18102 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: A possible null pointer dereference has been fixed in niclear. In a previous commit c1006bd13146, ni-mi.mrec in niwrite inode could be NULL. Therefore, a NULL check was added for this variable. However, in the same call...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: f2fs: Fixed a null pointer panic in the tracepoint of replaceatomicwriteblock. A kernel panic occurs when oldaddr is NULL. https://bugzilla.kernel.org/showbug.cgi?id=217266 BUG: Null pointer dereferencing in the kernel; address:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: linkwatch: Use devput in the callers to prevent UAF. After linkwatchdodev calls devput to release the linkwatch reference, the device’s refcount may drop to 1. At this point, netdevruntodo can proceed since linkwatchsyncdev sees ...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390replaceasce, the index of the new ASCE should also be set to 0. Using th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iio: dac: ad3552r-hs: fix out-of-bound write in ad3552rhswritedatasource When the simplewritetobuffer function succeeds, it returns the number of bytes actually copied to the buffer. The code incorrectly uses “count” as the index...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: The OOB write in bnxtrecopyerrstats was fixed. The commit ef56081d1864 “RDMA/bnxtre: RoCE-related hardware counters update” added three new counters and placed them after BNXTREOUTOFSEQERR. BNXTREOUTOFSEQERR serves a...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fixed a reference leak in the GID entry when the createah operation fails. If the AH create request fails, the sgidattr should be released to avoid a reference leak during the release of the GID table...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: ocb: don’t leave if not joined If there is no OCB state, do not ask the driver/mac80211 to leave, as that would only cause confusion. Since the chandef state can be set or cleared, this is a simple check...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/irdma: Fixed a data race on the CQP request done field. KCSAN detected a data race in the cqprequest-requestdone memory location. This location is accessed without a lock in the irdmahandlecqpop function, while it is bein...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fixed a memory leak in uvcgpioparse Previously, the unit buffer was allocated before checking the IRQ for privacy-related GPIO signals. If an error occurred, the unit buffer could be leaked. The issue is now...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed the bug in estreesearch caused by a faulty quota inode We have the following issues: ========================================= Kernel bug in fs/ext4/extentsstatus.c:202! Invalid opcode: 0000 1 PREEMPT SMP CPU: 1 PI...
Astra Linux – Vulnerability in openjdk-11
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: AWT, JavaFX. The supported versions affected by this vulnerability include Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracl...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/msm: adreno: Fixed the issue where ifpcreglist was referenced even though it wasn’t declared. On platforms with an A7xx GPU that does not support IFPC, ifpcreglist is still referenced in a6xxpatchpwrupreglist, which causes...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: iommu: Fixed an error in the unwind operation of iommugroupalloc. If either iommugroupgratefile fails, then iommugroup will be leaked. This issue should be addressed during these error-prone paths. Detected by...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Regulator: Core – Prevent integer underflow By using a ratio of delay to pollEnabledTime that is not an integer, timeRemaining underflows may occur, causing the loop not to exit as expected. Since delay can be derived from DT, an...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: brcmfmac: Ensure that the CLM version is terminated with null characters to prevent a stack-out-of-bounds issue. A stack-out-of-bounds read occurs in brcmfmac when a buffer that is not terminated with null characters is...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a use-after-free issue in ext4findextent when using bigalloc with inline data. Syzbot identified the following issue: - loop0: A change in capacity was detected, from 0 to 2048. - EXT4-fs loop0: The filesystem...
Astra Linux – Vulnerability in yaml-cpp
The function “Token& Scanner::peek” in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service assertion failure and application exit via a ‘!2’ string...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: prevented mss overflow in skbsegment Once again, syzbot is able to cause the kernel to crash in skbSegment. “GSOBYFRAGS” is a forbidden value, but unfortunately, the following calculation in skbSegment can easily result in...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: cassini: Fixed a memory leak in the error handling path of casinitone. cassaturnfirmwareinit allocates some memory using vmalloc. This memory is freed in the .remove function, but not in the error handling path of the probe...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/cxgb4: A potential null-ptr-deref occurred in passestablish. If getepfromtid fails to find a non-NULL value for ep, ep will be dereferenced later, regardless of whether it is empty. This patch adds a simple sanity check to f...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: ath9khtc: fixed uninitialized values issues Syzbot reported 2 KMSAN bugs in ath9k. All of these bugs are caused by missing field initialization. In htcconnectservice, svcmetalen and pad are not initialized. Based on the code, ...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: dm: fixed a NULL pointer race issue when completing IO operations. The dmiodecpending function calls endioacct first, and then decreases the number of pending DMA operations. However, if a task swaps the DM table at the same...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid crashes when inline data creation occurs after DIO write When an inode is created and written using direct IO, there is no way to clear the EXT4STATEMAYINLINEDATA flag. As a result, when the inode is truncated to just...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: NVMe: Fixed the failure to reconnect due to reserved tag allocation. We identified an issue in a production environment while using NVMe over RDMA. The reconnection of adminq failed indefinitely, even when the remote target and...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net:bcmgenet: A check for oversized packets has been added. Occasionally, we may receive oversized packets from the hardware that exceed the maximum buffer size of 2 KiB allocated for SKBs. A preliminary check is performed to...
