Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu/amdgpucs: fixed the reference count leak of a dmafence object. This issue occurs in an error path within amdgpucsfencetohandleioctl. When info-in.what falls under the default case, the function simply returns...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: The dvbdev: device driver adopts a mechanism called refcnt to avoid Use-After-Free errors. It is known that the function dvbunregisterdevice is prone to use-after-free issues. In other words, the cleanup performed by...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: tee, amdtee: fixed the use-after-free vulnerability in amdteeclosesession. There is a potential race condition in amdteeclosesession that may cause a use-after-free in amdteeopenSession. For example, if a session has a referen...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: pid: taking a reference when initializing cadpid During boot, kernelinitfreeable initializes cadpid to the struct pid of the init task. Later, we may change cadpid via sysctl. When this happens, procdocadpid will increment the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: cgroup/dmem: avoided UAF in the pool An UAF issue was observed: BUG: KASAN: slab-use-after-free in pagecounteruncharge+0x65/0x150 Write of size 8 at addr ffff888106715440 by task insmod/527 CPU: 4 UID: 0 PID: 527 Comm: insmod...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables – There is a possibility of module reference underflow in the error path. When nftexprclone fails, dst-ops is set. However, the module reference count has not been updated yet. As a result, nftexprdestroy...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cachefiles: The issue of incorrect dentry refcount in cachefilescull has been fixed. The patch mentioned below changed cachefilesburyobject to expect 2 references to the ‘rep’ dentry. Three of the caller functions were changed to...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mctp: route: hold key-lock in mctpflowprepareoutput The mctpflowprepareoutput function checks key-dev and may call mctpdevsetkey. However, it does not hold key-lock during this process. Both mctpdevsetkey and mctpdevreleasekey...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: PCI: Fixed a reference leak in pciregisterhostbridge. If deviceregister fails, call putdevice to release the reference, thereby avoiding a memory leak, as indicated in the comment near deviceregister. Identified during code revie...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nfsd: Avoid ref leaks in nfsdopenlocalfh If two calls to nfsdopenlocalfh race against each other and both successfully call nfsdfileacquirelocal, both will receive an additional reference to the network. This reference comes alon...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drbd: Added krefget to the handlewriteconflicts function. With “two-primaries” enabled, DRBD attempts to detect “concurrent” writes and handle write conflicts. This ensures that even if you write to the same sector simultaneously...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: perf/core: Fixed the refcount bug and potential UAF in perfmmap. Syzkaller reported a refcountt: addition on 0; use-after-free warning in perfmmap. The issue is caused by a race condition between a failing mmap setup and a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Fixed a double-free in the dma-buf feature. The error path through vfiopcicorefeaturedmabuf ignores its own advice to only use dmabufput after dmabufexport. Instead, it proceeds through the entire unwind chain. In the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: enetc: avoid buffer leaks on xdpdoredirect failure Before enetccleanrxringxdp calls xdpdoredirect, each software BD in the RX ring between index origi and i can have one of two refcount values on its page. We are the owner o...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: mediatek: common: Fixed a reference count leak in parsedailinkinfo. Added calls to ofnodeput before the returns from ofnodeget and ofnodeput, which can prevent imbalance if the “foreachavailablechildofnode” loop terminat...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ipmi:ipmb: The refcount leak in ipmiipmbprobe has been fixed. ofparsephandle returns a node pointer with a refcount incremented. We should use ofnodeput on it after processing. Add the missing ofnodeput call to avoid the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: 9p: Fixed the fid refcount leak in v9fsvfsgetlink. We now check for protocol versions that are later than required, after a fid has been obtained. Simply move the version check to an earlier stage...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fixed the reference count leak in hnsrocemmap. The function rdmausermmapentrygetpgoff takes a reference. Added the missing rdmausermmapentryput function to release the reference. Acknowledged by Haoyue Xu...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: macintosh: fixed a possible memory leak in macioaddonedevice. After committing 1fa5ae857bb1 “driver core: remove the struct device’s busid string array”, the name of the device is allocated dynamically. This memory needs to be...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: keys: Fixed UAF in keyput Once a key’s reference count is reduced to 0, the garbage collector thread may destroy it at any time. Therefore, keyput is no longer allowed to access the key after that point. The most it can normally ...