18102 matches found
Astra Linux – Vulnerability in GhostScript
A heap-based buffer overwrite vulnerability was discovered in the lp8000printpage function of GhostScript, located in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a specially crafted PDF file, triggering a heap buffer overflow that could lead to memory corruption...
Astra Linux – Vulnerability in WebKit2GTK
An information disclosure issue was resolved by removing the vulnerable code. This issue has been fixed in macOS Monterey 12.5. A website may be able to track the websites a user visited in Safari’s private browsing mode...
Astra Linux – Vulnerability in Ruby-Rack
There is a possible denial-of-service vulnerability in Rack versions 2.0.9.1, 2.1.4.1, and 2.2.3.1, specifically in the multipart parsing component of Rack...
Astra Linux – Vulnerability in Ruby-Rack
A sequence injection vulnerability exists in Rack versions 2.0.9.1, 2.1.4.1, and 2.2.3.1. This vulnerability could allow for shell escapes in the Lint and CommonLogger components of Rack...
Astra Linux – Vulnerability in unrar-nonfree
RARLAB’s UnRAR version prior to 6.12 on Linux and UNIX allowed directory traversal, enabling writing to files during an extraction operation also known as unpacking. This was demonstrated by creating a file named /.ssh/authorizedkeys. NOTE: WinRAR and Android RAR are not affected by this issue...
Astra Linux – Vulnerability in WebKit2GTK
A correctness issue in JIT was addressed through improved checks. This issue has been fixed in tvOS 16.1, iOS 15.7.1, iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1, and iPadOS 16. Processing maliciously crafted web content may disclose internal states of the app...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd934x: Properly handles channel mapping lists. Currently, each channel is added as a list to the dai channel list. However, there is a risk of adding the same channel to multiple dai channel lists, which could lea...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Do not call scsiremovehost in pm8001alloc Calling scsiremovehost before scsiaddhost results in a crash. Bug: Kernel NULL pointer dereferencing; address: 0000000000000108 RIP: 0010: devicedel+0x63/0x440 Call trace: 1...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net/sched: fqpie: prevent dismantle issue For some reason, the fqpieDestroy function did not copy the working code from pieDestroy and other related functions, resulting in a persistent bug. Before calling...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: nvidiafb: Use strscpy to prevent buffer overflow Coverity reports a possible buffer overflow issue. However, given the ‘static’ scope of nvidiasetupi2cbus, it seems that this issue cannot occur after examining the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix tc flower deletion for VLAN priority Rx steering To replicate the issue: 1 Add a tc flower filter for VLAN Priority-based frame steering: $ IFDEVNAME=eth0 $ tc qdisc add dev $IFDEVNAME ingress $ tc qdisc add dev...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: powerpc/fixmap: Fixed the VM debug warning when unmapping a fixmap entry. The unmapping of a fixmap entry is performed by calling setfixmap, with FIXMAPPAGECLEAR as the flag. Currently, powerpc setfixmap calls mapkernelpage...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: “ice”: fixed the sizing of vsi-txqmap. The approach of having XDP queues per CPU, regardless of the user’s settings, exposed a hidden bug that could occur when the number of Rx queues differs from the number of Tx queues...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In the net: dsa section, there is a fix for dereferencing a NULL pointer in dsaportresetvlanfiltering. The “ds” iterator variable used in dsaportresetvlanfiltering overwrites the “dp” parameter received as an argument, which is...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed a warning in ext4handleinodeextension We encountered the following issues: EXT4-fs error device loop0 in ext4reserveinodewrite:5741: Out of memory EXT4-fs error device loop0: ext4setattr:5462: inode 13: comm...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: mmc: jz4740: Apply DMA engine limits to maximum segment size Follow the same approach used in other DMA-enabled MMC host drivers see host/mmci.c, and limit the maximum segment size based on the capabilities of the DMA engine. Thi...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ath11k: Disable spectral scan during spectral deinit. When ath11k modules are removed using rmmod with spectral scan enabled, a crash occurs. Different crash traces are observed for each instance of the crash. Send a command to...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: drm/virtio: fixed a NULL pointer dereference in virtiogpuconngetmodes. drmcvtmode may return NULL, and we should check for this. This bug was discovered by syzkaller: FAULTINJECTION stacktrace: 168.567394 FAULTINJECTION: forci...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: serial: 8250aspeedvuart: Fixed the potential NULL dereferencing in aspeedvuartprobe. The platformgetresource function may fail and return NULL; therefore, we should better check its return value to avoid NULL pointer dereferencin...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: ip: Fixed a data race around the sysctlfwmarkreflect function. When reading sysctlfwmarkreflect, it can be changed concurrently. Therefore, we need to add READONCE to its reader function...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: Fix refcount leak in tidra7xbarrouteallocate. The ofparsephandle function returns a node pointer with a refcount incremented. We should use ofnodeput on it when it is no longer needed. Add the missing ofnodeput cal...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwc-qos: Disable split header for Tegra194 There is a long-standing issue with the Synopsys DWC Ethernet driver for Tegra194, where random system crashes have been observed 0. The problem occurs when the split header...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ipv6: fixed a lockdep issue in in6dumpaddrs According to reports from syzbot, we should not use rcudereference when rcureadlock is not held. WARNING: Suspicious RCU usage. 5.19.0-rc2-syzkaller 0 Not tainted...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: Net: tun: Unlinking the NAPI from the device upon destruction. Syzbot identified a race condition between the tun file and the device destruction process. NAPIs reside in the structtunfile structure, and this structure may be...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: power: supply: core: Fixed the boundary conditions in interpolation. The functions powersupplytemp2resistsimple and powersupplyocv2capsimple incorrectly handle boundary conditions. This issue was introduced in the code change...