Astra Linux – Vulnerability in exiv2
In Exiv2 0.26 and earlier versions, the PngChunk::readRawProfile method in pngchunkint.cpp may cause a denial of service application crash due to a heap-based buffer over-read when processing a specially crafted PNG file...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Allocate sufficient space for GMU registers In commit 142639a52a01 “drm/msm/a6xx: fix crashstate capture for A650”, we changed a6xxgetgmuregisters to read 3 sets of registers. Unfortunately, we did not change the...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: Networks: Ethernet – Fix for potential use-after-free in ecbhfremove. The code static void ecbhfremovestructpcidev dev looks as follows: c ... struct ecbhfpriv priv = netdevprivnetdev; unregisternetdevnetdev; freenetdevnetdev;...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: swiotlb: Initialize the listhead of the restricted pool when SWIOTLBDYNAMIC=y. Using restricted DMA pools CONFIGDMARESTRICTEDPOOL=y in conjunction with dynamic SWIOTLB CONFIGSWIOTLBDYNAMIC=y leads to the following crash during...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/smc: fixed a kernel panic caused by a race condition involving smcsock. A crash occurs when smccdctxhandler attempts to access smcsock, but smcrelease has already freed it. 4570.695099 BUG: Unable to handle a page fault for...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: nvmet: fixed an out-of-bounds access in nvmetenableport. When attempting to enable a port for which no transport is currently configured, nvmetenableport uses NVMFTRTYPEMAX 255 to query the transports array, resulting in an...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: Fixed to ensure that compressed blocks are persisted during checkpointing. If the data block in a compressed cluster is not persisted with metadata during a checkpoint, after SPOR, the data may become corrupted. W...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: RISCV: Use READONCENOCHECK in the imprecise unwinding stack mode. When CONFIGFRAMEPOINTER is not set, the stack unwinding function walkstackframe randomly reads from the stack. When KASAN is enabled, this can lead to the followin...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: mvm – Use IWLFWCHECK for link ID checking The lookup function iwlmvmrcufwlinkidtolinkconf is typically called with inputs from the firmware. Therefore, it should use IWLFWCHECK instead of WARNON...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: The issue of underflow in the chain reference counter was fixed. The error in adding elements in the set element path causes the reference counter to be decremented twice—once when releasing an element and...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fixed the race involving destroyworkonstack. The following debug object splat was observed during testing: ODEBUG: Freeing an active object active state 0: 0000000097d23782; Object type: workstruct; Hint:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: vhosttask: Handles SIGKILL by flushing the work and exiting. Instead of lingering until the device is closed, this resolves the issue by handling SIGKILL as follows: 1. Marking the worker as killed, so we no longer attempt to use...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fixed the null-ptr-deref issue in ibcorecleanup. KASAN reported a null-ptr-deref error: KASAN: Null pointer dereferencing in the range 0x0000000000000118–0x000000000000011f. CPU: 1; PID: 379. Hardware name: QEMU Standa...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fixed the issue of accessing an invalid dipctx during the destruction of QP. If the system fails to modify QP to RTR, the dipctx will not be attached. During the destruction of QP, the invalid dipctx pointer will be...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Binder: Fixed an issue where asyncfreespace accounting for empty parcels was incorrect. In version 4.13, commit 74310e06be4d “android:binder: Move buffer out of area shared with user space” fixed a issue related to the visibility...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Unregistering flowtable hooks upon netns exit. Unregistering flowtable hooks before they are released via nftablesflowtabledestroy; otherwise, the hook code may report a Use-After-Free error. BUG: KASAN:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: In the “send” operation, there is a issue with handling path ref underflow during the header iterate inoderef function. Change BUGON to proper error handling if building the path buffer fails. The pointers are not...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: imx8mm-verdin: Do not power down eth-phy Currently, if suspending the system using “freeze” or “memory state”, the fec driver attempts to power down the PHY, which leads to a kernel crash and an unresponsive kernel. T...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: Fixed an integer overflow in ghesestatuspoolinit. The variable numghes was changed from int to unsigned int, preventing an overflow and causing subsequent vmalloc calls to fail. The overflow occurs in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: mana: Fixed a race condition related to the per-CQ variable napiworkdone. After calling napicompletedone, the NAPIFSTATESCHED bit may be cleared, allowing another CPU to start a napi thread and access the per-CQ variable...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fixed a situation where a NULL pointer was dereferenced. The LRU mechanism may look up a resource during the process of removing it from an object. The locking rules for this operation are somewhat unclear, but it...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Add a overflow check in sgxvalidateoffsetlength The sgxvalidateoffsetlength function verifies the "offset" and "length" arguments provided by the user space. However, there was a lack of an overflow check when these...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fixed an UAF in svctcplistendataready After the listener svcsock is freed, and before invoking svctcpaccept for the established child sock, there is a window during which the newsock may retain the freed listener svcsock ...
Astra Linux – Vulnerability in Thunderbird
During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird 78.7...