18102 matches found
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: mcbausbreadbulkcallback: fixed a URB memory leak. The memory leak was fixed in a similar manner to the issue in commit 7352e1d5932a “can: gsusb: gsusbreceivebulkcallback: fixed a URB memory leak”. In mcbausbprobe -...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: usb: ChipIdea UDC: Fix for DMA and SG cleanup in epnuke The ChipIdea UDC driver may encounter errors where “not-page-aligned sg buffers” occur when a USB device is reconnected after being disconnected during an active transfer...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: tls: Fixed a race condition in tlsswcancelworktx This issue was discovered during a code audit. After the call to canceldelayedworksync from tlsskprotoclose, txworkhandler can still be scheduled from functions like the Delayed AC...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: l2tp: avoided a data race in l2tptunneldelwork We should only access sk-sksocket when dealing with kernel sockets. syzbot reported the following data race: BUG: KCSAN: data race in l2tptunneldelwork / skcommonrelease Task 5365...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: scsi: core: There is a race condition where the error handler is only awakened when the last running command completes or times out. The order of execution of marking commands—either completed or failed—is not properly ordered...
Astra Linux – Vulnerability in Python 3.11
DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.getdata has the same security model as open. The documentation has been updated to clarify this point. There is no vulnerability in the function if the intended security model is followed. pkgutil.getdata d...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: kexec: deriving the entry from the purgatory symbol The kexecloadpurgatory function derives image-start by locating eentry within an SHFEXECINSTR section. If the purgatory object contains multiple executable sections with...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bcsp: receives data only if registered Currently, the bcsprecv function can still be called even when the BCSP protocol has not been registered. This leads to a NULL pointer dereference, as shown in the following stack...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: The numconnectors field is incorrectly handled. The UCSI specification states that the numconnectors field consists of 7 bits, with the 8th bit reserved and should be set to zero. Some faulty firmware has been...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: char: applicom: fix NULL pointer dereference in acioctl Discovered by Atuin – Automated Vulnerability Discovery Engine. In acioctl, the validation of IndexCard and the check for a valid RamIO pointer are skipped when cmd is 6...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ipv4: A reference count leak was fixed when using error routes with nexthop objects. When a nexthop object is deleted, it is marked as “dead”, and then fibtableFlush is called to flush all routes that use the dead nexthop. The...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8m-blk-ctrl: Fixed out-of-range access to bc-domains. Out-of-range access to bc-domains was corrected in the imx8mblkctrlremove function...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Input: tiam335xtsc – fixed an off-by-one error in the wireorder validation. The current validation wireorderi ARRAYSIZEconfig pins allows wireorderi to equal ARRAYSIZEconfig pins, which causes out-of-bounds access when used as an...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validating the command header size against SVGACMDMAXDATASIZE This data originates from user space and is used in buffer offset calculations, which may potentially lead to an out-of-bounds access due to overflow...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: mm, shmem: preventing infinite loops in truncate race conditions. When truncating a large swap entry, shmemfreeswap returns 0 when the entry’s index does not match the given index due to lookup alignment issues. The failure...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: The reference count of the device should always be dropped in ibdelsubdeviceandput. Since nldevdeldev introduced in commit 060c642b2ab8 “RDMA/nldev: Add support for adding/deleting a sub IB device through netlink” grab...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: vsock/virtio: Only linear skb values are coalesced. In vsock/virtio common, attempts to coalesce buffers in the rx queue: if a linear skb with a spare tail room is followed by a small skb whose length is limited by GOODCOPYLEN...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: drm/panthor: Fixed UAF issues on kernel BO VA nodes. If the MMU is down, panthorvmunmaprange might return an error. We expect the page table to still be updated; if the MMU is blocked, the rest of the GPU should also be blocke...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu – fixed a buffer overflow issue in the hwdep read function for DSP events. The DSP event handling code in hwdepread could write more bytes to the user buffer than requested, especially when the user provided a...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: libceph: The calctarget function should set t-paused, rather than simply clearing it. Currently, calctarget clears t-paused if the request should no longer be paused. However, it never sets t-paused, even though it can determine...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: etases58x: allows partial RX URB allocation to succeed. When es58xallocrxurbs fails to allocate the requested number of URs, but manages to allocate some of them, it returns an error code. This causes es58xopen to return early,...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: usb: renesasusbhs: Fixed synchronous external abort when unbind is executed. A synchronous external abort occurs on the Renesas RZ/G3S SoC if unbind is executed after the configuration sequence described above: bash modprobe...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: regmap: slimbus: Fix the buscontext pointer in regmap init calls The commit 4e65bda8273c “ASoC: wcd934x: Fix error handling in wcd934xCodecParsedata” revealed the issue in the slimbus regmap. This commit causes audio playback ...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Signal: Allocate SSVE storage when restoring ZA The code used to restore a ZA context does not attempt to allocate the task’s svestate before setting TIFSME. As a result, restoring a ZA context may place the task in...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Do not store mlx5epriv in mlx5edev devlink priv mlx5epriv is an unstable structure that can be memset0 if profile attachment fails. mlx5epriv in mlx5edev devlink private is used to reference the netdev and mdev...