11254 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
A flaw in the Linux kernel was discovered in the i740 driver. The userspace program can pass any value to the driver through the ioctl interface. The driver does not check the value of ‘pixclock’, which may lead to a division by zero error...
Astra Linux – Vulnerability in openimageio
There are multiple code execution vulnerabilities in the IFFOutput::close function of the OpenImageIO Project, specifically in OpenImageIO v2.4.4.2. A specially crafted ImageOutput object can lead to a heap buffer overflow. An attacker can provide malicious input to exploit these vulnerabilities...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: bdisp: Added a missing check for createworkqueue. Added a check on the return value of createworkqueue to avoid dereferencing a NULL pointer...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: flowtable: account for Ethernet header in nfflowpppoeproto syzbot found a potential access to uninit-value in nfflowpppoeproto The responsible commit forgot to account for the Ethernet header. BUG: KMSAN: uninit-val...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: - Do not allow gsosize to be set to GSOBYFRAGS. One missing check in virtionethdrtoskb allowed syzbot to crash kernels again 1. Do not allow gsosize to be set to GSOBYFRAGS 0xffff, because this magic value is used by the kerne...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: rtw89 – fixed the potential zero beacon interval in beacon tracking. During fuzz testing, it was discovered that bssconf-beaconint might be zero, which could lead to a division by zero error in subsequent calculations. If t...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed errors caused by “off-by-one” values when filling blocks with tlv entries during fast-commit operations. Due to several “off-by-one” errors, or perhaps due to a late change in design that wasn’t fully reflected in...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mmc: omaphsmmc: fixed the return value check in mmcaddhost The mmcaddhost function may return an error. If we ignore its return value, it will cause two issues: 1. The memory allocated in mmcallochost may be leaked. 2. In the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: parisc: Clearing stale IIR values during Instruction Access Rights Trap When a trap 7 Instruction Access Rights occurs, it means that the CPU could not execute an instruction due to missing execute permissions on the memory regio...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Media: i2c: ar0521: Use the CANsleep version of gpiodsetvalue If we use GPIO reset from the I2C port expander, we must use the CANsleep variant of GPIO functions. This was not done in the ar0521poweron/ar0521poweroff functions...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: mm/mempolicy: fixed an issue where uninit-value was present in mpolrebindpolicy. mpolsetnodemask mm/mempolicy.c does not set the nodemask when pol-mode is MPOLLOCAL. Check pol-mode before accessing pol-w.cpusetmemsallowed in...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mxser: fixed the xmitbuf leak in activate when LSR == 0xff. When LSR is 0xff during the call to -activate, we return an error. It’s important to note that the -shutdown function is not called when -activate fails. In this case,...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Staging: rtl8712: fixed an issue where uninit-value was present in r871xudrvinit. When ‘tmpU1b’ returns from r8712read8padapter, EE9346CR is 0, ‘mac6’ will not be initialized. BUG: KMSAN: uninit-value in r871xudrvinit+0x2d54/0x30...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: fixed an uninitialized value in caifseqpktsendmsg. When nrsegs equals zero in iovecfromuser, the object msg-msgiter.iov contains uninitialized stack memory, which is used in caifseqpktsendmsg. This behavior is defined in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Prevention of division by zero The user can set any speed value. If the speed is greater than UINTMAX/8, a division by zero is possible. Found by the Linux Verification Center linuxtesting.org with SVACE...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Prevention of division by zero The user can set any speed value. If the speed is greater than UINTMAX/8, a division by zero is possible. Found by the Linux Verification Center linuxtesting.org with SVACE...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: Added a check for the value “plane”. The function dispcovlsetup is not intended to work with the value OMAPDSSWB of the plane enum parameter. The value of this parameter is initialized in dssinitoverlays, and in th...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: cx88: A null-ptr-deref bug was fixed in the bufferprepare function. When the driver calls cx88riscbuffer to prepare the buffer, the function call may fail, resulting in an empty buffer and a null-ptr-deref later in the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Drivers: perf: Check the return value of findfirstbit We must check the return value of findfirstbit before using its value as an index array, as it may cause the array to overflow, leading to a panic: 107.318430 Kernel BUG 1...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ksmbd: The race condition related to PreauhHashValue has been fixed. If a client sends multiple session setup requests to ksmbd, a race condition related to PreauhHashValue may occur. There is no need to free sess-PreauhHashValue...