Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: workqueue: The issue related to the selection of wakecpu in kickpool has been fixed. With cpupossiblemask=0-63 and cpuonlinemask=0-7, the following kernel error was observed: smp: Attempting to bring up secondary CPUs… smp: 1 nod...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: Do not wait in vain when unloading the module. There was a race condition in the module exit path, where there was a conflict between deleting all controllers and freeing the “leftover IDs”. To prevent double-freeing, a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: pcigeneric: Remove the WQMEMRECLAIM flag from the state workqueue. A recent change created a dedicated workqueue for the state-change work, with WQHIGHPRI and WQMEMRECLAIM flags. However, the state-change work...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb:typec:ucsi: Fixed NULL pointer access issues. Resources should only be released after all threads that utilize them have been destroyed. This commit ensures that resources are not released prematurely by waiting for the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/sched: Check the scheduler work queue before calling timeout handling During an IGT GPU reset test, we still encounter an oops error, despite the commit 0c8c901aaaebc9 drm/sched: Check the scheduler ready before calling timeo...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: acct: performs the last write operation from the workqueue. In 1, it was reported that the acct2 system call can be used to trigger a NULL derefrence in cases where it is set to write to a file that triggers an internal lookup...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Remove WQMEMRECLAIM from storvscerrorwq The storvscerrorwq workqueue should not be marked as WQMEMRECLAIM, as it does not need to retain the status of forward progress under memory pressure. Marking this workqueue ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: “Revert ‘drm/msm: Add missing check and destroy for allocorderedworkqueue’” This change is reflected in commit 643b7d0869cc7f1f7a5ac7ca6bd25d88f54e31d0. A recent patch attempted to fix the issues related to msmdrminit, but it...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fixed a UAF issue in f2fsinodeinfo during f2fsfreedic. The decompressioctx may be released asynchronously after I/O completion. If this file is deleted immediately after reading, and the kworker responsible for...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: workqueue: fixed a data race with the pwq-stats increment KCSAN has identified a data race in kernel/workqueue.c:2598: 1863.554079 ================================================================== 1863.554118 BUG: KCSAN: data-ra...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: A condition was added for scheduling kszmibreadwork. When the ksz module is installed or removed using rmmod, the kernel crashes with a null pointer dereference error. During rmmod, the kszswitchremove functi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fixed the issue where the workqueue was not released upon calling .release. The workqueue associated with a DSA/IAA device is not released when the object is freed...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: netdevsim: use condresched in nsimdevtrapreportwork I am still seeing many syzbot reports hinting that syzbot might fool nsimdevtrapreportwork with hundreds of ports 1 Lets use condresched, and systemunboundwq instead of implicit...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always drain health during the shutdown callback. There is no point in performing recovery operations during device shutdown. If health-related tasks are initiated, one must wait until they are completed to avoid race...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcicore: cancels all operations upon calling hciunregisterdev syzbot reports that calling hcireleasedev from hcierrorreset can cause a deadlock at destroyworkqueue. This occurs because hcierrorreset is called from...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: cifs: fixed the potential use of a null pointer in destroyworkqueue within the error path of initcifs. Dan Carpenter reported a Smack static checker warning: fs/smb/client/cifsfs.c:1981 initcifs Error: We previously assumed th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Media: MediTech; vcodec: Fix for use-after-free in the encoder release path. The fopsvcodecrelease function frees the context structure ctx without first canceling any pending or ongoing operations in ctx-encodework. This creates...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Moving vbus draw to the workqueue context Currently, the dwc3gadgetvbusdraw function can be called from an atomic context. This, in turn, invokes APIs from the power-supply-core. Some of these PMIC APIs have...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Lag, fix failure to cancel delayed bond work The commit 0d4e8ed139d8 “net/mlx5: Lag, avoid lockdep warnings” accidentally removed a call to cancel delayed bond work. This may cause queued delays to expire and affect wor...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: lan966x: Fixed a potential nullptrderef in lan966xstatsinit. lan966xstatsinit calls createsinglethreadworkqueue, without checking the return value. This may result in NULL being returned. A nullptrderef could occur:...