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/core: Correctly check the presence of LSNLATYPEDGID. The netlink response for RDMANLLSOPIPRESOLVE should always contain an LSNLATYPEDGID attribute; it is invalid if it is missing. Properly use the nl parsing logic and cal...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fixed a NULL dereference when deactivating an inactive aggregate in qfqreset. qfqclass-leafqdisc-q.qlen 0 does not imply that the class itself is active. Two qfqclass objects may point to the same leafqdisc. Th...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: gfs2: Prevent recursive memory reclamation The new inode function returns a new inode with inode-imapping-gfpmask set to GFPHIGHUSERMOVABLE. This value includes the GFPFS flag, allowing allocations in that address space to...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: libceph: The state of sparse-read was reset in osdfault. When a fault occurs, the connection is abandoned, re-established, and any pending operations are retried. The OSD client tracks the progress of a sparse-read reply using a...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: mptcp: avoid deadlock on fallback while reinjecting Jakub reported a MPTCP deadlock during the fallback process: WARNING: Possible recursive locking detected 6.18.0-rc7-virtme 1 Not tainted...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8m-blk-ctrl: The separate reset and clock enable bits are removed for the 8MQ VPU. For the i.MX8MQ platform, the ADB in the VPUMIX domain does not have separate reset and clock enable bits. Instead, both are enabled...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: libceph: makes decodepool more resilient against corrupted osdmaps. If the osdmap is maliciously corrupted in such a way that the encoded length of the cephpgpool envelope is less than what is expected for a particular encoding...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fixed regmap maxregister The maxregister field is assigned the size of the register memory region, rather than the offset of the last register. As a result, reading from the regmap via debugfs can cause a...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in pushnsh action The pushnsh action structure looks like this: OVSACTIONATTRPUSHNSHOVSKEYATTRNSHOVSNSHKEYATTRBASE,... The outermost OVSACTIONATTRPUSHNSH attribute is validated by...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net/handshake: Duplicate handshake cancellations cause a socket leak. When a handshake request is cancelled, it is removed from the handshakenet-hnrequests list, but it remains in the handshakerhashtbl until it is destroyed. If a...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: Fixed a memory leak in wbrfrecord. The tmp buffer is allocated using kcalloc, but it is not freed if acpievaluatedsm fails. This causes a memory leak in the error path. This issue has been fixed by explicitly...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: i2c: riic: Moving suspend handling to NOIRQ phase Commit 53326135d0e0 “i2c: riic: Adding suspend/resume support” added suspend support for the Renesas I2C driver. Following this change, on RZ/G3E, the following warning appears...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: ath12k – Fix for the dmafreecoherent pointer. dmaalloccoherent allocates a DMA-mapped buffer and stores the addresses in XXXunaligned fields. These addresses should be reused when freeing the buffer, rather than using th...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: x86/vmware: Fixed hypercall clobbering issues Fedora QA reported the following panic: BUG: Unable to handle a page fault for address: 0000000040003e54 PF: Supervisor write access in kernel mode PF: Errorcode0x0002 – Not-presen...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: uacce: fixed the isolate/sysfs check condition. uacce supports the device isolation feature. If the driver implements the isolateerrthresholdread and isolateerrthresholdwrite callback functions, uacce will now create sysfs...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: RDMA/cm: Fixed the issue of leaking the multicast GID table reference. If the CM ID is destroyed while the CM event for multicast creation is still queued, the cancelworksync function will prevent the work from running. This also...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: md: fixed rcu protection in mdwakeupthread We attempted to use RCU to protect the pointer “thread”, but passed the value directly when calling mdwakeupthread. This means that the RCU pointer was acquired before rcureadlock was...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: be2net: Pass the wrbparams parameter in case of OS2BMC. The function beinsertvlaninpkt is called with the wrbparams argument being NULL at the besendpkttobmc call site. This may lead to dereferencing a NULL pointer during the...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure When the setup of DAMON’s sysfs directory fails after the setup of attrs/, subdirectories of attrs/ directory are not cleaned up. As a result, DAMON’s sysfs...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: erofs: fixed the UAF issue for file-backed mounts with the directio option 9.269940 T3222 Call trace: 9.269948 T3222 ext4filereadIter+0xac/0x108 9.269979 T3222 vfsiocbiterread+0xac/0x198 9.269993 T3222...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: iouring: A filename leak was addressed in ioopenatprep. The ioopenatprep function allocates a struct filename using getname. However, if the file is installed in the fixed file table and the OCLOEXEC flag is set, the function...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Rejects new transactions if the file system is fully read-only. BUG There is a bug report where a heavily fuzzed file system is mounted with all rescue mount options. This leads to the following warnings during unmount:...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecishtp: Fixed a UAF issue after unbinding the driver. After unbinding the driver, another kthread named crosecconsolelogwork still accesses the device, resulting in a UAF and system crash. The driver does no...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: fbdev: Added bounds checking in bitputcs to prevent out-of-bounds writes using vmalloc. Added bounds checking to prevent writes beyond the framebuffer boundaries when rendering text near the screen edges. Return early if the Y...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: e1000: fixed an out-of-bounds error in e1000tbishouldaccept In e1000tbishouldaccept, we read the last byte of the frame via “datalength - 1” to evaluate the TBI workaround. If the descriptor’s reported length is zero or greater...