1931 matches found
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fixed a deadlock in the “disable” sysfs attribute. The show and store callback routines for the “disable” sysfs attribute in port.c acquire the device lock for the port’s parent hub. This can cause problems if another...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: The code checks contexts-nr before accessing contextsarr0. Multiple sysfs command paths dereference contextsarr0 without first verifying that kdamond-contexts-nr == 1. A user can set nrcontexts to 0 via sysfs whil...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed a leak of kobject names for the sub-group spaceinfo. When the createspaceinfosubgroup function allocates elements of spaceinfo-subgroup, the kobjectinitandadd function is called for each element via...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: SUNRPC: Fixed null-ptr-deref when xps sysfs alloc fails. There is a null-ptr-deref when xps sysfs alloc fails: BUG: KASAN: null-ptr-deref in sysfsdocreatelinksd+0x40/0xd0 Reading a 8-byte value at address 0000000000000030 by...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: brdfiamac – Check for the probe id argument being NULL The probe id argument may be NULL in two scenarios: 1. When brdfiamacpciepmleaveD3 calls brdfiamacpcieprobe to reprobe the device. 2. When a user attempts to manually...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: thermal/core: A memory leak was fixed in thermalcoolingdeviceregister. I encountered a memory leak during the fault injection test. The unreferenced object is: 0xffff888010080000 size: 264312. The details of the memory leak are a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Thermal: Core – The putdevice function should only be called after deviceregister fails. putdevice should not be called before a previous call to deviceregister. thermalcoolingdeviceregister does not follow this principle...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: fixed the global sysfs attribute type. In commit 3666062b87ec “cpufreq: amd-pstate: move to use busgetdevroot”, the “amdpstate” attributes were moved from a dedicated kobject to the root kobject. While the...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Firmware: dmi-sysfs: Fixed a null-ptr-deref issue in dmisysfsregisterhandle. KASAN reported a null-ptr-deref error: KASAN: Null-ptr-deref in the range 0x0000000000000008-0x000000000000000f. CPU: 0; PID: 1373; Comm: modprobe...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: A buffer overflow has been fixed in the liootargetnaclinfoshow function. The function liootargetnaclinfoshow uses sprintf within a loop to print details for each iSCSI connection in a session, without checkin...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: fixed a memory leak in ocfs2stackglueinit The ocfs2tableheader should be freed in ocfs2stackglueinit if ocfs2sysfsinit fails; otherwise, kmemleak will report a memory leak. BUG: Memory leak Unreferenced object...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: extcon: The extcon device is modified to be created after the driver data is set. Currently, someone can invoke sysfs functions such as stateshow intermittently before devsetdrvdata is performed. This can lead to a kernel Oops...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: power: supply: ab8500: A memory leak has been fixed in ab8500fgsysfsinit. The kobjectinitandadd function takes a reference even when it fails. According to the documentation for kobjectinitandadd: if this function returns an erro...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/sunrpc: fixed potential memory leaks in rpcsysfsxprtstatechange. This issue occurs during certain error-handling paths. When the function fails to obtain the object xprt, it simply returns 0, forgetting to decrease the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: removed the callcontrol in inactive contexts. If the damoncall function is executed against a DAMON context that is not running, the function returns an error while keeping the damoncallcontrol object linked to the...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: drivers/base/node.c: fixed the issue of the compaction sysfs file leaking. The compaction sysfs file is created using compactionregisternode in registernode. However, we forgot to remove it in unregisternode. As a result, the...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed a use-after-free issue related to KFENCE violations during the sysfs firmware write process. During the sysfs firmware write process, a use-after-free read warning was logged from the lpfcwrobject routine: BUG:...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Driver Core: Fixed a resource leak in deviceadd. When kobjectadd fails in deviceadd, it will call cleanupgluedir to free resources. However, in kobjectadd, dev-kobj.parent has been set to NULL. This will cause a resource leak. Th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: block: Fixed a potential deadlock in blkiarangesysfsshow When reading a sysfs attribute, the attribute is already protected against removal due to the active reference counter of the kobject node. As a result, in...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: Protect references to superblock parameters exposed in sysfs The superblock buffers of nilfs2 can not only be overwritten at runtime for modifications/repairs, but they are also regularly swapped, replaced during resizing...