Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: serial: pch: Fixed the reference count leak in pchrequestdma. According to the comments on pcigetslot, it returns a pcidevice with its reference count increased. The caller must decrement the reference count by calling pcidevput...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: phy: ti: tusb1210: Resolve charger-det crash if charger psy is unregistered The powersupply framework is not actually designed to have long references to powersupply devices in the kernel. Specifically, unregistering a powersuppl...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdkfd: Fixed a memory leak in the createprocess failure. Fixed a memory leak caused by a leaked mmget reference in a error handling code path, which is triggered when attempting to create KFD processes while a GPU reset i...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: vlan: fixed an underflow issue related to the realdev refcnt. An error is injected before devholdrealdev in registervlandev, and the following testcase is executed: bash ip link add dev dummy1 type dummy ip link add name...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fixed a deadlock that occurred during netdev reset with active connections. This issue was addressed by preventing the deadlock that occurs when the netdev function is executed during a device reset while RDMA...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imondisconnect Syzbot reports a KASAN issue as follows: BUG: KASAN: use-after-free in createpipe, include/linux/usb.h:1945 inline BUG: KASAN: use-after-free in sendpacket+0xa2d/0xbc0,...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fixed the issue of double module refcount decrementation. Once the discipline is associated with the device, deleting the device will cause the module’s refcount to be decreased. Performing this operation manually alon...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Softwarenodegetreferenceargs: A OOB check was corrected. Softwarenodegetreferenceargs attempts to retrieve the @index-th element. The property value requires at least ‘index + 1 sizeofref’ bytes, but this condition cannot be...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: fixed the usage of devicegetnamedchildnode The documentation for devicegetnamedchildnode mentions this important point: “The caller is responsible for calling fwnodehandleput on the returned fwnode...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: xfrm: The issue occurs in the error path of the xfrmpolicycheck function. When the fetching process of the object pols1 fails, the function simply returns 0, without decrementing the reference count of pols0. This reference count...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: USB: Roles – Fixed NULL pointer issue when referencing the module’s reference. In the current design, the USB role class driver will obtain a reference to the module of the usbroleswitch object after the user selects the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: AppArmor: Fixed a reference count leak in aapivotroot. The aapivotroot function has a reference counting bug in a specific path. When aareplacecurrentlabel returns successfully, the function forgets to decrement the reference...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sessionnew: fix skb reference counting Since j1939sessionskbqueue performs an additional skbget operation for each new skb, doing the same operation for the initial skb in j1939sessionnew will prevent refcount...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fixed the issue where a user-after-free exception occurred when the session was logged off. There is an issue between the SMB2 session logging-off and SMB2 session setup. This caused a user-after-free exception when the...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: espintcp: The caching of the encap socket has been removed to avoid reference leaks. The current scheme for caching the encap socket can lead to reference leaks when trying to delete the netns. The reference chain is: xfrmstate -...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: perf/x86/intel/uncore: Fixed a reference count leak in hswephaslimitsbox. pcigetdevice will increase the reference count of the returned ‘dev’. We need to call pcidevput to decrease the reference count. Since ‘dev’ is only use...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed the refcount leak for PCI devices According to the comments on pcigetdomainbusandslot, it returns a PCI device with a refcount that increments after use. The caller must decrement the reference count by calling...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevents deadlock by changing j1939sockslock to rwlock The following 3 locks may race against each other, causing a deadlock situation in the Syzbot bug report: - j1939sockslock - activesessionlistlock -...

Astra Linux - уязвимость в linux-5.10, linux

Several Linux PV device frontends are vulnerable to attacks by backends that use grant table interfaces to remove access rights from resources. This can lead to potential data leaks, data corruption by malicious backends, and denial of service attacks. The backends that use these interfaces may n...

Astra Linux - уязвимость в linux-5.10, linux

Several Linux PV device frontends are vulnerable to attacks by backends that use grant table interfaces to remove access rights from resources. This can lead to potential data leaks, data corruption by malicious backends, and denial of service attacks. The backends that use these interfaces may n...