7286 matches found
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: sfc: fix null pointer dereference in efxhardstartxmit Trying to get the channel from the txqueue variable here is wrong because we can only be here if txqueue is NULL, so we shouldn't dereference it. As the above comment in the...
Astra Linux - уязвимость в linux-5.10
A out-of-bounds memory write flaw was discovered in the Linux kernel’s watchqueue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: virtionet: Fixed an issue with error unwinding of XDP initialization. When initializing XDP in virtnetopen, some rq xdp initializations may encounter errors, resulting in failed network device openings. However, previous rqs have...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: nfsd: The variable sccount is decreased directly if the dlrecall queue operation fails. A deadlock warning occurred when invoking nfs4putstid after a failed dlrecall queue operation: T1 T2 nfs4laundromat nfs4getclientreaplist...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfscchangeclass when...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net/sched: netem: account for backlog updates from child qdisc Generally, the ‘qlen’ of any classful qdisc should track the number of packets held by the qdisc itself and all its children. In the case of netem, ‘qlen’ only accoun...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: nfsd: Locking is provided for v4endgrace. Writing to v4endgrace can cause a race condition with server shutdown, resulting in memory being accessed after it has been freed—especially in the case of reclaimstrhashtbl. We cannot ho...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: netsched: skbprio: Remove overly strict queue assertions In the current implementation, skbprio enqueue/dequeue contains an assertion that fails under certain conditions when SKBPRIO is used as a child qdisc under TBF with specif...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid issuing a WARNON when configuring MQPRIO with HTB offload enabled. When attempting to enable MQPRIO while HTB offload is already configured, the driver currently returns -EINVAL and triggers a WARNON, resulting i...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fixed NULL pointer dereference in the KFD queue. Through KFD IOCTL fuzing, we encountered a NULL pointer dereference when calling kfdqueueacquirebuffers. Selected from commit 049e5bf3c8406f87c3d8e1958e0a16804fa1d530...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix null pointer deref in mt7996conftx If a link does not have an assigned channel yet, mt7996viflink returns NULL. We still need to store the updated queue settings in that case, and apply them later. Move th...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: hinic: fix the issue of CMDQ memory leaks When hinicsetcmdqdepth fails in hinicinitcmdqs, the cmdq memory is not released correctly. Fix it...
Astra Linux - уязвимость в linux-5.15, linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, with a nice repro. It seems we leak TCP sockets with the following sequence: 1 SOFTIMESTAMPINGTXACK is enabled on the socket. Each ACK...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: block: mark GFPNOIO around sysfs -store sysfs -store is called with queue freezed, meantime we have several -store callbacksupdatenrrequests, wbt, scheduler to allocate memory with GFPKERNEL which may run into direct reclaim code...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: gadgetfs: epio - wait until IRQ finishes after usbepqueue if waitforcompletioninterruptible is interrupted we need to wait until IRQ gets finished. Otherwise complete from epiocomplete can corrupt stack...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix kernel crash if commands allocation fails If the commands allocation fails in nvmettcpalloccmds the kernel crashes in nvmettcpreleasequeuework because of a NULL pointer dereference. nvmet: failed to install queue 0...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: sock: fix hardened usercopy panic in sockrecverrqueue skbufffclonecache was created without defining a usercopy region, 1 unlike skbuffheadcache which properly whitelists the cb field. 2 This causes a usercopy BUG when...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: vdpa: Added a queue index attr to the vdpanlpolicy structure for checking nlattr lengths. The vdpanlpolicy structure is used to validate the nlattr during the parsing of incoming nlmsg messages. It ensures that the described...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ipc: mqueue: fix possible memory leak in initmqueuefs commit db7cfc380900 "ipc: Free mqsysctls if ipc namespace creation failed" Here's a similar memory leak to the one fixed by the patch above. retiremqsysctls need to be called...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: TCPQUEUESEQ: sanity tests were added. Qingyu Li reported a syzkaller bug where, after restoring data from the receive queue, the sequence number was copied again. The following code snippet illustrates this behavior:...