18102 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: Fix error handling in atatportadd In atatportadd, the return value of transportadddevice is not checked. As a result, a null pointer derefrence occurs when removing the module. This occurs because...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k – Do not allow overwriting of ENDPOINT0 attributes A malicious USB device can construct a service connection response message with the target endpoint being ENDPOINT0, which is reserved for HTCCTRLRSVDSVC and should n...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: Networking layer: hsr – Fixed potential use-after-free issues. The skb structure is passed to netifrx, which may free it. After this call, dereferencing the skb structure may lead to a use-after-free condition...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Install a stub fence into potential unused fence pointers. When using cpu to update page tables, VM update fences are unused. Instead, install a stub fence into these fence pointers, rather than setting them to NULL...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bnxten: fixed a memory leak in bnxtnvmtest Free the kzalloc’ed buffer before returning on the success path...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: setpageextentmapped after readfolio in btrfscontexpand. While attempting to run the subpage block size tests, I encountered the following panic in generic/476: Assertion failed: PagePrivatepage && page-private, in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: workqueue: The issue related to selecting the wakecpu in kickpool has been fixed. With cpupossiblemask=0-63 and cpuonlinemask=0-7, the following kernel error was observed: smp: Bringing up secondary CPUs… smp: Brought up 1 node, ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ARP: Do not assume that devhardheader does not change skb-head. arpcreate is the only function that calls devhardheader, and it makes the assumption that skb-head remains unchanged. A recent commit broke this assumption. The @arp...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: remoteproc: qcom: q6v5: Fixed a potential null-ptr-deref in q6v5wcssinitmmio The q6v5wcssinitmmio function will call platformgetresourcebyname, which may fail and return NULL. The devmioremap function will use res-start as an...
Astra Linux – Vulnerability in open-iscsi
A issue was discovered in Contiki through version 3.0. An integer overflow exists in the uIP TCP/IP stack component when parsing TCP MSS options for IPv4 network packets in the uipprocess function in net/ipv4/uip.c...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fixed an out-of-bounds memset issue in command slot handling. The remaining space in a command slot may be smaller than the size of the command header. Clearing the command header using memset before verifying the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed a memory leak when using debugfslookup. When calling debugfslookup, the result must have dput called upon it; otherwise, memory will leak over time. This issue was addressed by properly calling dput...
Astra Linux – Vulnerability in ffmpeg, ffmpeg5
The Ffmpeg v.N113007-g8d24a28d06 contains a buffer overflow vulnerability that allows a local attacker to execute arbitrary code through a floating-point exception error at libavfilter/vfminterpolate.c:1078:60 in interpolate...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS – Fixed a memory leak in the hwsactiongetsharedstcnic function. When an invalid stctype is provided, the function allocates memory for sharedstc, but then jumps to unlockandout without freeing that memory. This...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: fbcon: The old font data is always restored in fbcondosetfont. The commit a5a923038d70 fbdev: fbcon: Properly revert changes when vcresize fails started restoring old font data upon failure of vcresize. However, this only applies...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Added a synchronization step after creating a vram block. Data corruption will occur on vrams allocated by svm if the initialization is not complete and an application writes to the memory. Adding a synchronization st...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed incorrect pruning due to atomic fetch precision tracking When backtrackinsn encounters a BPFSTX instruction with BPFATOMIC and BPFFETCH, the src register or r0 for BPFCMPXCHG also acts as a destination, thereby receivi...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxdsprproc: Added mutex protection for workqueue The workqueue may execute late, even after remoteproc is stopped or disabled. Some resources such as the rpmsg device and endpoint have been released in...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: hwrng: virtio – Fixed a race condition related to dataavail and actual data. The virtio rng device initiates a new entropy request whenever the data available becomes zero. When a new request occurs at the end of a read...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fixed the crash that occurred when using “WRITESAME” without a data buffer. In the newer version of the SBC specifications, there’s a NDOB bit that indicates that there is no data buffer being written. If this bit i...
Astra Linux – Vulnerabilities in Firefox, Thunderbird, and Expat
In libexpat before version 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data...
Astra Linux – Vulnerability in cloud-init
In cloud-init through 25.1.2, the systemd socket unit “cloud-init-hotplugd.socket” is included, with a default SocketMode of 0666, allowing world-write permissions. This socket is used for the /run/cloud-init/hook-hotplug-cmd FIFO. A non-privileged user can trigger the hotplug-hook commands...
Astra Linux – Vulnerability in Tomcat9
Improper resource shutdown or release vulnerabilities in Apache Tomcat. If an error occurs including exceeding limits during the processing of a multipart upload, temporary copies of the uploaded parts that were written to disk are not deleted immediately but are left for the garbage collection...
Astra Linux – Vulnerability in Qemu
A NULL pointer dereference flaw was discovered in the floppy disk emulator of QEMU. This issue occurs when processing read/write ioport commands, especially if the selected floppy drive is not initialized using a block device. This flaw allows a privileged guest user to crash the QEMU process on...
