18102 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: ov2740: Fixed a memory leak in ov2740initcontrols There is a memory leak when testing the media/i2c/ov2740.c file using bpf mock. Unreferenced object: 0xffff8881090e19e0 size 16: Command “51-i2c-ov2740”, PID 278, jiffies...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix for the condition effect bit clearing issue As reported by MPDarkGuy on Discord, NULL pointer dereferencing occurred because not all conditional effect bits were cleared. Properly clear all conditional effect bits...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: OpenRISC: Traps – Do not send signals to kernel mode threads OpenRISC’s exception handling sends signals to user processes during floating-point exceptions and trap instructions for debugging purposes, among others. There is a bu...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ipmi:ipmb: Fixed the refcount leak in ipmiipmbprobe. ofparsephandle returns a node pointer with a refcount incremented; we should use ofnodeput on it after processing. Added ofnodeput to prevent the refcount leak from occurrin...
Astra Linux – Vulnerability in binutils
The bfdgenericreadminisymbols function in syms.c within the Binary File Descriptor BFD library also known as libbfd, as part of GNU Binutils 2.31, contains a memory leak that can occur due to an improperly crafted ELF file. This leads to a denial of service condition due to excessive memory...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed a race condition when deleting the quota root from the “dirtycowonlyroots” list. When disabling quotas, we delete the quota root from the fsinfo-dirtycowonlyroots list without locking it, which requires the protectio...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: tpm: acpi: Calling acpiputtable to fix a memory leak. The size of the event log area is obtained from the TPM2 or TCPA table. Therefore, we call acpigettable to retrieve ACPI information. However, acpigettable should be used in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: hsr: Fixed uninit-value access in fillframeinfo Syzbot reports the following uninit-value access problems. ===================================================== BUG: KMSAN: uninit-value in fillframeinfo net/hsr/hsrforward.c:60...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: This issue prevents UBSAN errors occurring in truesectorsperclst. The syzbot reported the following UBSAN error: 76.901829 T6677 ================================================================================ 76.903908...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: memory leaks have been fixed in ext4fnamesetupfilename,preparelookup. If filename case-folding fails, memory will be leaked from the fscryptname structure, specifically from the 'cryptobuf.name' member. Make sure that this...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: zstd – fix double-free in per-CPU stream cleanup The crypto/zstd module contains a double-free bug that occurs when multiple tfms are allocated and freed. The issue arises because the zstdstreams per-CPU contexts are free...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Do not clone flow post-action attributes a second time. The code already clones post-action attributes in mlx5ecloneflowattrforpostact. Creating another copy in mlx5etcpostactadd is an error remaining from the original...
Astra Linux – Vulnerability in libtomcrypt
In LibTomCrypt version 1.18.2, the derdecodeutf8string function located in derdecodeutf8string.c does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service such as out-of-bounds reads and crashes or to read information from other...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: MIPS: vpe-mt: fixed a possible memory leak when the module exits. After committing 1fa5ae857bb1 “driver core: removed the struct device’s busid string array”, the name of the device is allocated dynamically. This allocation needs...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/xe/nvm: Fixed a double-free operation in the aux add failure case. After a successful auxiliarydeviceinit call, auxdev-dev.release i.e., xenvmreleasedev is responsible for freeing the memory associated with the auxiliary devi...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ext4: fix invalid free tracking in ext4xattrMoveToBlock In ext4xattrMoveToBlock, the value of the extended attribute that we need to move to an external block may be allocated by kvmalloc if the value is stored in an external...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: hdmi: Unregister codec device on unbind When the device is bound, we register the HDMI codec device. However, we do not unregister it when the device is unbound, resulting in a situation where the device remains active a...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: A possible null pointer dereference has been fixed in niclear. In a previous commit c1006bd13146, ni-mi.mrec in niwrite inode could be NULL. Therefore, a NULL check was added for this variable. However, in the same call...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Platform/Mellanox: mlxbf-pmc – added sysfsattrinit to countClock initialization. The lock-related debugging logic CONFIGLOCKSTAT in the kernel issues the following warning when the BlueField-3 SOC is booted: BUG: The key...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: f2fs: Fixed a null pointer panic in the tracepoint of replaceatomicwriteblock. A kernel panic occurs when oldaddr is NULL. https://bugzilla.kernel.org/showbug.cgi?id=217266 BUG: Null pointer dereferencing in the kernel; address:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: linkwatch: Use devput in the callers to prevent UAF. After linkwatchdodev calls devput to release the linkwatch reference, the device’s refcount may drop to 1. At this point, netdevruntodo can proceed since linkwatchsyncdev sees ...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390replaceasce, the index of the new ASCE should also be set to 0. Using th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iio: dac: ad3552r-hs: fix out-of-bound write in ad3552rhswritedatasource When the simplewritetobuffer function succeeds, it returns the number of bytes actually copied to the buffer. The code incorrectly uses “count” as the index...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: The OOB write in bnxtrecopyerrstats was fixed. The commit ef56081d1864 “RDMA/bnxtre: RoCE-related hardware counters update” added three new counters and placed them after BNXTREOUTOFSEQERR. BNXTREOUTOFSEQERR serves a...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fixed a reference leak in the GID entry when the createah operation fails. If the AH create request fails, the sgidattr should be released to avoid a reference leak during the release of the GID table...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: ocb: don’t leave if not joined If there is no OCB state, do not ask the driver/mac80211 to leave, as that would only cause confusion. Since the chandef state can be set or cleared, this is a simple check...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/irdma: Fixed a data race on the CQP request done field. KCSAN detected a data race in the cqprequest-requestdone memory location. This location is accessed without a lock in the irdmahandlecqpop function, while it is bein...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fixed a memory leak in uvcgpioparse Previously, the unit buffer was allocated before checking the IRQ for privacy-related GPIO signals. If an error occurred, the unit buffer could be leaked. The issue is now...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed the bug in estreesearch caused by a faulty quota inode We have the following issues: ========================================= Kernel bug in fs/ext4/extentsstatus.c:202! Invalid opcode: 0000 1 PREEMPT SMP CPU: 1 PI...
