Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdkfd: Fixed a memory leak in the createprocess failure. Fixed a memory leak caused by a leaked mmget reference in a error handling code path, which is triggered when attempting to create KFD processes while a GPU reset i...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race The function sgremovesfpusercontext must not use sgdeviceDestroy after calling scsidevicePut. sgdeviceDestroy accesses the parent scsidevice request queue, which will already be set to NULL...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: vlan: fixed an underflow issue related to the realdev refcnt. An error is injected before devholdrealdev in registervlandev, and the following testcase is executed: bash ip link add dev dummy1 type dummy ip link add name...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: fixed the usage of devicegetnamedchildnode The documentation for devicegetnamedchildnode mentions this important point: “The caller is responsible for calling fwnodehandleput on the returned fwnode...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: phy: ti: tusb1210: Resolve charger-det crash if charger psy is unregistered The powersupply framework is not actually designed to have long references to powersupply devices in the kernel. Specifically, unregistering a powersuppl...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imondisconnect Syzbot reports a KASAN issue as follows: BUG: KASAN: use-after-free in createpipe, include/linux/usb.h:1945 inline BUG: KASAN: use-after-free in sendpacket+0xa2d/0xbc0,...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: xfrm: The issue occurs in the error path of the xfrmpolicycheck function. When the fetching process of the object pols1 fails, the function simply returns 0, without decrementing the reference count of pols0. This reference count...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: AppArmor: Fixed a reference count leak in aapivotroot. The aapivotroot function has a reference counting bug in a specific path. When aareplacecurrentlabel returns successfully, the function forgets to decrement the reference...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: perf/x86/intel/uncore: Fixed a reference count leak in hswephaslimitsbox. pcigetdevice will increase the reference count of the returned ‘dev’. We need to call pcidevput to decrease the reference count. Since ‘dev’ is only use...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: In the nfreject function, there is no need to leak the reference count of the dst entry for loopback packets. Recent patches that added a WARN message when replacing the skb dst entry have identified an old bug:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: A reference count leak was fixed in snruncoremmiomap. pcigetdevice increases the reference count of the returned pcidev. Therefore, snruncoregetmcdev will return a pcidev with its reference count increased...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: rpmsg: Fixed a possible refcount leak in rpmsgregisterdeviceoverride. rpmsgregisterdeviceoverride needs to call putdevice to free the vch when driversetoverride fails. This issue was fixed by adding a call to putdevice in the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed the refcount leak for PCI devices According to the comments on pcigetdomainbusandslot, it returns a PCI device with a refcount that increments after use. The caller must decrement the reference count by calling...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: usb: ohci-nxp: Fixed the refcount leak in ohcihcdnxpprobe. ofparsephandle returns a node pointer with a refcount incremented; we should use ofnodeput on it when it is no longer needed. Add ofnodeput to avoid the refcount leak...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fixed a deadlock that occurred during netdev reset with active connections. This issue was addressed by preventing the deadlock that occurs when the netdev function is executed during a device reset while RDMA...

Astra Linux - уязвимость в wayland

An internal reference count is maintained on the buffer pool; this count increments every time a new buffer is created from the pool. The reference count is stored as an integer. On LP64 systems, this can lead to an overflow if the client creates a large number of wlshm buffer objects, or if it...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: USB: Roles – Fixed NULL pointer issue when referencing the module’s reference. In the current design, the USB role class driver will obtain a reference to the module of the usbroleswitch object after the user selects the...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: PCI/DPC: Fixed a use-after-free issue when a DPC event occurs concurrently during hot removal. Keith reported a use-after-free when a DPC event occurs concurrently during hot removal of the same portion of the hierarchy. The...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: espintcp: The caching of the encap socket has been removed to avoid reference leaks. The current scheme for caching the encap socket can lead to reference leaks when trying to delete the netns. The reference chain is: xfrmstate -...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sessionnew: fix skb reference counting Since j1939sessionskbqueue performs an additional skbget operation for each new skb, doing the same operation for the initial skb in j1939sessionnew will prevent refcount...