7906 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fixed a possible crash that occurred when setting up bsg failed. If bsgsetupqueue fails, the bsgqueue is assigned a non-NULL value. Consequently, in mpi3mrbsgexit, the condition “if!mrioc-bsgqueue” will not be...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: PCI: Keystone: Fixed a NULL pointer dereferencing issue in case of a DT error in kspciesetuprcapp regs. If IORESOURCEMEM is not provided in the Device Tree due to any error, resourcelistfirsttype will return NULL, and...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: um: line: always fill errorout in setuponeline The pointer is not initialized by the callers, but I’ve encountered cases where it is still printed; initialize it in all possible cases within setuponeline...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: um: Fixed an out-of-bounds read in LDT setup syscallstubdata expects the datacount parameter to be the number of longs, not bytes. ================================================================== BUG: KASAN: Out-of-bounds acces...
Astra Linux – Vulnerability in liblivemedia
A heap-use-after-free vulnerability was discovered in live555 version 2023.05.10 while handling the SETUP process...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: um: Fixed potential integer overflow during physmem setup. This issue occurs when the real map size is greater than LONGMAX, and it can be easily triggered on UML/i386...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup The linked list elements and pointers are not stored in the same memory as the HDMA controller register. If the doorbell register is toggled...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: SUNRPC: Fixed null-ptr-deref when xps sysfs alloc fails There is a null-ptr-deref when xps sysfs alloc fails: BUG: KASAN: null-ptr-deref in sysfsdocreatelinksd+0x40/0xd0 Reading a 8-byte value at address 0000000000000030 by ta...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Networking layer: dsa: Microchip: Do not free uninitialized kszirq. If there are issues during initialization, the kszirqfree function may be called on uninitialized kszirq values for example, when kszptpirqsetup fails. This can...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: xfs: fixed a UAF Use-After-Value issue in xattr repair. The xchksetupxattrbuf function can allocate a new value buffer; therefore, any reference to ab-value before the call could become a dangling pointer. This issue was fixed...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bondsetupbyslave Commit 9eed321cde22 "net: lapbether: only support ethernet devices" has been able to keep syzbot away from net/lapb, until today. In the following splat 1, the issue is that a lapbethe...
Astra Linux - Vulnerability in linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix call trace in setuptxdescriptors After a PF reset and running ethtool -t, a call trace appeared in dmesg, sometimes leading to a panic. When there was a delay of about 5 seconds between the reset and the test, no errors...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: UBLK: Failure to recover a device if queue setup is interrupted In ublkctrlendrecovery, if waitforcompletioninterruptible is interrupted by a signal, the queues are not set up successfully. As a result, we must fail the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: igc: Do not fail igcprobe on LED setup errors When igcledsetup fails, igcprobe fails, leading to a kernel panic in freenetdev. This occurs because unregisternetdev is not called. This behavior can be tested using the...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ubifs: Memory freed for the tmpfile name When opening a ubifs tmpfile in an encrypted directory, the function fscryptsetupfilename allocates memory for the name that will be stored in the directory entry. However, after the name ...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: In md/raid10, there is a issue where memory leaks occur in the MD thread. In raid10run, if setupconf succeeds and raid10run fails before setting ‘mddev-thread’, then the variable ‘conf-thread’ is not freed after the failure. This...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Validates the mech token during session setup. If a client sends an invalid mech token in a session setup request, ksmbd validates it and reports an error if the token is invalid...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/pagewalk: fixed a race condition between concurrent operations involving splitting PUD entries and refaulting PUD leaf entries. The splitting of a PUD entry in walkpudrange can cause a race with a concurrent thread that refaul...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: remoteproc: sysmon: fix memory leak in qcomaddsysmonsubdev The kfree function should be called when ofirqgetbyname fails or devmrequestthreadedirq fails in qcomaddsysmonsubdev. Otherwise, a memory leak will occur; therefore, addi...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net, sunrpc: Remapping EPERM in case of connection failure in xstcpsetupsocket. When using a BPF program on kernelconnect, the call may return -EPERM. This causes xstcpsetupsocket to loop indefinitely, filling up the syslog and...