10713 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: In mm/pagealloc, the value page-private is cleared during the freepagesprepare function. Several subsystems slub, shmem, ttm, etc. use page-private, but they do not clear it before freeing pages. When these pages are later...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fixed a null-ptr-deref in iptablenattableinit. We received a report that iptables-restore sometimes triggered a null-ptr-deref at boot time. 0 The issue arises because iptablenattableinit is exposed to user...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: Clear the scratchpt pointer in case of errors. Avoid triggering a dereference of an error pointer during cleanup in xevmfreescratch, by clearing any scratchpt error pointers. Selected from commit...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: fixed a double-free issue during the unloading of the amdgpu module Flexible endpoints use DIGs from available inflexible endpoints; therefore, only the encoders of inflexible links need to be freed. Otherwise...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: atm: Fix NULL pointer dereference When MPOAcacheimposrcvd receives the msg, it can trigger the Null Pointer Dereference Vulnerability if both entry and holdingtime are NULL. Because there is only for the situation where entry is...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fixed a potential buffer overflow caused by snprintf. snprintf returns the potentially filled size when the string exceeds the given buffer size. Therefore, using this value may lead to a buffer overflow althoug...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: jbd2: removed the incorrect sb-ssequence check. The emptiness of the journal is determined not by sb-ssequence == 0, but rather by sb-sstart == 0 which is set a few lines above. Moreover, 0 is a valid transaction ID, so the check...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: An error occurred in usbsubmiturb, causing the URB to be unanchored before it is processed by gsusbreceivebulkcallback. In commit 7352e1d5932a “can: gsusb: gsusbreceivebulkcallback: fix URB...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Audit: Fixed an out-of-bounds read in auditcomparednamepath. When a watch on dir=/ is combined with an fsnotify event for a single-character name directly under / e.g., creating /a, an out-of-bounds read can occur in...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/csdspctl: Use privatefree for controlling cleanup. Use the privatefree callback to free the associated data structures. This ensures that the memory will not leak, regardless of how the control objects are destroyed. Th...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: md: making rdevaddable usable for rcu mode. Our testcase triggered a panic: BUG: Kernel NULL pointer dereferencing, address: 00000000000000e0 … Oops: 0000 1 SMP NOPTI CPU: 2 UID: 0 PID: 85 Comm: kworker/2:1 Not tainted 6.16.0+ 94...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: configfs: Fix a race condition in configfs,unregistersubsystem. When configfsregistersubsystem or configfsunregistersubsystem is executing linkgroup or unlinkgroup, it is possible that two processes add or delete elements from th...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: stm32-csi: The dereference operation was corrected before the NULL check. In stm32csistart, the variable csidev-ssubdev is dereferenced directly when assigning a value to srcpad. However, the same value is then checked...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fixed a possible memory leak if deviceadd fails. If deviceadd returns an error, the name allocated by devsetname needs to be freed. As noted in the comments for deviceadd, putdevice should be used to release the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: md: Avoid repeated calls to delgendisk. There is a UAF Uninitialized Address Fault issue that was detected during case 23rdev-lifetime. Oops: General Protection Fault; likely due to a non-canonical address of 0xdead000000000122...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: wifi: cfg80211: The process of initializing wiphywork before allocating rfkill fails. The issue syzbort reported an uninitialized wiphyworklock in cfg80211devfree. 1 When the allocation of rfkill fails, the wiphy release proce...
Astra Linux - уязвимость в parsec
The vulnerability of the psaud utility within the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux - уязвимость в parsec
The vulnerability of the parsecmdlin function in the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux - уязвимость в parsec
The vulnerability of the pdp-ls utility in the PARSEC security subsystem is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fixed possible out-of-bounds accesses to addldescptr. Sanitized possible out-of-bounds accesses to addldescptr in sesenclosuredataprocess...