Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: kernfs: The constraint in the draining guard has been relaxed. The active reference lifecycle provides a mechanism for breaking/unbreaking references, but the active reference is not truly active after unbreaking—callers do not u...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: In the nfreject function, there is no need to leak the reference count of the dst entry for loopback packets. Recent patches that added a WARN message when replacing the skb dst entry have identified an old bug:...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: kernfs: A use-after-free occurred in kernfsremove. Syzkaller managed to trigger concurrent calls to kernfsremovebynamens for the same file, resulting in a KASAN-use-after-free condition. This race condition occurs when the roo...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: A flaw in smbcheckpermdacl has been fixed. The issue occurs in a specific part of smbcheckpermdacl. When “id” and “uid” have the same value, the function simply jumps out of the loop without decrementing the reference coun...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: serial: pch: Fixed the reference count leak in pchrequestdma. According to the comments on pcigetslot, it returns a pcidevice with its reference count increased. The caller must decrement the reference count by calling pcidevput...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: phy: ti: tusb1210: Resolve charger-det crash if charger psy is unregistered The powersupply framework is not actually designed to have long references to powersupply devices in the kernel. Specifically, unregistering a powersuppl...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdkfd: Fixed a memory leak in the createprocess failure. Fixed a memory leak caused by a leaked mmget reference in a error handling code path, which is triggered when attempting to create KFD processes while a GPU reset i...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: vlan: fixed an underflow issue related to the realdev refcnt. An error is injected before devholdrealdev in registervlandev, and the following testcase is executed: bash ip link add dev dummy1 type dummy ip link add name...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fixed a deadlock that occurred during netdev reset with active connections. This issue was addressed by preventing the deadlock that occurs when the netdev function is executed during a device reset while RDMA...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imondisconnect Syzbot reports a KASAN issue as follows: BUG: KASAN: use-after-free in createpipe, include/linux/usb.h:1945 inline BUG: KASAN: use-after-free in sendpacket+0xa2d/0xbc0,...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fixed the issue of double module refcount decrementation. Once the discipline is associated with the device, deleting the device will cause the module’s refcount to be decreased. Performing this operation manually alon...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Softwarenodegetreferenceargs: A OOB check was corrected. Softwarenodegetreferenceargs attempts to retrieve the @index-th element. The property value requires at least ‘index + 1 sizeofref’ bytes, but this condition cannot be...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: fixed the usage of devicegetnamedchildnode The documentation for devicegetnamedchildnode mentions this important point: “The caller is responsible for calling fwnodehandleput on the returned fwnode...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: xfrm: The issue occurs in the error path of the xfrmpolicycheck function. When the fetching process of the object pols1 fails, the function simply returns 0, without decrementing the reference count of pols0. This reference count...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: USB: Roles – Fixed NULL pointer issue when referencing the module’s reference. In the current design, the USB role class driver will obtain a reference to the module of the usbroleswitch object after the user selects the...

Astra Linux - уязвимость в linux-5.10, linux

Several Linux PV device frontends are vulnerable to attacks by backends that use grant table interfaces to remove access rights from resources. This can lead to potential data leaks, data corruption by malicious backends, and denial of service attacks. The backends that use these interfaces may n...

Astra Linux - уязвимость в linux-5.10, linux

Several Linux PV device frontends are vulnerable to attacks by backends that use grant table interfaces to remove access rights from resources. This can lead to potential data leaks, data corruption by malicious backends, and denial of service attacks. The backends that use these interfaces may n...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: AppArmor: Fixed a reference count leak in aapivotroot. The aapivotroot function has a reference counting bug in a specific path. When aareplacecurrentlabel returns successfully, the function forgets to decrement the reference...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sessionnew: fix skb reference counting Since j1939sessionskbqueue performs an additional skbget operation for each new skb, doing the same operation for the initial skb in j1939sessionnew will prevent refcount...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fixed the issue where a user-after-free exception occurred when the session was logged off. There is an issue between the SMB2 session logging-off and SMB2 session setup. This caused a user-after-free exception when the...