Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: kunit: fixed the reference count leak in kfreeatend The reference counting issue occurs during the normal execution of kfreeatend. When kunitallocandgetresource is called, the function fails to properly handle the returned resour...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/sched: A fix was made to prevent reference leaks of netdevice objects in attachdefaultqdiscs. In attachdefaultqdiscs, if a device has multiple queues and queue 0 fails to attach a qdisc due to lack of memory during...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Only drop the call reference if one has been acquired. The function rxrpcinputpacketonconn can process a packet for the client after the current client call on the channel has already been terminated. In this case, chan-ca...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: schedext: Redundant cssput calls have been removed from scxcgroupinit. The iterator cssforeachdescendantpre iterates through the cgroup hierarchy under cgrouplock. It does not increment the reference counts on css structs that ar...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: phy: isp1301: fix non-OF device reference imbalance A recent change to fix a device reference leak in a UDC driver introduced a potential use-after-free in the non-OF case. The isp1301getclient helper only increments the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Fixed a reference leak in amdgpuuserqwaitioctl. Also, removed the reference to syncobj and timeline fence when aborting the ioctl, as it caused issues due to the output array being too small. This issue was...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: mediatek: common: Fixed a reference count leak in parsedailinkinfo. Added calls to ofnodeput before the returns from ofnodeget and ofnodeput, which can prevent imbalance if the “foreachavailablechildofnode” loop terminat...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: The issue of reference count leak for PCI devices in hasexternalpci has been fixed. foreachpcidev is implemented through pcigetdevice. The comment accompanying pcigetdevice states that it will increase the reference...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/smc: fixed a kernel panic caused by a race condition involving smcsock. A crash occurs when smccdctxhandler attempts to access smcsock, but smcrelease has already freed it. 4570.695099 BUG: Unable to handle a page fault for...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: ceph: The incorrect reference check of Fw was removed when marking pages as dirty. When performing direct IO reads, the system will also attempt to mark pages as dirty. However, for the read path, it does not hold the Fw caps, an...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net/smc: It was fixed that link down work might be scheduled before lgr is freed, but it would execute after lgr is freed, which could lead to a crash. Therefore, it is necessary to hold a reference before scheduling the link dow...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: elx: libefc: Fixed potential use after free in efcnportvportdel The krefput function will call nport-release if the reference count drops to zero. The nport-release function is efcnportfree, which frees the “nport” object...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: keys: Fixed UAF in keyput Once a key’s reference count is reduced to 0, the garbage collector thread may destroy it at any time. Therefore, keyput is no longer allowed to access the key after that point. The most it can normally ...

Astra Linux - уязвимость в linux, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ax25: Fixed issues related to reference count leaks in ax25dev. There are reference count leak issues with the object “ax25dev” in functions like ax25addrax25dev and ax25devdevicedown. A memory leak occurs in ax25addrax25dev...

Astra Linux - уязвимость в linux, linux-5.15, linux-6.1, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: tls: Separating the handling of no-async decryption requests from async. If we are not using async, the handling is much simpler. There is no reference counting; we simply need to wait for the completion to wake us up and return...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: rtc: gamecube: Fixed a refcount leak in gamecubertcreadoffsetfromsram. The offindcompatiblenode function returns a node pointer whose refcount is incremented. We should use ofnodeput on it after processing. Also, add the missing...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: writeback: Fixed the use of “free” after processing in inodeswitchwbsworkfn. The function inodeswitchwbsworkfn has a loop like this: c wbgetnewwb; while 1 list = llistdelall&newwb-switchwbsctxs; / Nothing to do? / if !list break;...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: spi: tegra20-slink: Fixed a UAF Use-after-Allocation issue in tegraslinkremove. After calling spiunregistermaster, the refcount of the master will be decreased to 0, and it will be freed in spicontrollerrelease. The device data...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ATA: libata-transport: fixed the double call to atahostput in atatportadd In the error path in atatportadd, when calling putdevice, atatportrelease is called. This function decreases the refcount of ‘ap-host’. Then, atahostput is...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: The issue of reference count leak for PCI devices was fixed in dmardevscopeinit. The function foreachpcidev is implemented through pcigetdevice. The comment accompanying pcigetdevice states that it will increase the...