18095 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ubifs: renamewhiteout: Fixed double-free of whiteoutui-data The variable whiteoutui-data will be freed twice if the space allocation fails during the rename operation. The process is as follows: 1. renamewhiteout: - dev = kmalloc...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: can:mcan:mcanreadfifo: fix memory leak in error branch In mcanreadfifo, if the second call to mcanfiforead fails, the function jumps to the outfail label and returns without calling mcanreceiveskb. This means that the skb...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/msm: Fixed the mmap function to include VMIO and VMDONTDUMP. In commit 510410bfc034 “drm/msm: Implement mmap as a GEM object function”, we switched to a new and cleaner approach for handling this issue. That’s good, but we...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mt76: mt7915: fixed NULL pointer dereferencing in mt7915getphymode Fixed the NULL pointer dereferencing in mt7915getPHYMode routine by adding an IBSS interface to the mt7915 driver. 101.137097 wlan0: Triggered a new scan to fi...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: A memory leak in getfilestreaminfo has been fixed...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iouring: Failure cancellation for EXITING tasks WARNING: CPU: 1, PID: 20; at fs/iouring.c:6269, iotrycanceluserdata+0x3c5/0x640; fs/iouring.c:6269. CPU: 1, PID: 20; Comm: kworker/1:0; Not tainted; 5.16.0-rc1-syzkaller 0. Workqueu...
Astra Linux – Vulnerability in gnupg1
Libgcrypt before version 1.7.8 is vulnerable to a cache-side-channel attack that can lead to a complete failure of the RSA-1024 algorithm. This attack occurs when the left-to-right method is used for computing the sliding-window expansion. It is believed that the same attack also works on the...
Astra Linux – Vulnerability in edk2
Improper configuration in the system firmware for EDK II may allow unauthenticated users to potentially enable privilege escalation, information disclosure, and/or denial of service through local access...
Astra Linux – Vulnerability in Poppler
A issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo...
Astra Linux – Vulnerability in libstb
stbimage.h also known as the stb image loader version 2.23 has a heap-based buffer overflow issue in stbitgaload, which can lead to information disclosure or denial of service...
Astra Linux – Vulnerability in unbound
Before version 1.9.5, Unbound allowed configuration injection in the createunboundadservers.sh script after a successful man-in-the-middle attack on a cleartext HTTP session. NOTE: The vendor does not consider this a vulnerability of the Unbound software. createunboundadservers.sh is a contribute...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
There are use-after-free vulnerabilities caused by a timer handler in the net/rose/rosetimer.c file of Linux, which allow attackers to crash the Linux kernel without any privileges...
Astra Linux – Vulnerability in Twisted
Twisted is an event-based framework for internet applications, compatible with Python 3.6+. Before version 22.4.0rc1, the Twisted Web HTTP 1.1 server, located in the twisted.web.http module, parsed several HTTP request constructs more leniently than allowed by RFC 7230. This non-conformant parsin...
Astra Linux – Vulnerability in Fribidi
A stack-based buffer overflow flaw was discovered in the Fribidi package. This flaw allows an attacker to deliver a specially crafted file to the Fribidi application, potentially leading to a memory leak or a denial of service...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ip: Fixed data races related to sysctlipprotsock. sysctlipprotsock is accessed concurrently, and there is always a chance of data races occurring. Therefore, both readers and writers require some basic protection to avoid...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ipv4: Fixed a data race around the sysctlfibmultipathuseneigh function. When modifying sysctlfibmultipathuseneigh, it is possible for multiple processes to change it concurrently. Therefore, we need to add READONCE to its read...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: IGMP: Fixed data races related to sysctligmpqrv. When reading sysctligmpqrv, it can be changed concurrently. Therefore, we need to add READONCE to its readers. This test can be incorporated into a helper module; such changes...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: IGMP: Fixed data races related to sysctligmpllmreports. When reading sysctligmpllmreports, it can be changed concurrently. Therefore, we need to add READONCE to its readers. This test can be incorporated into a helper function...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed issues related to data races around sysctltcpmtuprobing. When reading sysctltcpmtuprobing, it can be changed concurrently. Therefore, we need to add READONCE to its readers...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ip: Fixed a data race related to the sysctlipautobindreuse function. When reading sysctlipautobindreuse, it can be changed concurrently. Therefore, we need to add READONCE to its reader function...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Fixed a data race around the sysctltcpfwmarkaccept function. When reading sysctltcpfwmarkaccept, it can be changed concurrently. Therefore, we need to add a READONCE call to its reader function...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: spi: bcm2835: bcm2835spihandleerr: Fixed the issue of NULL pointer dereferencing for non-DMA transfers. If an IRQ-based transfer times out, the bcm2835spihandleerr function is called. Since commit 1513ceee70f2 “spi: bcm2835: Drop...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: gpio: gpio-xilinx: Fixed integer overflow issues. The current implementation cannot configure more than 32 pins due to an incorrect data type. Therefore, type casting using unsigned long is used to avoid this issue...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: KVM: Do not dereference ops-destroy directly. The cleanup of a KVM device occurs through either of two callbacks: 1 destroy, called when the VM is being destroyed; 2 release, called when a device file descriptor is closed. Most K...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Netfilter: conntrack – re-fetching of conntrack entries after insertion. In cases where conflicts occur between conntrack entries, the insertion operation can free the skb-nfct field, and set skb-nfct to the already-confirmed...