1258 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: e100: Fixed possible use of memory after it is freed in e100xmitprepare. In e100xmitprepare, if it is not possible to map the skb, then -ENOMEM is returned. As a result, e100xmitframe will return NETDEVTXBUSY, and the upper layer...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: octeonep: Added handling of SKB allocation failures in octepoqprocessrx. The buildskb function returns NULL in case of a memory allocation failure. Therefore, this behavior should be handled within octepoqprocessrx to avoid NULL...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed a recursive lock issue when the streamverdict program returns SKPASS. When the streamverdict program returns SKPASS, it places the received skb into its own receive queue. However, a recursive lock occurs eventually,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: virtio-net: Fixed pages leaking when building skb in big mode. We attempt to use buildskb if there is sufficient “tailroom”. However, we forget to release the unused pages that are chained via private in big mode, which can lead ...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: lltemac: Ensure that the skb is freed when it is completely used. By using the TX BD to track the skb pointer, we have a simple and efficient way to free the skb buffer after the frame has been transmitted. However, in order...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fixed the issue of the sentcmd skb being leaked before it was freed. The sentcmd memory was not freed before freeing hcidev, causing it to leak its contents...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: net: Missing check for virtio Two missing checks in virtionethdrtoskb allowed syzbot to crash kernels again. 1. After the skbsegment function, the buffer may become non-linear nrfrags != 0. However, since the SKBTXSHAREDFRAG...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: rpl: Fix use-after-free in rpldosrhinline. Running lwtdstcacherefloop.sh in selftest with KASAN triggers the splat below 0. rpldosrhinline fetches ipv6hdrskb and accesses it after skbcowhead, which is illegal as the header could ...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: can: dev: canrestart: fix use after free bug After calling netifrxniskb, dereferencing skb is unsafe. In particular, the canframe field, which aliases skb memory, is accessed after the netifrxni function in: stats-rxbytes +=...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: skbuff: fixed the coalescing behavior for pagepool fragment recycling. Fixed a use-after-free issue when using pagepool with page fragments. We encountered this problem during normal RX processing in the hns3 driver: 1 Initially,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: nfc: fdp: Fixed a potential memory leak in fdpncisend. The fdpncisend function calls fdpncii2cwrite, which does not free the skb object after its execution. As a result, when fdpncii2cwrite is completed, the skb object will...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: cdceem: Fix for the leak in eemfixup when usbnet transmits a skb. When usbnet transmits a skb, it is processed in eemtxfixup. If skbcopyexpand fails, it returns NULL. In this case, usbnetstartxmit has no chance to free the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: tipc: re-fetching the skb context after calling tipcmsgvalidate As shown in the call trace, the original skb was freed during the execution of tipcmsgvalidate. Dereferencing the old skb context would cause a “use-after-free” cras...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: In the BPF code, ensure that skb-len != 0 when redirecting a packet to a tunneling device. The syzkaller function managed to trigger another case where skb-len == 0 when entering devqueuexmit. WARNING: CPU: 0, PID: 2470; Location...
Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: batman-adv: fixed OOB read/write in network-coding decode. batadvncskbdecodepacket relies on codedlen and only checks against skb-len. The XOR operation starts at sizeofstruct batadvunicastpacket, which reduces the payload...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: 6lowpan: resetting the link-local header in the IPv6 receive path The Bluetooth 6lowpan.c netdev module has the headerops function; therefore, it must set the link-local header for the RX skb. Otherwise, things will...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fixed a possible memory leak in the mt7915mcuaddsta routine. The allocated skb was freed in the mt7915mcuaddsta routine in case of failures...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: In the llc module, do not use skbget before devqueuexmit. The syzbot exploit can cause hosts to crash, especially when using llc and devices that do not support IFFTXSKBSHARING. In this case, the e1000 driver calls ethskbpad, whe...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: “aoe”: fixed the potential use-after-free issue in multiple locations. Regarding the fix for CVE-2023-6270, f98364e92662 “aoe: fixed the potential use-after-free issue in aoecmdcfgpkts” modifies the behavior so that the tx...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fixed a segmentation fault in rxecompqueuepkt. In rxecompqueuepkt, an incoming response packet is enqueued into the resppkts queue. Then, it is decided whether to run the completer task inline or schedule it. Finally, t...