Astra Linux – Vulnerability in Firefox and Thunderbird
A malicious web page could have caused an out-of-bounds write in WebGL, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: The link ID is cleared from the bitmap during link deletion after cleanup. Currently, during link deletion, the link ID is first removed from the validlinks bitmap before any cleanup operations are performed...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: The clearwalkcontrol function operates on an inactive context in damoswalk. damoswalk sets ctx-walkcontrol to the control structure provided by the caller before checking whether the context is running. If the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: smb: server: The use of smbdirectsocketrecvio.credits.available has been removed. The logic for managing recv credits by counting posted recvio and granted credits is flawed. This is because the peer might have already consumed a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: samsung-dsim: Fixed a memory leak in the error path. In samsungdsimhostattach, the drmbridgeadd function is called to add the bridge. However, if samsungdsimregisterteirq or pdata-hostops-attach fails later, the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Disabled LPM on ST1000DM010-2EP102. According to a user report, the ST1000DM010-2EP102 has issues with LPM, causing random system freezes. This drive belongs to the same BarraCuda family as the ST2000DM008-2FR10...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: validate the content of the release report before using it for RTL8922DE. The commit 957eda596c76 “wifi: rtw89: pci: validate the sequence number of the TX release report” performs validation on existing chips...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: iris: Add the buffer to the list only after a successful allocation. We moved the listaddtail function to after dmaalloc attrs succeeds when creating internal buffers. Previously, the buffer was enqueued into the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Validated user queue size constraints. Added validation to ensure that user queue sizes meet hardware requirements: - The size must be a power of two for efficient ring buffer wrapping. - The size must be at least...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: Fixed rcutasks stall in threaded busypoll I was debugging a NIC driver when I noticed that when I enabled threaded busypoll, bpftrace hung during startup. The output from dmesg was as follows: rcutaskswaitgp: rcutasks grace...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mshv: Error handling in mshvregionpin has been fixed. The current error handling has two issues: Firstly, the pinuserpagesfast function may return a short pin count less than the requested count but greater than zero when it...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: smb: client: The use of smbdirectsocketrecvio.credits.available has been corrected. The logic for managing recv credits by counting posted recvio and granted credits is flawed. This is because the peer might have already consumed...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: nfsd: Fixed a cred reference leak in nfsdnllistenersetdoit. nfsdnllistenersetdoit uses getcurrentcred without using putcred. As we can see from other calls, svcxprtcreatefromsa does not require an additional reference count...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: The hash table is now created per queue. Sharing a global hash table among all queues is tempting, but it can lead to crashes. Bug: KASAN: A “slab-use-after-free” issue exists in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: erofs: Fixed incorrect early exits in volume label handling. Crafted EROFS images containing valid volume labels may trigger incorrect early returns, resulting in folio reference leaks. However, this does not cause system crashes...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: PM: EM: Fixed NULL pointer dereferencing when the perf domain ID is not found. The devenergymodelnlgetperfdomainsdoit function calls emperfdomaingetbyid, but it does not check the return value before passing it to emnlgetpdsize...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: If the queue update fails, do not reserve bo. The error handling path should unreserve bo and then return a failure message. Cherry-picked from the commit c24afed7de9ecce341825d8ab55a43a254348b33...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rustbinder: Check ownership before using vma. When installing missing pages or zapping them, Rust Binder will look up the vma in the memory management unit by address, and then call vminsertpage or zappagerangesingle. However, if...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: USB: dummy-hcd: Fixed interrupt synchronization error This fixes an error in synchronization within the dummy-hcd driver. The error has a somewhat complex history. The synchronization mechanism was introduced in commit...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: spi: stm32-ospi: Fixed a resource leak in the remove callback. The remove callback returned early if pmruntimeresumeandget failed, thereby skipping the cleanup of the SPI controller and other resources. The early return was remov...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: media: verisilicon: Fixed a kernel panic caused by misuse of initconst. Fixed a kernel panic that occurred when probing the driver as a module: - Unable to handle a kernel paging request at the virtual address ffffd9c18eb05000...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Added NULL checks when resetting request and reply queues. The driver encountered a crash during resource cleanup when the reply and request queues were NULL due to freed memory. This issue occurred when the creatio...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: rxrpc, afs: Fixed the issue where a missing error pointer check occurred after rxrpckernellookuppeer. The rxrpckernellookuppeer function can also return error pointers in addition to NULL. Therefore, simply checking for NULL i...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp-mach-common: Added missing error checks for clock acquisition. The acpcardrt5682init and acpcardrt5682sinit functions did not check the return values of clkget. This could lead to a kernel crash when invalid pointe...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: spacemit: Fix error handling in emactxmemmap The DMA mappings were exposed due to mapping errors. These mappings can now be freed using the existing emacfreetxbuf function...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: x86/platform/uv: Handling deconfigured sockets When a socket is deconfigured, it is mapped to SOCKEMPTY 0xffff. This causes a panic during the allocation of UV hub info structures. This issue has been fixed by using NUMANONODE,...