Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Drivers: tty: serial: Fixed a deadlock in sa1100settermios There is a deadlock in sa1100settermios, as shown below: Thread 1 | Thread 2 | sa1100enablems sa1100settermios | modtimer spinlockirqsave //1 | Wait for a while ... |...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciqca: It is necessary to call deltimersync before freeing a timer. A crash report indicated that the timer list might become corrupted when a timer is freed while still active. This issue is commonly caused by code...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fixed a race condition in SNDCTLDSPSYNC There is a small race condition in the sndpcmosssync function, which is called from OSS PCM SNDCTLDSPSYNC ioctl. Specifically, the function calls sndpcmossmakeready first, a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: rejecting malformed HCICMDSYNC commands In mgmthcicmdsync, check whether the size of the parameters passed in struct mgmtcphcicmdsync matches the total size of the data i.e., sizeofstruct mgmtcphcicmdsync plus th...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fixed the dereferencing of a null pointer in hcisyncconnCompleteEvt. This event is only specified for SCO and eSCO link types. Upon receiving a HCISynchronousConnectionComplete event for a BDADDR of an existing LE...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/msm: Another leak in the submit error path has been fixed. putunusedfd does not free the allocated file if we have already performed fdinstall. Therefore, we also need to free the syncfile. Patchwork:...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fixed a possible null-pointer dereference due to a data race in sndhdacregmapsync The variable codec-regmap is often protected by the lock codec-regmaplock when it is accessed. However, it is accessed without holding t...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fixed the issue of missing lock acquisition before performing sync reset reload operations. During sync reset reload operations, when a remote host updates devlink during the reload process, the lock acquisition before...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Timers: A race condition involving NULL function pointers was fixed in timershutdownsync. There is a race condition between timershutdownsync and timerexpiration, which can lead to a WARNON being triggered in expiretimers. The...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/smc: fixed an issue where a NULL pointer was dereferenced in smcibissgneedsync BUG: NULL pointer dereferencing in the kernel, address: 00000000000002ec PGD 0 P4D 0 Oops: 0000 1 SMP PTI CPU: 28 UID: 0 PID: 343 Comm: kworker/28...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Fixed use-after-free bugs caused by pn532CmdTimeout. When the pn532 UART device is detached, the pn532uartRemove function is called. However, there are no functions in pn532uartRemove that can delete the cmdTimeout...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: qat – Fix for the memory leak caused by ADFDEVRESET. Using completiondone to determine whether the caller has gone away only works after a complete call. Moreover, it’s still possible that the caller hasn’t yet called...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In md/raid10, the issue of null-ptr-deref in raid10syncrequest has been fixed. In initresync, the mempool is initialized, and conf-havereplacemnt is set to 0 at the beginning of the sync process. closesync frees the mempool when...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup The linked list elements and pointers are not stored in the same memory as the HDMA controller register. If the doorbell register is toggled...

Astra Linux – Vulnerability in Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: “sh: push-switch: Reorder cleanup operations to avoid use-after-free bug” The original code placed “flushwork” before “timershutdownsync” in “switchdrvremove”. Although we use “flushwork” to stop the worker, it could be reschedul...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/i915: mark requests for GuC virtual engines to avoid use-after-free. References to i915requests may be trapped by the user space within a syncfile or dmabuf dma-resv and held indefinitely across different processes. To counte...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: Use RCU for hciconnparams and iterate safely in hcisync. hciupdateacceptlistsync iterates over hdev-pendleconns and hdev-pendlereports, and waits for controller events within the loop body, without holding the hdev...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fixed the lockdep assertion that occurred during the sync reset unload event. The lockdep assertion was triggered during the sync reset unload event. When the sync reset flow is initiated using the devlink reload...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mips: bmips: BCM6358 – Ensure that CBR is set correctly. It was discovered that some devices have their CBR address set to 0, resulting in kernel panic when archsyncdmaforcpuall is called. This issue occurs when the system is...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: i40e: Fixed NULL pointer dereferencing in VSI filter synchronization. The issue of NULL pointer dereferencing in sync VSI filters has been eliminated. A new I40EVSIRELEASING flag was added to indicate the deletion and release of...