2590 matches found
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: xHCI: Corruption of the command ring pointer occurred during command aborts. The command ring pointer is located at bits 6:63 of the command ring control register CRCR. All control bits, such as those related to command stopping...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host – Added an alignment check for the event ring read pointer. Although we check the event ring read pointer using “isvalidringptr” to ensure it is within the buffer range, there is another risk that the pointer might...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Ring Buffer: Do not swap the cpubuffer during the resize process When the ringbufferswapcpu function is called during the resize process, the cpu buffer is swapped in the middle, resulting in an incorrect state. Continuing to run...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Tracing: Do not allow mmap of persistent ring buffers. When attempting to mmap a trace instance buffer that is attached to reservemem, it would cause a crash: BUG: Unable to handle a page fault for address: ffffe97bd00025c8 PF:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: xsk: Validated user input for XDPUMEM|COMPLETIONFILLRING syzbot reported an illegal copy in xsksetsockopt 1 Ensure that the @optlen parameter of setsockopt is validated. 1 BUG: KASAN: Out-of-bounds access in...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: bnxten: Fixed the receive ring space parameters when XDP is active. The MTU setting at the time a XDP multi-buffer is attached determines whether the aggregation ring will be used and the rxskbfunc handler. This is done in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: Let userspace handle the interrupt mask. The logic for setting the interrupt mask by default in uiohvgeneric driver has been removed. The interrupt mask value should be completely controlled by the user space. If th...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus – Do not free ring buffers that cannot be re-encrypted. In CoCo VMs, it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail, resulting in an error and the return of...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Ring-Buffer: Handled race conditions between rbmovetail and rbcheckpages. It appears there is a data race between writing to the ringbuffer and performing integrity checks. Specifically, the RBFLAG of headpage is being updated,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: ipa: Fixed the issue where the event ring index was not properly programmed for IPA v5.0+. For IPA v5.0+ onwards, the event ring index field has been moved from CHCCNTXT0 to CHCCNTXT1. In IPA v5.0, this field was intended to...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Net: Atlantic – Eliminate double-free operations in error handling logic. The driver has a logic flaw in ring data allocation/free. In this flaw, aqringfree may be called multiple times within the same ring. This can occur whe...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: iouring: fixed the error in pbuf checking Syz reports a problem, which boils down to inconsistent error handling of NULL vs ISERR in ioallocpbufring. KASAN: nullptrderef in the range 0x0000000000000000-0x0000000000000007 RIP:...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: perf/core: Fixed a data race between perfeventsetoutput and perfmmapclose. Yang Jihing reported a race between perfeventsetoutput and perfmmapclose: CPU1 CPU2 perfmmapclosee2 if atomicdecandtest&e2-rb-mmapcount // 1 - 0 then...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ionic: Fix kernel panic in XDPTX action In the XDPTX path, the ionic driver sends a packet to the TX path along with the rx page and the corresponding DMA address. After the TX operation is completed, the ionictxclean function...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: Tracing: Free buffers when a used dynamic event is removed After 65536 dynamic events have been added and removed, the “type” field of the event uses the first available type number which is not currently used by other events. A...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: usb: cdnsp: Fixed a NULL pointer dereference in cdnspendpointinit In cdnspendpointinit, the function cdnspringalloc is assigned to pep-ring. There is a dereference of this variable in cdnspendpointinit, which could lead to a NULL...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Masking of ring interrupts before the ring stop request is made. The bus cleanup path in DMA mode may trigger a RINGOPSTAT interrupt when the ring is being stopped. Depending on the timing between the completio...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: perf/core: Fixed a reference count bug and a potential UAF in perfmmap. Syzkaller reported a refcountt issue where the increment of the reference count was set to 0; there was also a warning about a use-after-free when using...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: i3c: mipi-i3c-hci: Correct handling of RINGCTRLABORT in DMA dequeue. The logic used to abort the DMA ring contains several flaws: 1. The driver issues an abort unconditionally, even when the ring has already stopped. 2. The...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Ring-buffer: Fixed the possibility of dereferencing an uninitialized pointer. There is a pointer called headpage in the function rbmetavalidateevents, which is not initialized at the beginning of the function. This pointer can be...