Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: rose: convert ‘use’ field to refcountt The ‘use’ field in the struct roseneigh structure is used as a reference counter, but it lacks atomicity. This can lead to race conditions, where a roseneigh structure is freed while...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Thunderbolt: Fixed a use-after-free in tbdpdprxwork. The original code relied on canceldelayedwork in tbdpdprxstop, which does not ensure that the delayed work item tunnel-dprxwork has fully completed if it was already running...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: ipu-bridge: Fixed null pointer dereference issues during SSDB/PLD parsing. When functions ipubridgeparserotation and ipubridgeparseorientation are executed, sensor-adev is not set yet. Therefore, if either of these calls...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/mlx5: Fixed an implicit ODP hang during parent deregistration. Fixed the destroyunusedimplicitchildmr function to prevent a hang during parent deregistration as described in 1. When entering destroyunusedimplicitchildmr,...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: smb: Client: Fixed a use-after-free in cifsoplockbreak. A race condition can occur in cifsoplockbreak, leading to a use-after-free of the cinode structure when unmounting: c cifsoplockbreak cifsFileInfoputcfile cifsFileInfoputfin...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: tls: Taking a reference to psock after locking rxlock to avoid leaks At the beginning of tlsswrecvmsg, we take a reference to psock, and then call tlsrxreaderlock. If this call fails, we return directly without releasing the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: hwrng: amd – Fix the PCI device reference count leak foreachpcidev is implemented through pcigetdevice. The comment for pcigetdevice states that it will increase the reference count of the returned pcidev, and also decrease th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed a UAF issue in bpftrampolinelinkcgroupshim. The root cause of this bug is that when ‘bpflinkput’ reduces the refcount of ‘shimlink-link.link’ to zero, the resource is considered released, but may still be referenced vi...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: ceph: The incorrect reference check of Fw was removed when marking pages as dirty. When performing direct IO reads, the system will also attempt to mark pages as dirty. However, for the read path, it does not hold the Fw caps, an...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Net: Ethernet: mtkethsoc: Reset the progptr to oldprog in case of an error in mtkxdpsetup. Reset the eBPF program pointer to oldprog, and do not decrease its reference count if the mtkopen routine in mtkxdpsetup fails...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw: dmamux: fix OF node leak on route allocation failure Make sure that the reference to the DMA master OF node is also removed during late route allocation failures...

Astra Linux - уязвимость в python3.7, php7.3

The Keccak XKCP SHA-3 reference implementation, prior to the update of fdc6fef, has an integer overflow and resulting buffer overflow issue. This vulnerability allows attackers to execute arbitrary code or compromise the expected cryptographic properties of the algorithm. This issue occurs within...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: perf/core: Returns early when perfmmap fails. When perfmmap fails to allocate a buffer, it still invokes the eventmapped callback of the related event. On X86 architecture, this may increase the perfrdpmcallowed reference counter...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: nfc: Fixed potential resource leaks nfcgetdevice now takes a reference to the device and adds it; nfcputdevice is added to release it when no longer needed. Additionally, the warning message was corrected by using the error co...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: fix refcount leak on error path When failing to allocate reportdesc, opts-refcnt has already been incremented; therefore, it needs to be decremented to prevent the options structure from being permanently locke...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/smc: fixed a kernel panic caused by a race condition involving smcsock. A crash occurs when smccdctxhandler attempts to access smcsock, but smcrelease has already freed it. 4570.695099 BUG: Unable to handle a page fault for...

Astra Linux - уязвимость в linux-5.15, linux-6.1, linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: TLS: Fix for race conditions between async notify and socket close The thread that submitted the request the one that called recvmsg/sendmsg may exit as soon as the async crypto handler calls complete. Any code after that point...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: elx: libefc: Fixed potential use after free in efcnportvportdel The krefput function will call nport-release if the reference count drops to zero. The nport-release function is efcnportfree, which frees the “nport” object...

Astra Linux - уязвимость в linux, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ax25: Fixed issues related to reference count leaks in ax25dev. There are reference count leak issues with the object “ax25dev” in functions like ax25addrax25dev and ax25devdevicedown. A memory leak occurs in ax25addrax25dev...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fixed kernel panic during warm reset During warm reset, device-fwclient is set to NULL. If a bus driver is registered after this NULL setting and before new firmware clients are enumerated by ISHTP, kernel pan...