18102 matches found
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ARM: OMAP2+: Fixed a memory leak in realtimecounterinit. The "sysclk" resource is allocated using clkget, and it is not released when the function returns...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: The UAF issue in ksmbdtcpnewconnection has been fixed. The race that occurs is between the process of handling a new TCP connection and its disconnection. This causes a UAF error in the struct tcptransport structure within...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: netfs, fscache: This issue prevents Oops exceptions in fscacheputcache. This function dereferences the “cache” object, and then checks whether it is ISERRORNULL. It checks first, and then derefserences the object...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: ip6tunnel: Fixed the handling of NEXTHDRFRAGMENT in ip6tnlparsetlvenclim. syzbot pointed out that the handling of NEXTHDRFRAGMENT is incorrect. The “fragoff” operation can only be performed if enough bytes are pulled into the...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: block: Fixed the issue of iterating over an empty bio with bioforeachfolioall. If the bio contains no data, biofirstfolio calls pagefolio using a NULL pointer, resulting in a buffer overflow error. We’ve moved the test that check...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: x86/srso: Added SRSO mitigation for Hygon processors. Added mitigation for the speculative return stack overflow vulnerability, which also exists on Hygon processors...
Astra Linux – Vulnerability in openjdk-11
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Networking. The supported versions affected by this vulnerability are Oracle Java SE: 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10, 21.0.2, 22;...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: netfs: Only call foliostartfscache once for each folio. If a network filesystem using netfs implements a clamplength function, it can set subrequest lengths that are smaller than the page size. When we loop through the folios in...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: jfs: fixed a slab-out-of-bounds Read in dtSearch Currently, when searching for the current page in the sorted entry table of the page, there is an out-of-bound access. A bound check has been added to fix this error. Dave: The...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: UBSAN: Array-index-out-of-bounds in dtSplitRoot Syzkaller reported the following issue: oop0: A change in capacity was detected, from 0 to 32768 UBSAN: Array-index-out-of-bounds in fs/jfs/jfsdtree.c:1971:9 Index -2 is out of...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-6.1, Linux-5.10
Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections support pairing in Bluetooth Core Specification 4.2 through 5.4. However, these devices are vulnerable to certain man-in-the-middle attacks, which force the use of a short key length. This vulnerability may lead to the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: The parameters of bo mapping operations need to be clarified. The parameters of amdgpuvmbomap/replacemap/clearingmappings should be verified in a single common place...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fixed the issue where the RPC client cleaned up the freed pipefs directories. The cleanup of the RPC client’s pipefs directories is handled in the rpcremovepipedir function, which processes the workqueue. This function...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Added a missing error check to scarlett2usbsetconfig. The scarlett2usbsetconfig function calls scarlett2usbget, but did not check the result. If this function fails, an error is returned instead of continuing wit...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Wifi: rtl8xxxu: Added cancelworksync for c2hcmdwork. The workqueue may still be running when the driver is stopped. To avoid a use-after-free, call cancelworksync in rtl8xxxustop...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek – Performing a runtime PM get operation on controllers during probing. The mt8183-mfgcfg component has a mutual dependency with genpd during the probing stage, which leads to a deadlock in the following call stack:...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: lib/generic-radix-tree.c: Do not cause overflow in the peek function. When we started assigning new inode numbers to most of the 64-bit inode space, some edge-case bugs occurred, particularly some integer overflows related to...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Update the error handler for UCTX and UMEM In the fast unload flow, the device state is set to internal error, indicating that the driver has started the destroy process. In this case, when a destroy command is executed...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mmc: core: Avoid negative index with array access The commit 4d0c8d0aef63 “mmc: core: Use mrq.sbc in close-ended ffu” assigns previdata = idatasi - 1, but does not check that the iterator i is greater than zero. We will fix this ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: cxl/ras: Fixed the device confusion related to the CPER handler. Upon inspection, the cxlcperhandleproterr function makes several fragile assumptions that can lead to crashes: 1. It assumes that the endpoints identified in the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad4851: fix ad4858 channel pointer handling The pointer returned by ad4851parseChannelscommon is incremented internally as each channel is populated. In ad4858ParseChannels, the same pointer was further incremented whil...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Net: Marvell: Pestera: Fixed handling of IPv4 routes with nhid. Fixed the handling of IPv4 routes that reference a nexthop via its id by replacing calls to fibinfonh with fibinfonhc. When attempting to add an IPv4 route that...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fixed the kernel panic that occurred during a warm reset. During a warm reset, device-fwclient is set to NULL. If a bus driver is registered after this NULL setting and before new firmware clients are enumerat...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: coresight: Holding csfgcfgcsdevlock while removing cscfg from csdev. There may be a race condition related to coresight configuration: CPU0 CPU1 perf enable load module cscfgloadconfigsets Activate configuration. // sysfs...
Astra Linux – Vulnerability in libxml2
The parser.c file in libxml2 before version 2.9.5 does not prevent infinite recursion in parameter entities...
