Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed a NULL pointer dereference in amdgpudmi2cxfer. When ddcserviceconstruct is called, it explicitly checks both the link type and whether there is something on the link that will determine whether the pin is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Free the “struct kvmcpuidentry2” array after a post-KVMRUN KVMSETCPUID,2 operation. The “struct kvmcpuidentry2” array is freed only in case of failure after a post-KVMRUN KVMSETCPUID,2 operation. This fixes a memory lea...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: block: Disable the elevator delgendisk. The elevator is only used for file system operations, which are halted during delgendisk. Disabling the elevator and freeing the scheduler tags should be moved to the end of delgendisk,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Do not allow SETID to refer to another table. When performing lookups for sets within the same batch using their IDs, a set from a different table can be utilized. However, when the table is removed, a...

Astra Linux - уязвимость в linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: restore set elements when delete set fails From the abort path, nftmapelemactivate needs to restore refcounters to their original state. Currently, it uses set-ops-walk to iterate over these set elements. The...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fixed the peer devlink set for the SF representative devlink port. The referenced patch changed the register devlink flow and failed to reflect the changes in the peer devlink set logic. The peer devlink set triggers a...

Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftsetrbtree: fixed a null dereference issue when inserting elements There is no guarantee that rbprev will not return NULL in nftrbtreegcelem: General protection fault, likely due to an non-canonical address...

Astra Linux - уязвимость в postgresql-11

Incomplete tracking of tables with row security in PostgreSQL allows a reused query to view or modify different rows than intended. CVE-2023-2455 and CVE-2016-2193 addressed most interactions between row security and changes to user IDs. However, they did not cover cases where a subquery, WITH...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: soundwire: Reverted “soundwire: qcom: Add setchannelmap API support”. This reversion is associated with commit 7796c97df6b1b2206681a07f3c80f6023a6593d5. This patch caused issues with Dragonboard 845c sdm845. The issues include...

Astra Linux - уязвимость в net-snmp

Net-SNMP provides various tools related to the Simple Network Management Protocol. Prior to version 5.9.2, a malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable could lead to an out-of-bounds memory access. A user with read-write credentials could exploit this issue. Versio...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: drm: msm: fixed a possible memory leak in mdp5crtccursorset drmgemobjectlookup will call drmgemobjectget inside it. Therefore, cursorbo needs to be set when msmgemgetandpiniova fails...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Netfilter: ipset – It is necessary to hold the module reference while requesting a module. The user space may unload the ipset.ko module while it is itself requesting a set-type backend module, resulting in a kernel crash. This...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: serial: liteuart: Fixed a NULL pointer dereferencing in -remove. The drvdata parameter must be set in probe; otherwise, platformgetdrvdata causes a NULL pointer dereferencing bug in remove...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: The page extent mapping was set after the readfolio operation in relocateonepage. One of the CI runs triggered the following panic: Assertion failed: PagePrivatepage && page-private, in fs/btrfs/subpage.c:229 ----------...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fixed atomic context locking issue The ncmsetalt function was holding a mutex to prevent race conditions with configfs. This function invokes the mightsleep function within an atomic context. The struct pointer...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: mt7996: Avoid NULL pointer dereferencing in mt7996setmonitor The function mt7996setmonitor dereferences a pointer to phy before performing the NULL sanity check. This issue can lead to NULL pointer dereferencing. To f...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: fbdev: The issue was fixed by correcting fbsetvar to prevent a null-ptr dereference in fbvideomodetovar. If fbaddvideomode in fbsetvar fails to allocate memory for fbvideomode, it may lead to a null-ptr dereference in...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: bcache: fixed a NULL pointer in cachesetFlush 1. LINE1794 – LINE1887 contains code related to the function of bchcachesetalloc. 2. LINE2078 – LINE2142 contains code related to the function of registercacheset. 3. The function...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9khtc: Use skbsetlength to reset urb before resubmitting it. Syzbot points out that skbtrim has a sanity check on the existing length of the skb; this length might not be initialized in some error-prone situations. The...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fbcon: A NULL pointer dereference issue was fixed in fbconputcs. syzbot has identified a NULL pointer dereference bug in fbcon. Here is the simplified C code for the bug: c struct param uint8t type; struct tioclselection ts; ; in...