Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-msm: pervent access to suspended controller The generic sdhci code registers the LED device and uses the host-runtimesuspended flag to protect access to it. The sdhci-msm driver does not set this flag, which results in...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: Prevent USB core from accessing an invalid event buffer address This commit addresses a issue where the USB core might access an invalid event buffer address during runtime suspension, potentially causing SMMU...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: s390: Fixed a double-free of GS and RI CBs upon a fork failure. The pointers for guarded storage and runtime instrumentation control blocks are stored in the threadstruct of the associated task. These pointers are initially...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: It was resolved that holding a reference to the PM usage count is necessary to avoid deadlocks between PM and MDIO operations along with RTNL. It is important to prevent USB runtime PM autosuspend for the AX88772...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: clk: imx95-blk-ctl: Fixed synchronous abort When enabling runtime PM for clock suppliers that also belong to a power domain, the following crash occurs: Error: Synchronous external abort: 0000000096000010 1 PREEMPT SMP Workqueue:...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: arm64: efi: Make efirtlock a rawspinlock Running a rt-kernel base on 6.2.0-rc3-rt1 on an Ampere Altra outputs the following: BUG: A sleeping function is called from an invalid context at kernel/locking/spinlockrt.c:46 inatomic: 1...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: BPF: The %p% format string is rejected in bprintf-like helpers. static const char fmt = "%p%"; bpfTracePrintkkernel, fmt, sizeoffmt; The above BPF program is not rejected, but it causes a kernel warning at runtime: “Please remove...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: um: initcputasks earlier. This issue is currently handled in umlfinishsetup. However, for example, when KCOV is enabled, this can cause crashes. This happens because some initialization code may call functions like memparse, whic...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Counter: rz-mtu3-cnt: Do not use the dev member of the struct rzmtu3channel. The counter driver can use HW channels 1 and 2, while the PWM driver can use HW channels 0, 1, 2, 3, 4, 6, 7. The dev member is assigned both by the...

Astra Linux - уязвимость в binutils

A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in GNU Binutils 2.32. It is an out-of-bounds read that leads to a segmentation fault in bfdgetl32 in libbfd.c, when called from pex64getruntimefunction in pei-x8664.c...

Astra Linux - уязвимость в pypdf2

pypdf is a pure-Python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. An attacker who exploits this vulnerability can create a PDF that results in unexpected long execution times. This quadratic execution time blocks the current process and can even...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix PM runtime usage count underflow Replace pmruntimeputsync with pmruntimedontuseautosuspend in the remove path to properly pair with pmruntimeuseautosuspend from the probe function. This allows...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Drivers: Ethernet: cpsw – A panic occurs when the interrupt coalescing setting is applied via ethtool. The cpswethtoolbegin function directly returns the result of pmruntimegetsync. When successful, pmruntimegetsync returns...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: spi: stm32-ospi: Fixed a resource leak in the remove callback. The remove callback returned early if pmruntimeresumeandget failed, skipping the cleanup of the SPI controller and other resources. This issue has been addressed by...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fixed a missing runtime PM reference in ccsmodestore. ccsmodestore calls xegtreset, which internally invokes xepmruntimegetnoresume. This function requires the caller to already hold an outer runtime PM reference, and war...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: efi: libstub – Only privRuntimeMap is freed when it is allocated. privRuntimeMap is only allocated when efinovamap is not set. Otherwise, it remains uninitialized. In the error path, privRuntimeMap is freed unconditionally. Avoid...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: spi: rockchip: Resolved unbalanced runtime PM/system PM handling The commit e882575efc77 “spi: rockchip: Suspending and resuming the bus during NOIRQSYSTEMSLEEPPM operations” no longer respects the runtime PM status and simply...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: usb: renesasusbhs: The reordering of clock handling and power management in the probe function. The initialization sequence in usbhsprobe needs to be reordered to enable Runtime Power Management PM before accessing registers. Thi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: q6afe-clocks: fixed the issue of reprobing of the driver. The q6afe-clocks driver may experience reprobing situations. For example, if the APR services are restarted after a firmware crash. However, currently, the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: “hungtask”: fixed warnings caused by unaligned lock pointers. The blocker tracking mechanism assumes that lock pointers are at least 4-byte aligned so that their lower bits can be used for type encoding. However, as reported by...