Astra Linux – Vulnerability in Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: f2fs: A sanity check was added for the F2FSInlineDATA flag in the inode during garbage collection GC. The syzbot reports the following f2fs bug: ------------ Cut here ------------ Kernel BUG: At fs/f2fs/inline.c:258 CPU: 1 PID: 3...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: rfi: fix potential response leaks If the check for the rx payload length fails, or if kmemdup fails, we still need to free the command response. Fix that...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net/rds: fixed the possible null dereference of cp The cp parameter may be null. Calling cp-cpconn would result in a null dereference. Simon Horman adds: Analysis: cp is a parameter of rdsrdmamap, and it is not reassigned. The...
Astra Linux – Vulnerability in Flatpak
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions before 1.10.9, 1.12.9, 1.14.6, and 1.15.8, a malicious or compromised Flatpak application could execute arbitrary code outside its sandbox. Normally, the --command argument of flatpak...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: video/aperture: Call sysfbdisable before removing PCI devices Call sysfbdisable from apertureremoveconflictingpcidevices before removing PCI devices. Without this call, simpledrm may still bind to simple-framebuffer devices after...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cifs: A memory leak occurs when the build ntlmssp negotiate blob operation fails. There is a memory leak when mounting CIFS shares: - Unreferenced object: 0xffff888166059600 size 448 Command: “mount.cifs”, PID: 51391, Jiffies:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix use-after-free We have already freed the assocdata at this point, so we need to use another copy of the AP MLD address instead...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed scheduling issues during atomic decompression operations 16.945668 C0 Call trace: 16.945678 C0 dumpbacktrace+0x110/0x204 16.945706 C0 dumpstacklvl+0x84/0xbc 16.945735 C0 schedulebug+0xb8/0x1ac 16.945756 C0...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: Use RCU for hciconnparams and iterate safely in hcisync. hciupdateacceptlistsync iterates over hdev-pendleconns and hdev-pendlereports, and waits for controller events within the loop body, without holding the hdev...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: net: fixed the issue with the netdevstartxmit trace event vs skbtransportoffset After the committed code, we must be more careful when using skbtransportoffset, as reminded by syzbot: WARNING: CPU: 0 PID: 10 at...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: PM: domains: fixed a memory leak that occurred when using debugfslookup. When calling debugfslookup, the result must also have dput called upon it; otherwise, memory will leak over time. To simplify things, simply call...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fsverity: The FSIOCENABLEVERITY function is rejected when called on a file descriptor in mode 3. Commit 56124d6c87fd “fsverity: support enabling with tree block size fmode & FMODEREAD condition in kernelread became reachable...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: reliance on mt76connac2mactxrateval In order to address a potential NULL pointer dereferencing in mt7996macwritetxwi, the mt76connac2mactxrateval utility routine has been exported and reused in the mt7996 driv...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Validates the BOOT recordsize field. When the NTFS BOOT recordsize field is less than 0, it represents a shift value. However, there is no sanity check on the shift result, and the sbi-recordbits calculation using...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: fix bridge lifetime Device-managed resources allocated after component binding must be tied to the lifetime of the DRM device. Otherwise, these resources may not be released when binding the DRM device is deferred. Th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iouring: Lock overflow for IOPOLL. syzbot reports an issue with overflow during IOPOLL operations: WARNING: CPU: 0 PID: 28; at iouring, iouring.c:734; function iocqringeventoverflow+0x1c0/0x230; function iouring, iouring.c:734...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: In the bpf function, the task with pid=1 can be skipped in the sendsignalcommon function. The following kernel panic can occur when a task with pid=1 attempts to send a killing signal to itself. For more details, see 1. Kernel...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: Fixed a crash that occurs when re-plugging CSR fake controllers. It seems that fake CSR 5.0 clones can cause the suspend notifier to be registered twice, resulting in the following kernel panic: 71.986122 Call Trace...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/nouveau/kms/nv50-: fixed the file release memory leak. When using singleopen for opening, singlerelease should be called; otherwise, the ‘op’ allocated in singleopen will be leaked...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: soc: rockchip: Fixed the refcount leak in rockchipgrfinit. offindmatchingnodeandmatch returns a node pointer with a incremented refcount. We should use ofnodeput on it after processing. Added ofnodeput to prevent the refcount...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ftrace: Clean up the handling of hash operations when registers fail. The following GPF errors occur when registerftracedirect fails: General protection fault, likely due to a non-canonical address \ 0x200000000000010: 0000 1...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: - media: rga: fixed a possible memory leak in rgaprobe. - rga-m2mdev needs to be freed when rgaprobe fails...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: denali: Use managed device resources All resources used by this driver have managed interfaces; therefore, use them. Otherwise, we will encounter the following error: 4.472703 denali-nand-pci 0000:00:05.0: Timeout...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: dpaa2-eth: The virtual address is retrieved before calling dmaunmap. The TSO header was unmapped via DMA before the virtual address was retrieved, and then the buffer was freed using that address. This meant that we actually...