745 matches found
EUVD-2026-39900
In the Linux kernel, the following vulnerability has been resolved: mailbox: add sanity check for channel array Fail gracefully if there is no channel array attached to the mailbox controller. Otherwise the later dereference will cause an OOPS which might not be seen because mailbox controllers...
CVE-2026-53295
CVE-2026-53295 (Linux kernel) : The mailbox subsystem contains a missing sanity check for the channel array on a mailbox controller. If no channel array is attached, subsequent dereferencing can trigger an OOPS, potentially not visible because mailbox controllers may initialize very early. The fi...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: “Revert ‘f2fs: fix to do sanity check on extent cache correctly’” The syzbot reports a bug in f2fs as follows: UBSAN: Array-index-out-of-bounds in fs/f2fs/f2fs.h:3275:19 Index 1409 is out of range for type ‘le32923’ aka ‘unsigned...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: f2fs: a fix was made to avoid potential memory corruption in updateiostatlatency. A sanity check for iotype was added to prevent potential memory corruption. This fixes the compile error reported below: fs/f2fs/iostat.c:231...
Astra Linux – Vulnerability in Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: f2fs: A sanity check was added for the F2FSInlineDATA flag in the inode during garbage collection GC. The syzbot reports the following f2fs bug: ------------ Cut here ------------ Kernel BUG: At fs/f2fs/inline.c:258 CPU: 1 PID: 3...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed the sanity check on summary information As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 BUG: KASAN: use-after-free in recoverdata+0x63ae/0x6ae0 f2fs Read of size 4 at addr...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fixed invalid data access in ath12kdprxhundecapnwifi. In certain cases, hardware may generate packets with a length greater than the maximum native Wi-Fi header length. This can lead to accessing and modifying field...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: A fix was made to perform a sanity check on the destination blkaddr during recovery. As Wenqing Liu reported in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 loop5: A change in capacity was detected, from 0...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/msm/dp: fixed memory corruption due to too many bridges. Added a missing sanity check on the bridge counter to prevent corruption of data beyond the fixed-sized bridge array, in case there are more than eight bridges...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/cxgb4: A potential null-ptr-deref occurred in passestablish. If getepfromtid fails to find a non-NULL value for ep, ep will be dereferenced later, regardless of whether it is empty. This patch adds a simple sanity check to f...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: carl9170 – added a proper sanity check for endpoints. Syzkaller reports that a warning was triggered due to the presence of an incorrect endpoint type during the URB processing stage. Although a check was performed for a...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Fixed the sanity check on ixattrnid in sanitycheck inode. syzbot reports a kernel bug as follows: F2FS-fs loop0: Mounted with checkpoint version = 48b305e4 ========================================== BUG: KASAN:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: f2fs: added a sanity check on sitbitmapsize. With the above testcase, resizing will generate a corrupted image that contains inconsistent metadata. Therefore, when mounting such an image, it will trigger a kernel panic. Steps to...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ath5k: The OOB issue in ath5keepromreadpcalinfo5111 has been fixed. The bug was discovered during fuzzing. The stack trace indicates that the issue lies in ath5keepromconvertpcalinfo5111. When no curve is selected in the loop, th...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: f2fs: A sanity check was added for the block address in the f2fsdozerorange function. As reported by Yanming in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215894 I have encountered a bug in the F2FS file system in the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: media: imon: fix access to invalid resources for the second interface The imon driver probes two USB interfaces. When probing the second interface, the driver assumes blindly that the first interface was bound to the same imon...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: qca: fixed an issue where information was leaked when retrieving the board ID. A missing sanity check was added when retrieving the board ID to prevent the leakage of slab data when requesting the firmware later...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: Squashfs: sanity check for symbolic link sizes Syzkiller reports a bug named “KMSAN: uninit-value in picklink”. This issue is caused by an uninitialized page, which ultimately results from reading a corrupted symbolic link siz...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fslupm: A bug in the funexecop function was fixed; a “off-by-one” test was corrected. The “op-cs” values are copied into “fun-mchipnumber”, which is used to access the “mchipoffsets” and “rnbgpio” arrays. These arra...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: CDC-NCM: Avoid overflows in sanity checks. A malfunctioning device may produce an extreme offset like 0xFFF0, along with a fragment of reasonable length. In the currently formulated sanity check, this will cause an integer...