12253 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: TCP: Handle the mixed use of splice/sendmsgMSGZEROCOPY cases syzbot has found that mixing calls to sendpage and sendmsgMSGZEROCOPY using the same TCP socket will once again trigger the infamous warning in inetsockdestruct. c...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: Fixed a memory leak in mt7615mcuwtblstaadd. In mt7615mcuwtblstaadd, an skb object named sskb is allocated. If the subsequent call to mt76connacmcuallocwtblreq fails, the function returns an error without freeing the...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: Fixed null-ptr-deref in socklockinitclassandname and rmmod. When I ran the reproduction steps and waited for a few seconds, I observed two LOCKDEP errors: a warning followed immediately by a null-ptr-deref. Reproduction Step...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerability has been resolved: sctp: Set skstate back to CLOSED if autobind fails in sctplistenstart. In sctplistenstart called by sctpinetlisten, it should set skstate back to CLOSED if sctpautobind fails for any reason. Otherwise, the next time sctpinetliste...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: can: j1939: fixed Use-after-Free, failed to increment the ref count of a skb while it was in use. This patch addresses a Use-after-Free issue identified by the syzbot. The problem arises when a skb is taken from the per-session s...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: netrom: Decreases the sock refcount when the sock timer expires. The commit 63346650c1a9 “netrom: switch to the sock timer API” switched to using the sock timer API. It replaces modtimer with skresettimer, and deltimer with...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: fixed race conditions in scosockconnect The scosockconnect function checks skstate and sktype without holding the socket lock. Two concurrent connect system calls on the same socket can both pass the check and ent...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: In the rose function, there is an issue where an invalid array index is used in the rosekillbydevice function. This function collects sockets into a local array, and then iterates over those arrays to disconnect sockets bound to...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: kcm: Fixed error handling for SOCKDGRAM in kcmsendmsg. syzkaller discovered a memory leak in kcmsendmsg, and the commit c821a88bd720 "kcm: Fix memory leak in the error path of kcmsendmsg" suppressed this issue by updating...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: espintcp: fixed skb leaks. Several error paths now include a kfreeskb...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: Do not leave a dangling sk pointer in ieee802154create sockinitdata attaches the allocated sk object to the provided sock object. If ieee802154create fails later, the allocated sk object is freed, but the danglin...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDRPORTANY. It is possible for a vsock to automatically bind itself to VMADDRPORTANY. This can lead to a “use-after-free” issue when a connection is established to the bound socket. The socket...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: The length of the packet header is validated before calling skbPut. When receiving a vsock packet in the guest, only the size of the virtqueue buffer is validated prior to calling virtiovsockskbrxPut. Unfortunately,...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: udp: fixed the race condition between close and udpabort Kaustubh reported and diagnosed a panic condition in udpliblookup. The root cause is that udpabort races with close. Both functions attempt to acquire the socket lock, but...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: BPF, sockmap: Fixed a potential memory leak in an unlikely error case. If the skblinearize function is needed and fails, we might leak a message during error handling. To fix this issue, we must free the message buffer before...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net/rds: Fixed a circular locking dependency in rdstcptune syzbot reported a circular locking dependency in rdstcptune, where sknetrefcntupgrade is called while holding the socket lock:...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanreadfifo: fix memory leak in error branch In mcanreadfifo, if the second call to mcanfiforead fails, the function jumps to the out Fail label and returns without calling mcanreceiveskb. This means that the skb...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
The btsockrecvmsg function in net/bluetooth/afbluetooth.c in the Linux kernel, as of version 6.6.8, has a use-after-free issue due to a race condition involving btsockioctl...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: gtp: The device is destroyed along with the dismantling of the UDP socket’s netns. The gtpnewlink function links the device to the list in devnet dev, instead of srcnet, where an UDP tunnel socket is created. Even when srcnet ...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: Avoid leaving a dangling sk pointer in rfcommsockalloc btsockalloc attaches the allocated sk object to the provided sock object. If rfcommdlcalloc fails, we release the sk object, but leave a dangling pointer i...