4357 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mapletree: Fixed potential out-of-bounds access in maswrendpiv. Check the write offset’s end bounds before using it as an offset into the pivot array. This prevents possible out-of-bounds access to the pivot array if the write...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Memory leaks have been fixed when rejecting a non-SINGLE data profile without an RST. At the end of btrfsloadblockgroupzoneinfo, the first thing we do is to ensure that if the mapping type is not a SINGLE one and there is ...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Avoid device tree lookups in rtasosterm. rtasosterm is called during panic. Its behavior depends on several conditions in the /rtas node of the device tree; traversing these nodes involves locking and changes to loc...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: cifs: fixed a potential race condition when creating a tree that connects to IPC. Protected access to TCPServerInfo::hostname when naming the IPC tree; this is because the name might be freed by the cifsd thread, potentially...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: Rejects invalid reloc tree root keys with stack dump. BUG Syzbot reported a crash that an ASSERT was triggered inside preparetomerge. This ASSERT ensures that the reloc tree is properly pointed back by its subvolume tree...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: btrfs: btrfssetheadergeneration must not be moved to after cleantreeblock, because cleantreeblock calls btrfsheadergeneration from commit 55c69072d6bd5be1 “Btrfs: Fix extentbuffer usage when nodesize != leafsize”. In...
Astra Linux – Vulnerability in SQLite3
SQLite 3.30.1 improperly handles certain parser-tree rewrites, related to files expr.c, vdbeaux.c, and window.c. This issue is caused by incorrect error handling in the sqlite3WindowRewrite function...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: fixed the re-dirty process of tree-log nodes There is a report of a transaction abort with the following script: !/bin/sh for d in sda sdb; do mkfs.btrfs -d single -m single -f /dev/$d done mount /dev/sda /mnt/test moun...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiqgswip: Fixed the reference count leak in gswipgphyfwlist. In every iteration of foreachavailablechildofnode, the reference count of the previous node is decremented. When exiting the foreachavailablechildofnode lo...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed the bug in estreesearch Hulk Robot reported a BUG: kernel BUG at fs/ext4/extentsstatus.c:199! ... RIP: 0010:ext4esend fs/ext4/extentsstatus.c:199 inline RIP: 0010:estreesearch+0x1e0/0x260 fs/ext4/extentsstatus.c:21...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Net: DSA: Fix for panic upon shutdown if the multi-chip tree fails to probe. DSA probing is atypical because the device tree must probe all devices at once. Thus, out of N switches that call dsatreesetuproutingtable during probin...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Firmware: armscpi: Fixed string overflow in the SCPI genpd driver. Without the bounds checks for scpipd-name, a buffer overflow could occur when copying the SCPI device name from the corresponding device tree node. This occurs...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: Adjust the subpage bit start based on the sector size. When running machines with a 64k page size and a 16k node size, we began to encounter tree log corruption in production. This occurred because we sometimes did not wri...
Astra Linux – Vulnerability in Linux 5.15
A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw occurs during the handling of the SMB2TREECONNECT and SMB2QUERYINFO commands. The issue arises from the lack of proper validation of a pointer before accessing it. An...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Fixed error handling in sndprotoprobe. The devicenode pointer is returned by ofparsephandle, with the refcount incremented. We should use ofnodeput on it after that operation. This function only calls ofnodeput in th...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: - clk: tegra20: Fixed a refcount leak in tegra20clockinit. - offindmatchingnode returns a node pointer with a refcount incremented. We should use ofnodeput on it when there is no longer a need for it. - Added the missing...
Astra Linux – Vulnerability in Linux 5.15
A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw exists in the processing of SMB2TREEDISCONNECT commands. The issue arises due to the lack of proper locking when performing operations on an object. An attacker can exploit...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: pinctrl: canaan: k230: added a NULL check in DT parsing. A NULL check was also added for the return value of ofgetproperty when retrieving the “pinmux” property in the group parser. This prevents a potential NULL pointer...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: Fixed the order of DT parsing and pinctrl registration. The order of operations has been changed—DT parsing is performed before pinctrl registration. This ensures that device tree parsing is done before...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Fixed corruption in the blockgrouptree dirtylist. When the incompat flag EXTENTTREEV2 is set, we unconditionally add the block group tree to the switchcommits list before calling switchcommitroots, just like we do for t...