Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: iwl3945: Added a check for the return value of createsinglethreadworkqueue to avoid NULL pointer dereferencing...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: Added a missing check for allocorderedworkqueue. Added a check on the return value of allocorderedworkqueue, as it may return a NULL pointer, leading to a NULL pointer dereferencing issue. Patch details:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Fixed the inversion dependency warning when enabling IPsec tunnel. Attempts to enable IPsec packet offloading in tunnel mode in the debug kernel generate the following kernel panic, due to two issues: 1. In the SA a...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Do not use the WQMEMRECLAIM flag for the workqueue. The issue was reported by a customer during SRIOV testing. When both the i40e and i40iw drivers are loaded, a warning is triggered in the checkFlushDependency function...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: stmmac: Clearing the variable when destroying the workqueue Currently, when suspending the driver and stopping the workqueue, it is checked whether workqueue is not NULL. If it is NULL, the workqueue is destroyed. The function...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iavf: Fixed error handling in iavfinitmodule. iavfinitmodule no longer destroys the workqueue when pciregisterdriver fails. Call destroyworkqueue when pciregisterdriver fails to prevent resource leaks. This is similar to the...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: EFI: Fixed a NULL dereference in the initialization error path. In cases where runtime services are not supported or have been disabled, the runtime services workqueue will never be allocated. Do not attempt to destroy the...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: smb: In the server module, the function ksmbdrdmastoplistening was split from the ksmbdrdmaDestroy function. We cannot call destroyworkqueuesmbdirectwq before stopsessions. Otherwise, existing connections will attempt to use...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: netpoll: Initialize the work queue before error checks. A kernel warning is prevented when the netconsole setup fails on devices with the IFFDISABLENETPOLL flag. The warning occurs because the cleanup path attempts to cancel...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fixed an issue where double destroyworkqueue occurred during the service rescan PCI path operation. While testing corner cases in the driver, a use-after-free crash was discovered during the service rescan PCI path...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nvmet: moving async event work off nvmet-wq For the target function nvmetctrlfree, the variable ctrl-asynceventwork is flushed. If nvmetctrlfree runs on nvmet-wq, the flush re-enters the workqueue completion for the same worker. ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mptcp: fixed an UaF issue in listener shutdown According to Christoph’s report after refactoring the passive socket initialization, the mptcp listener shutdown path is vulnerable to an UaF issue. BUG: KASAN: use-after-free in...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netlink: terminate outstanding dump on socket close netlink supports iterative dumping of data. It provides the following operations: - start – Optional Initiates the dumping process. - dump – The actual dumping process; this...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: IB/mlx5: Fixed error handling during the init stage to avoid double-freeing of the same QP and UAF. In the unlikely event that workqueue allocation fails and returns NULL in mlx5mkeycacheinit, delete the call to...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Converted spinlock to mutex to lock the evlworkqueue. drainworkqueue cannot be called safely in a spinlocked context due to possible task rescheduling. In the multi-task scenario, calling queuework while...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: A deadlock occurs when the svm range restore operation is performed at process exit. The issue arises from the following sequence of operations: kfdprocessnotifierrelease flushes svmrangerestorework, which in turn cal...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ice: Do not use the WQMEMRECLAIM flag for the workqueue. When both ice and the irdma driver are loaded, a warning is triggered in checkFlushDependency. This occurs because the ice driver’s workqueue is allocated with the...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: drm: omapdrm: Added a check for the missing allocorderedworkqueue return value. This vulnerability could potentially lead to a NULL pointer being dereferenced, causing issues. Therefore, a check must be added for the return value...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: serial: max3100: Lock port-lock when calling uarthandlectschange The uarthandlectschange function must be called with the port locked. Since we execute it in a separate thread, the lock might not be acquired at the time of...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: can: mcp251xfd: fix infinite loop when xmit fails When the mcp251xfdstartxmit function fails, the driver stops processing messages, and the interrupt routine does not return, resulting in an indefinite execution even after...