Astra Linux – Vulnerability in openjdk-11
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: AWT, JavaFX. The supported versions affected by this vulnerability include Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracl...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/msm: adreno: Fixed the issue where ifpcreglist was referenced even though it wasn’t declared. On platforms with an A7xx GPU that does not support IFPC, ifpcreglist is still referenced in a6xxpatchpwrupreglist, which causes...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: iommu: Fixed an error in the unwind operation of iommugroupalloc. If either iommugroupgratefile fails, then iommugroup will be leaked. This issue should be addressed during these error-prone paths. Detected by...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Regulator: Core – Prevent integer underflow By using a ratio of delay to pollEnabledTime that is not an integer, timeRemaining underflows may occur, causing the loop not to exit as expected. Since delay can be derived from DT, an...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: brcmfmac: Ensure that the CLM version is terminated with null characters to prevent a stack-out-of-bounds issue. A stack-out-of-bounds read occurs in brcmfmac when a buffer that is not terminated with null characters is...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a use-after-free issue in ext4findextent when using bigalloc with inline data. Syzbot identified the following issue: - loop0: A change in capacity was detected, from 0 to 2048. - EXT4-fs loop0: The filesystem...
Astra Linux – Vulnerability in yaml-cpp
The function “Token& Scanner::peek” in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service assertion failure and application exit via a ‘!2’ string...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: prevented mss overflow in skbsegment Once again, syzbot is able to cause the kernel to crash in skbSegment. “GSOBYFRAGS” is a forbidden value, but unfortunately, the following calculation in skbSegment can easily result in...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: cassini: Fixed a memory leak in the error handling path of casinitone. cassaturnfirmwareinit allocates some memory using vmalloc. This memory is freed in the .remove function, but not in the error handling path of the probe...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/cxgb4: A potential null-ptr-deref occurred in passestablish. If getepfromtid fails to find a non-NULL value for ep, ep will be dereferenced later, regardless of whether it is empty. This patch adds a simple sanity check to f...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: ath9khtc: fixed uninitialized values issues Syzbot reported 2 KMSAN bugs in ath9k. All of these bugs are caused by missing field initialization. In htcconnectservice, svcmetalen and pad are not initialized. Based on the code, ...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: dm: fixed a NULL pointer race issue when completing IO operations. The dmiodecpending function calls endioacct first, and then decreases the number of pending DMA operations. However, if a task swaps the DM table at the same...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid crashes when inline data creation occurs after DIO write When an inode is created and written using direct IO, there is no way to clear the EXT4STATEMAYINLINEDATA flag. As a result, when the inode is truncated to just...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: NVMe: Fixed the failure to reconnect due to reserved tag allocation. We identified an issue in a production environment while using NVMe over RDMA. The reconnection of adminq failed indefinitely, even when the remote target and...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net:bcmgenet: A check for oversized packets has been added. Occasionally, we may receive oversized packets from the hardware that exceed the maximum buffer size of 2 KiB allocated for SKBs. A preliminary check is performed to...
Astra Linux – Vulnerability in exiv2
In Exiv2 0.26 and earlier versions, the PngChunk::readRawProfile method in pngchunkint.cpp may cause a denial of service application crash due to a heap-based buffer over-read when processing a specially crafted PNG file...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Allocate sufficient space for GMU registers In commit 142639a52a01 “drm/msm/a6xx: fix crashstate capture for A650”, we changed a6xxgetgmuregisters to read 3 sets of registers. Unfortunately, we did not change the...
Astra Linux – Vulnerability in Wireshark
A crash in the DNP dissector in Wireshark versions 3.4.0 to 3.4.6, as well as 3.2.0 to 3.2.14, allows for denial of service through packet injection or malicious capture files...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: Networks: Ethernet – Fix for potential use-after-free in ecbhfremove. The code static void ecbhfremovestructpcidev dev looks as follows: c ... struct ecbhfpriv priv = netdevprivnetdev; unregisternetdevnetdev; freenetdevnetdev;...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: swiotlb: Initialize the listhead of the restricted pool when SWIOTLBDYNAMIC=y. Using restricted DMA pools CONFIGDMARESTRICTEDPOOL=y in conjunction with dynamic SWIOTLB CONFIGSWIOTLBDYNAMIC=y leads to the following crash during...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/smc: fixed a kernel panic caused by a race condition involving smcsock. A crash occurs when smccdctxhandler attempts to access smcsock, but smcrelease has already freed it. 4570.695099 BUG: Unable to handle a page fault for...