3951 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: platform: exynos4-is: Added a hardware sync wait to fimcishwchangemode In fimcishwchangemode, the function changes camera modes without waiting for hardware completion. This can lead to corrupted data or a system hanging i...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: A leak was fixed in devfreqdevrelease. The srcuinitnotifierhead function allocates resources that need to be released using a srcucleanupnotifierhead call. Reported by kmemleak...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Handle the deactivation of DBCs when the owner leaves. When a DBC is released, the device sends a QAICTRANSDEACTIVATEFROMDEV transaction to the host via the QAICCONTROL MHI channel. QAIC handles this by calling...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Fixed a deadlock in the tc route query code The cited commit caused a ABBA deadlock0 when peer flows were created while holding the devcom rw semaphore. Due to the peer flow offload implementation, the lock is taken...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: cxl: Fixed a race condition involving the nvdimmbus object when creating nvdimm objects. A issue was found during the execution of the cxl-translate.sh unit test. Adding a 3-second sleep right before the test seems to make the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: When performing a btrfs mount, the block device is not set correctly. The user sets the block size of the block device to 0x4000 by executing the BLKBSZSET command. Since changing the block size also affects the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Synchronize interrupts before suspending the GPU. The runtime PM suspend callback does not know whether the IRQ handler is in progress on a different CPU core and therefore does not wait for it to finish. Dependi...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: MGMT: Fixed a possible crash when calling mgmtindexremoved. If mgmtindexremoved is called while there are commands queued for cmdsync, it could lead to crashes, as shown in the following trace: 0x0000053D:...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: atm: nicstar: Fixed a possible use-after-free in nicstarcleanup The remove path of this module calls deltimer. However, that function does not wait until the timer handler finishes. This means that the timer handler may still be...
Astra Linux – Vulnerability in NTP
In ntp 4.2.8p10, 4.2.8p11, 4.2.8p12, and 4.2.8p13, remote attackers can prevent a broadcast client from synchronizing its clock with a broadcast NTP server through soofed modes 3 and 5. The attacker must either be part of the same broadcast network or control a slave device in that broadcast...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: vxlan: vnifilter: Fixed the issue where the default FDB entry was deleted without holding the hash lock. When a VNI is deleted from a VXLAN device in ‘vnifilter’ mode, the FDB entry associated with the default remote assuming one...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access between the reset thread and the TM thread for reply queues. When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an inval...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Immediately reset the MMU context when the SMM flag is cleared The MMU context should be reset immediately when the SMM flag of the vCPU is cleared, so that the SMM flag in the MMU context is always synchronized with th...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsllpuart: fixed a race condition during RX DMA shutdown. From time to time, DMA completion can occur mid-way through the DMA shutdown process: : lpuart32shutdown lpuartdmashutdown deltimersync lpuartdmarxcomplete...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ext4: The issue where inline data checks might be performed during dio write operations has been fixed. According to syzbot, the following warning from ext4iomapbegin is triggered as of the referenced commit: c if...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Avoid consuming a stale esr value when an SError occurs When any exception other than an IRQ occurs, the CPU updates the ESREL2 register with the exception syndrome. An SError may also become pending, and will be...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: netupunidvb: fix use-after-free at deltimer When the Universal DVB card is being detached, netupunidvbdmafini uses deltimer to stop the dma-timeout timer. However, when the timer handler netupunidvbdmatimeout is running,...
Astra Linux – Vulnerability in NTP
In NTP versions prior to 4.2.8p14 and 4.3.x before 4.3.100, ntpd allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address. This occurs because transmissions are rescheduled even when a packet lacks a valid origin timestamp...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: SEV – Lock all vCPUs when synchronizing VMSAs for SNP launch completion. Lock all vCPUs when synchronizing and encrypting VMSAs for SNP guests. Allowing the user space to manipulate or run a vCPU while its state is being...
Incorrect Synchronization
Overview Affected versions of this package are vulnerable to Incorrect Synchronization in the doProlog function in xmlparse.c due to improper handling of scaffold backing array reallocation when data structures are shared across multiple parsers. An attacker can achieve arbitrary code execution o...