavf: Fixed error handling related to adminq. iavfallocasqbufs/iavfallocarqbufs allocate memory for VF mailbox using dmaalloccoherent. DMA regions are freed for both ASQ and ARQ in case an error occurs during the configuration...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Prevent race condition during ffsep0queuewait When performing fast composition switching, there is a possibility that the process of ffsep0write/ffsep0read may enter a race condition due to ep0req being freed fr...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcisync: If hcicmdsyncqueueonce returns -EEXIST, it indicates that a queue item already exists. hcicmdsyncqueueonce needs to indicate whether a queue item was added, so that the caller can know if callbacks are...