Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: smb: server: The senddone handler now handles completion without using IBSENDSIGNALED. With smbdirectsendbatch, we likely have requests that do not include IBSENDSIGNALED. These requests will be destroyed during the final request...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Fixed a signedness bug in smbdirectpreparenegotiation. The function smbdirectpreparenegotiation casts a unsigned u32 value from sp-maxrecvsize and req-preferredsendsize into a signed int before calculating mintint, .......

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: IB/cm: A drop lockdep assertion and WARN are issued when freeing old messages. The send completion handler can run after cmid has advanced to another message. In this case, the cmid lock is not necessary. However, a recent change...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Net: TLS – Fix for the WARNING message when using skmsgfree. A splice operation with MSGSPLICEPAGES causes the TLS sendmsg code to use the tlsswsendmsgsplice path to move the user-provided pages from the msg buffer to the msgpl...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: TCP: fixed page frag corruption upon a page fault. Steffen reported a corruption of the TCP stream for HTTP requests served by the Apache web-server, using a CIFS mount-point and the corresponding file’s memory mapping. The root...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: smb: client: avoid double-free in smbdfreesendio after smbdsendbatchflush smbdsendbatchFlush already calls smbdfreesendio; therefore, we should not call it again after smbdpostsend. It has been moved to the batch list...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: MGMT: validate the length of the advertising payload sent via meshsend The meshsend function currently limits the MGMTOPMESHSEND operation based on the total command length. However, it does not verify whether the...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel before version 6.5.9, there is a NULL pointer dereferencing in the sendacknowledge function in net/nfc/nci/spi.c...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: rose: Fixed NULL pointer dereferencing in rosesendframe The syzkaller reported an issue: KASAN: NULL pointer dereferencing in range 0x0000000000000380-0x0000000000000387 CPU: 0 PID: 4069 Comm: kworker/0:15 Not tainted...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xsk: Check IFFUP earlier in the Tx path. The Xsk Tx operation can be triggered via either sendmsg or poll system calls. Both paths involve a call to the common function xskxmit, which contains two sanity checks. Here’s a...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: iavf: Fixed error handling related to adminq. iavfallocasqbufs/iavfallocarqbufs allocate memory for VF mailbox using dmaalloccoherent. DMA regions are freed for both ASQ and ARQ in case an error occurs during the configuration...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: NFSD: Protection against send buffer overflow in NFSv2 READ Since the time before the advent of Git, NFSD has managed the number of pages held by each nfsd thread by combining the RPC receive and send buffers into a single array ...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a signed-integer-overflow bug in tcpaddbacklog The types of skrcvbuf and sksndbuf within the struct sock structure are int. In tcpaddbacklog, the limit for the buffer size is calculated by adding skrcvbuf, sksndbuf, an...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mt76: mt76x02u: fixed a possible memory leak in mt76x02umcusendmsg. Free the skb if mt76ubulkmsg fails in the mt76x02umcusendmsg routine...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: phy: ti: phy-omap-usb2: Fixed NULL pointer dereferencing for SRP. If the external PHY working together with phy-omap-usb2 does not implement sendsrp, we may still attempt to call it. This can occur on an idle Ethernet device that...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix stack protector issue in sendipidata Function kvmiobusread is called in function sendipidata, buffer size of parameter val should be at least 8 bytes. Since some emulation functions like loongarchipireadl and...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fixed a panic that occurs when the ipoib sendqueuesize is increased beyond the default value. When the ipoib sendqueuesize is increased, the following panic occurs: RIP: 0010:hfi1ipoibdraintxring+0x45/0xf0 hfi1 Code: 31 ...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: In the “send” operation, there is a issue with handling path ref underflow during the header iterate inoderef function. Change BUGON to proper error handling if building the path buffer fails. The pointers are not...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: scsi: zfcp: Fixed a double-free of the FSF request when qdiosend fails We previously used the wrong type of integer in ‘zfcpfsfreqsend’ to cache the FSF request ID when sending a new FSF request. This was necessary in cases where...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: sctp: Check the send stream number after waitforsndbuf This patch addresses a corner case where the number of out streams may change after waitforsndbuf. When the main thread in the client initiates a connection, if the number of...