12601 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: LoongArch: Optimized module load time by optimizing PLT/GOT counting. When CONFIGKASAN, CONFIGPREEMPTVOLUNTARYBUILD, and CONFIGPREEMPTVOLUNTARY are enabled simultaneously, a soft deadlock may occur. The relevant logs are as...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: A potential memory leak was fixed in qedrallocmr. The qedrallocmr function allocates a memory chunk for “mr-info.pbltable” using initmrinfo. When rdmaalloctid and rdmaregistertid fail, “mr” is released, but...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: hinic: fixed a memory leak when reading the function table. When the input parameter idx matches the expected case option in hinicdbggetfunctable, the readdata variable is not released properly. This issue has been addressed...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: geni-se: fixed an array underflow issue in geniseclktblget. This loop is supposed to break if the frequency returned by clkroundrate is the same as that of the previous iteration. However, that check doesn’t make sense...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mm/pagetablecheck: A crash occurred when checking ZONEDEVICE. Not all pages apply to the pgtable check. An example is ZONEDEVICE pages: they directly map PFNs, and they never allocate pageext, even if there’s a struct page around...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/hsmp: Ensure that sock-metrictbladdr is non-NULL. If the metric table address is not allocated, accessing metricsbin will result in a NULL pointer dereference; therefore, a check must be added...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: iommu/vt-d: debugfs: Fixed the legacy mode page table dump logic In legacy mode, SSPTPTR is ignored if TT is not 00b or 01b. SSPTPTR might be uninitialized or zero in that case, and may cause errors like: - Oops: General...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390replaceasce, the index of the new ASCE should also be set to 0. Using th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RISCV: Sanitizing syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospec to clamp this value after the bounds check, to prevent speculativ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iommufd: Do not add the same hwpt to the ioas-hwptlist twice. The hwpt is only added to the hwptlist during its creation; it is never added again. This issue seems to be leftover from previous revisions. Adding an hwpt twice may...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: idpf: Fixed the issue where the RSS LUT NULL pointer dereference occurred after a soft reset. During a soft reset, the RSS LUT is freed and not restored unless the interface is active. If an ethtool command that accesses the R...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD After i915vmapinww is completed, a synchronous variant of dmafenceworkcommit is called. When pinning a VMA to GGTT address space on a Cherry View family processor...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fixed the type of the second parameter in the odneditdpmtable callback. With Clang’s kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: The issue involves fixing a use-after-free condition in lazyopptables after delaying the probe operation. When the function devpmoppoffindiccpaths in allocateopptable returns -EPROBEDEFER, the opptable is freed again, and the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed the missing iop in ntfsreadmft. There is a null pointer dereference issue because iop == NULL. The bug occurs because we do not initialize iop for records in $Extend$...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Do not allow CHAINID to refer to another table. When performing lookups for chains within the same batch using their IDs, a chain from a different table can be utilized. If a rule is added to a table but refe...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: x86/mm/64: Defined ARCHPAGETABLESYNCMASK and archsynckernelmappings. These definitions ensure that page tables are properly synchronized when calling pdpopulatekernel. For 5-level paging, synchronization is performed via...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Fixed the incorrect assignment of a signed error value to unsigned fwlevel. Although the acpifindlastcachelevel function always returns a signed value, and the documentation states that it will return any errors...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed the sanity check on the destination blkaddr during recovery. As Wenqing Liu reported in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 loop5: detected a change in capacity from 0 to 131072. F2FS-fs...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Add acpiputtable to prevent a memory leak. When the radeon driver reads BIOS information from the ACPI table in radeonacpivfctbios, it fails to call acpiputtable to release the ACPI memory after initialization...