5890 matches found
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fixed a use-after-free issue when reverting the termination table. When there are multiple destinations with termination tables, and the second one or later fails, the driver reverts the use of termination tables, but...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: - In fuse: Access to the “folio” field was blocked due to an overflow issue. - syz reported a slab-out-of-bounds Write operation in fusedevdowrite. When the number of bytes to be retrieved is truncated to the upper limit by...
Astra Linux – Vulnerability in Linux
The fix for XSA-365 includes the initialization of pointers so that subsequent cleanup code would not use uninitialized or stale values. However, this initialization went too far and may, under certain conditions, also overwrite pointers that need to be cleaned up. The lack of cleanup would resul...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ice: Ensure that the copied buffer is terminated with NUL characters. Currently, we allocate a kernel buffer of a certain size and copy a certain number of bytes from user space to that buffer. Later, we use sscanf on this buffer...
Astra Linux – Vulnerability in libwebp
A flaw was discovered in libwebp in versions prior to 1.0.1. A use-after-free vulnerability was identified due to a thread being terminated prematurely. The greatest threat posed by this vulnerability is related to data confidentiality and integrity, as well as system availability...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In media: iris: gen2, a sanity check for session termination was added. In iriskillsession, inst-state is set to IRISINSTERROR, and sessionclose is executed, which will free memory allocated to insthfigen2-packet. If stopstreamin...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: wifi: brcmfmac: Fixed a potential stack-out-of-bounds situation in brcmfcpreinitdcmds. This patch fixes a read operation that leads to a stack-out-of-bounds condition when the buffer ‘buf’ that is not null-terminated is passed...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/damon/stat: Deallocating the damoncall function fails, resulting in the damonctx object being leaked. The damonstatstart function always allocates the module’s damonctx object damonstatcontext. However, if the damoncall functi...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: netconsole: Avoid out-of-band OOB reads; the message is not terminated with nul. The message passed to netconsole from the console subsystem is not guaranteed to be terminated with nul. Before the recent commit 7eab73b18630...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iio: dac: ad3552r-hs: fix out-of-bound write in ad3552rhswritedatasource When the simplewritetobuffer function succeeds, it returns the number of bytes actually copied to the buffer. The code incorrectly uses “count” as the index...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: brcmfmac: Ensure that the CLM version is terminated with null characters to prevent a stack-out-of-bounds issue. A stack-out-of-bounds read occurs in brcmfmac when a buffer that is not terminated with null characters is...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: f2fs: Explicitly terminate the xattr list with a null character. When setting an xattr, ensure that the xattr list is explicitly terminated with a null character. This eliminates the fragile assumption that the unused xattr space...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: s390/cio: Ensure that the copied buf is terminated with NUL characters. Currently, we allocate a kernel buffer of size lbuf and copy lbuf from userspace to that buffer. Later, we use the scanf function on this buffer, but we do n...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: erofs: set fileio bio failed in short read case For file-backed mounts, IO requests are handled by vfsiocbiterread. However, it can be interrupted by SIGKILL, resulting in the number of bytes actually copied. Unused folios in the...
Astra Linux – Vulnerability in libsoup2.4
A vulnerability was discovered in the libsoup package. This flaw arises from its failure to correctly verify the termination of multipart HTTP messages. This could allow a remote attacker to send a specially crafted multipart HTTP body, causing the libsoup-consuming server to read beyond its...
Astra Linux – Vulnerability in Linux 5.10
A NULL pointer dereference flaw was discovered in the Linux kernel’s X.25 set of standardized network protocol functions. This flaw allows a local user to crash the system by terminating their session using a simulated Ethernet card while continuing to use that connection...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsllpuart: fixed a race condition during RX DMA shutdown. From time to time, DMA completion can occur mid-way through the DMA shutdown process: : lpuart32shutdown lpuartdmashutdown deltimersync lpuartdmarxcomplete...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: dbg-tlv: Ensure NUL termination The iwlfwiunidebuginfotlv is used as a string; therefore, we must ensure that the string is terminated correctly before using it...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: SCSI: BFA – Ensure that the copied buffer is terminated with NUL characters. Currently, we allocate a kernel buffer of size nbytes and copy nbytes from user space to that buffer. Later, we use sscanf on this buffer, but we do not...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such an entry to the end of the arrays where it is missing, in order to avoid...