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed issues related to data races around sysctltcpmaxreordering. When modifying sysctltcpmaxreordering, it’s possible for multiple changes to occur simultaneously. Therefore, we need to add READONCE to its readers...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ext4: Fix for a use-after-free in ext4renamedirprepare. We encountered the following issue: EXT4-fs loop0: Mounted a filesystem without a journal. Options: , errors=continue. ext4getfirstdirblock: bh-bdata=0xffff88810bee6000,...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: mdio: unexport init-annotated mdiobusinit EXPORTSYMBOL and init are a poor combination, as the .init.text section is freed after initialization. As a result, modules cannot use symbols annotated with init. Accessing a freed...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: altera: Fixed the reference count leak in alteratsemdiocreate. In every iteration of foreachchildofnode, the reference count of the previous node is decremented. When exiting a foreachchildofnode loop, we need to explicitly...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: A memory leak occurred in the flow rule processing at the commit path. The flow rule object was aborted during release, but the commit path did not handle this issue properly. The code has been updated to...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to perform sanity checks on inline inode. Yanming reported a kernel bug on Bugzilla Kernel 1, which can be reproduced. The bug message is as follows: The kernel message is displayed as follows: Kernel BUG at...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Firmware: dmi-sysfs: Fixed a memory leak in dmisysfsregisterhandle. kobjectinitandadd takes a reference even when it fails. According to the documentation for kobjectinitandadd: If this function returns an error, kobjectput mu...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: amt: fixed a possible memory leak in amtrcv If amt receives packets and finds a socket; if it cannot find a socket, it should free the received skb. However, this is not done, resulting in a possible memory leak...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ALSA: jack: Access to inputdev under a mutex It is possible when using ASoC that the inputdev is not properly registered while calling sndjackreport, which can lead to a NULL pointer derefrence. To prevent this type of serialized...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: rcu-tasks: Fixed a race condition in the schedule function and the flush work operation. When booting secondary CPUs, cpusreadlock/unlock does not keep the online cpumask stable. This temporary change in the online mask result...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: bpf: A potential array overflow has been fixed in bpftrampolinegetprogs. The cnt value in the cnt = BPFMAXTRAMPPROGS check does not include BPFTRAMPMODIFYRETURN bpf programs. As a result, the number of BPFTRAMPMODIFYRETURN bpf...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: The blockinvalidatefolio method was provided to fix a memory leak. The ntfs3 filesystem lacks the invalidatefolio method, which causes a memory leak. If you write to the filesystem and then unmount it, the cached writte...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Fixed a memory leak when thresholdcreatebank fails. In mcethresholdcreatedevice, if thresholdcreatebank fails, the previously allocated thresholdbanks array @bp will be leaked, because the call to...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: usb: isp1760: Fixed out-of-bounds array access issues Running the driver through KASAN reveals the following issues: BUG: KASAN: Global out-of-bounds access in isp1760register+0x180/0x70c Reading a size of 20 bytes from the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: sfc: fixed the issue where all channels had TX queues. Normally, all channels have both RX and TX queues. However, this is not true when modparam efxseparatetxchannels=1 is used. In such cases, some channels only have RX queue...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ubi: ubicreatevolume: Fixed a use-after-free issue when volume creation failed. There is a use-after-free problem related to ‘ebatbl’ in the error handling path of ubicreatevolume. c ubiebareplacetablevol, ebatbl vol-ebatbl = tbl...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: phy: qcom-qmp: Fixed the issue where the struct clk structure was leaked during probe errors. Be sure to release the pipe clock reference in case of a late probe error e.g., probe deferral...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: md: Do not set mddev’s private field to NULL in raid0 with pers-free. In a normal stop process, the following sequence of operations occurs: domdstop | mdstop pers-free; mddev-private=NULL | mdfree free mddev The mdstop function...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ext4: fixed a memory leak in parseapplysbmountoptions If processing the disk-mounted options fails after any memory has been allocated in the ext4FS context, such as for sqfnames, then this memory is leaked. This issue was...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed the bug in estreesearch Hulk Robot reported a BUG: kernel BUG at fs/ext4/extentsstatus.c:199! ... RIP: 0010:ext4esend fs/ext4/extentsstatus.c:199 inline RIP: 0010:estreesearch+0x1e0/0x260 fs/ext4/extentsstatus.c:21...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed issues related to data races around sysctltcpbasemss. When reading sysctltcpbasemss, it can be changed concurrently. Therefore, we need to add READONCE to its readers...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed issues related to data races around sysctltcpl3mdevaccept. When reading sysctltcpl3mdevaccept, it can be changed concurrently. Therefore, we need to add READONCE to its readers...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Tracing/histograms: Fixed the memory leak issue This issue is resolved through commit 46bbe5c671e06f070428b9be142cc4ee5cedebac. As mentioned in commit 46bbe5c671e0 “Tracing: fixed double-free”, the “double-free” problem reported ...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: xenvifrxnextskb: Avoid entering this function with an empty rx queue. xenvifrxnextskb expects that the rx queue is not empty. However, if the loop in xenvifrxaction performs multiple iterations, the availability of another skb in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: sysctl: Data race issues in procdouintvec have been fixed. A sysctl variable is accessed concurrently, and there is always a risk of a data race. Therefore, both readers and writers require some basic protection to avoid data...