1904 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: brdfiamac – Check for the probe id argument being NULL The probe id argument may be NULL in two scenarios: 1. When brdfiamacpciepmleaveD3 calls brdfiamacpcieprobe to reprobe the device. 2. When a user attempts to manually...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: safesetid: Check the size of policy writes. syzbot attempts to write a buffer with a large size to a sysfs entry. The writing is handled by handlepolicyupdate, which triggers a warning in kmalloc. Check the size specified for the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: removed the callcontrol in inactive contexts. If the damoncall function is executed against a DAMON context that is not running, the function returns an error while keeping the damoncallcontrol object linked to the...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: drivers/base/node.c: fixed the issue of the compaction sysfs file leaking. The compaction sysfs file is created using compactionregisternode in registernode. However, we forgot to remove it in unregisternode. As a result, the...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: core: sysfs: Fix a hang issue when the device state is set via sysfs This fix addresses a regression introduced in the commit f0f82e2476f6 “scsi: core: Fix capacity setting to zero after offlineizing a device”. The issue...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Thermal: Core – The putdevice function should only be called after deviceregister fails. putdevice should not be called before a previous call to deviceregister. thermalcoolingdeviceregister does not follow this principle...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Platform/x86: dell-wmi-sysman: Fixed the retrieval of WMI data blocks in sysfs callbacks. After retrieving WMI data blocks through sysfs callbacks, it is necessary to check the validity of these data blocks before dereferencing...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed a use-after-free issue related to KFENCE violations during the sysfs firmware write process. During the sysfs firmware write process, a use-after-free read warning was logged from the lpfcwrobject routine: BUG:...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: iio: core: fix a memory leak in iiodeviceregistersysfs When iiodeviceregistersysfsgroup fails, we should free iiodevopaque-chanattrgroup.attrs to prevent potential memory leaks...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Platform/Mellanox: mlxbf-pmc – added sysfsattrinit to countClock initialization. The lock-related debugging logic CONFIGLOCKSTAT in the kernel issues the following warning when the BlueField-3 SOC is booted: BUG: The key...
Astra Linux – Vulnerability in Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: fbdev: efifb: Registering sysfs groups through the driver core. The driver core can already register and clean up sysfs groups. Make use of this functionality to simplify error handling and cleanup processes. Additionally, a UAF...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: sysctl: Always initialize iuid/igid. iuid/igid is always initialized within the sysfs core, so setownership can safely skip setting them. The commit 5ec27ec735ba from “fs/proc/procsysctl.c: fix the default values of iuid/igid on...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: blk-mq: Check the kobject creation status in sysfs before deleting it in blkmqunregisterhctx. In the function blkmqupdatenrHWqueues, the return value of blkmqsysfsregisterhctxs is not checked. If the creation of hctxs in sysfs...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: iio: trigger: sysfs: fix use-after-free on remove Ensure that the irqwork has completed before the trigger is freed. ================================================================== BUG: KASAN: use-after-free in irqworkrunli...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: block: Fixed a potential deadlock in blkiarangesysfsshow When reading a sysfs attribute, the attribute is already protected against removal due to the active reference counter of the kobject node. As a result, in...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: sysfs: Prevent division by zero This issue prevents division by zero when monitoring is not enabled...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: cpufreq: The completion function is called before kobjectinitandadd. In cpufreqpolicyalloc, the uninitialized completion function is called in cpufreqsysfsrelease when kobjectinitandadd fails. This will cause a crash, such as a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ptp: Ensure that info-enable callback is always set. The ioctl and sysfs handlers call the -enable callback unconditionally. Not all drivers implement this callback, resulting in NULL dereferencing. Examples of affected drivers:...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fixed a deadlock in the “disable” sysfs attribute. The show and store callback routines for the “disable” sysfs attribute in port.c acquire the device lock for the port’s parent hub. This can cause problems if another...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: power: supply: ab8500: A memory leak has been fixed in ab8500fgsysfsinit. The kobjectinitandadd function takes a reference even when it fails. According to the documentation for kobjectinitandadd: if this function returns an erro...