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fixed PM usagecount for console handover When the console is enabled, univ8250consolesetup calls serial8250consolesetup before .dev is set to uartport. As a result, pmruntimegetsync will not be called. Later, when t...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: ima: Fixed a potential integer overflow in imaappraisemeasurement. When the ima-modsig option is enabled, the value passed to evmverifyxattr may be negative, which could lead to an integer overflow issue...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: phy: at803x: fix NULL pointer dereference on AR9331 PHY The latest kernel will fail when dealing with the PHY interrupt configuration, as it now relies on allocated private resources. Therefore, running a probe to allocate...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Store the vhost pointer during subcrq allocation Currently, the back pointer from a queue to the vhost adapter is not set until after the subcrq interrupt registration. This value becomes available when a queue is...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Fixed a hang that occurred during unmount when the block group reclaim task was running. When starting an unmount, at closectree, if the reclaim task is running and is in the middle of a data block group relocation, a...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: atmel: The issue with reference counting was fixed in atmelnandcontrollerinit. The reference counting issue occurs in several error handling paths involving an object with a refcount, called “nc-dmac”. In these path...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Drivers: Ethernet: cpsw – Fixed a panic that occurs when interrupt coalescing is set via ethtool. The cpswethtoolbegin function directly returns the result of pmruntimegetsync when it is successful. pmruntimegetsync returns an...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hciuart: A missing NULL check was added in h5enqueue. The Syzbot encountered a general protection fault in pmruntimeresume. The issue was due to a missing NULL check. hu-serdev can be NULL, and we should not blindly...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ath10k: Error handling in ath10ksetupmsaresources has been fixed. The devicenode pointer is returned by ofparsephandle, with the refcount incremented. We should use ofnodeput on it after that operation. This function only calls...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: anx7625: Fixed an overflow issue when reading EDID. The length of the EDID block can be longer than 256 bytes. Therefore, we should use int instead of u8 for the edidpos variable...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cxl/port: Hold a reference to the port until the decoder is released. KASAN + DEBUGKOBJECTRELEASE reports a potential use-after-free in cxldecoderrelease. This function references its parent object, a cxlport, to free its id back...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed error handling in ext4fcrecordmodified inode. The current code does not properly handle the krealloc error case, which could lead to silent memory corruption or a kernel bug. This patch addresses this issue...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: spi: uniphier: fix reference count leak in uniphierspiprobe The issue occurs in several error paths within uniphierspiprobe. When either dmagetslavecaps or devmspiregistermaster returns an error code, the function forgets to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ice: Fixed a crash by retaining the old configuration when updating Traffic Classes beyond the allocated queues. There are issues when the number of allocated queues is less than the number of Traffic Classes. The commit...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: Video: fbdev: sm712fb – Fixed a crash in smtcfbwrite When the sm712fb driver writes three bytes to the framebuffer, the driver crashes. Bug: Unable to handle a page fault for the address: ffffc90001ffffff RIP:...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: tcp: tcprtxsynack can be called from process context. Laurent reported the attached report 1. This bug occurs under the following conditions: 0 The kernel is built with CONFIGDEBUGPREEMPT=y. 1 A new passive FastOpen TCP socket is...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential AB/BA lock issue with buffermutex and mmaplock The syzbot tool detected a potential deadlock between the runtime-buffermutex and the mm-mmaplock. This issue arose due to the recent fix related to racy...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: quota: fixed the loop condition in f2fsquotasync The parameter cnt should be passed to sbhasquotaactive, rather than type, to correctly check the active quota. Moreover, when the type is -1, the compiler, with sufficient...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: The function dcstreamrelease is called when removing the link enc assignment. Why A porting error caused the stream assignment for the link to be retained instead of being released—resulting in a memory leak. How...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: A NULL pointer dereference occurred in amdgpudmconnectoraddcommonmodes. In amdgpudmconnectoraddcommonmodes, amdgpudmcreatecommonmode assigns mode to mode, and mode is directly passed to drmmodeprobedadd...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs: Fixed error handling in mxssgtl5000probe. This function only calls ofnodeput in the regular path. It will cause a refcount leak in error-prone paths. For example, when codecnp is NULL, saifnp0 and saifnp1 are not NULL,...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: usb: ffs: Fix use-after-free for epfile Consider a case where ffsfuncepsdisable is called from ffsfuncdisable as part of the composition switch. At the same time, ffsepfilerelease is called from the user space. ffsepfilerelease...
Astra Linux – Vulnerability in Linux
A vulnerability was discovered in the Linux kernel prior to version 5.13.3. The file lib/seqbuf.c contains a buffer overflow issue related to seqbufputmemhex...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y – Do not call freepagesexact with a NULL address. Unlike some other functions, we cannot pass a NULL pointer to freepagesexact. Add a proper NULL check to avoid potential errors...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: dmbtreeremove: Assign newroot only when the removal succeeds. The removeraw function in dmbtreeremove may fail due to IO read errors e.g., failure to read the content of the origin block during shadowing. Additionally, the value ...