18095 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix insufficient bounds propagation from adjustscalarminmaxvals Kuee reported a corner case where the tnum becomes constant after the call to regboundoffset, but the bounds of the register are not correct. In particular, its...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbopen/close: fixed a memory leak. The gsusb driver appears to have a problem common to many USB CAN adapter drivers. It performs usballoccoherent to allocate a number of USB Request Blocks URBs for reception, and...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanreadfifo,echotxevent: The shift timestamp is now set to full 32 bits. In commit 1be37d3b0414 “can: mcan: fix periph RX path: use rx-offload to ensure that packets are sent from the softirq context”, the RX path for...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mptcp: fixed a race condition related to unaccepted mptcp sockets. When the listener socket that owns the relevant request is closed, it frees the unaccepted subflows, which leads to the later deletion of the paired MPTCP sockets...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: exynos-ppmu: Fixed a refcount leak in the ofgetdevfreqevents function. The ofgetchildbyname function returns a node pointer with a refcount incremented. We should use ofnodeput on this pointer after execution. This...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/cm: Fixed a memory leak in ibcminsertlisten. The function cmallocidpriv allocates resources for the cmidpriv. When cminitlisten fails, it does not free those allocated resources, resulting in a memory leak. Added missing...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: linux/dim: Fixed a division by zero error in RDMA DIM. This error occurred when prev-cperatio == 0, and the function rdmadimstatscompare was called. CallTrace: Hardware name: H3C R4900 G3/RS33M2C9S, BIOS 2.00.37P21 03/12/2020...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: power/reset: arm-versatile: The refcount leak in versatilerebootprobe has been fixed. The function offindmatchingnodeandmatch returns a node pointer with a refcount incremented. We should use ofnodeput on this pointer when it is ...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: pinctrl: ralink: Check for a null return from devmkcalloc. Due to the potential failure of the allocation, data-domains might be a NULL pointer, and this could lead to the dereferencing of a NULL pointer later. Therefore, it migh...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. Additionally, add a number of comments to attempt to document the current state of knowledge regarding RSB attacks and exactly what is...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: pinctrl: aspeed: Fixed a potential NULL dereferencing in aspeedpinmuxsetmux. pdesc could potentially be null, but still, dereferencing pdesc-name would lead to a NULL pointer access. Therefore, we moved a null check before the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: sfp: fixed a memory leak in sfpprobe The sfpprobe function allocates a memory chunk from the sfp structure using sfpalloc. When devmaddaction fails, the sfp structure is not freed, resulting in a memory leak. We should use...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: tipc: fixed a possible refcount leak in tipcskcreate Free sk in case tipcskinsert fails...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: cpufreq: pmac32-cpufreq: Fixed a refcount leak issue. In pmaccpufreqinitMacRISC3, we need to add the corresponding ofnodeput function for the three node pointers whose refcount has been incremented by offindnodebyname...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: nexthop: Fixed issues related to data races around nexthopcompatmode. While reading nexthopcompatmode, it can be changed concurrently. Therefore, we need to add READONCE to its readers...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net: stmmac: fixed leaks in the probe. These two error paths should be cleaned up before returning...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: raw: Fixed a data race around sysctlrawl3mdevaccept. When reading sysctlrawl3mdevaccept, it can be changed concurrently. Therefore, we need to add READONCE to its reader function...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: cipso: Fixed data races related to sysctl. When reading sysctl variables, they can be changed concurrently. Therefore, we need to add READONCE to avoid data races...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: - For soc: bcm: brcmstb: pm: pm-arm – A refcount leak in brcmstbpmprobe was fixed. - In the function offindmatchingnode, a node pointer is returned with a refcount incremented. We should use ofnodeput on it when there is no...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ARM: exynos: Fixed a refcount leak in exynosmappmu. offindmatchingnode returns a node pointer with a refcount incremented. We should use ofnodeput on it when there is no longer a need for it. Added ofnodeput to avoid the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: afs: Fixed dynamic root getattr The recent patch to modify afagetattr to consult the server did not take into account the pseudo-inodes used by the dynamic root-type afa superblock. As a result, there was no way for the superbloc...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: erspan: Do not assume that the transport header is always set. Rewrite the tests for ip6erspantunnelxmit and erspanfbxmit to not assume that the transport header is set. syzbot reported: WARNING: CPU: 0 PID: 1350 at...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed the requestsock leak in sk lookup helpers A customer reported a requestsocket leak in a Calico cloud environment. We found that a BPF program was performing a socket lookup, taking a reference count of the socket. It w...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: filemap: Handle sibling entries in filemapgetreadbatch. If a read race occurs with an invalidation followed by another read, it is possible for a folio to be replaced with a higher-order folio. If this happens, we will see a...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: mm/slub: Added missing TID updates when the slab is deactivated. The fastpath in slaballocnode assumes that c-slab remains stable as long as the TID remains the same. However, there are two places in slaballoc where the TID is...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: remoteproc: qcomq6v5mss: Some leaks have been fixed in q6v5allocmemoryregion. The devicenode pointer is returned by ofparsephandle or ofgetchildbyname, and its reference count is incremented. We should use ofnodeput on it after...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: clk-rcg2: Update the logic to calculate the D value for RCG. The display pixel clock has a requirement on certain newer platforms to support M/N as 2/3, and the final D value calculated results in underflow errors. As...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mxser: fixed the xmitbuf leak in activate when LSR == 0xff. When LSR is 0xff during the call to -activate, we return an error. It’s important to note that the -shutdown function is not called when -activate fails. In this case,...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: afnetlink: Fixed an out-of-bounds shift in the group mask calculation When a netlink message is received, netlinkrecvmsg fills in the address of the sender. One of the fields is the 32-bit bitfield nlgroups, which carries the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: btmtksdio: Fixed a kernel oops in btmtksdiointerrupt. Fixed the following kernel oops in btmtksdiointerrrupt: 14.339134 btmtksdiointerrupt+0x28/0x54 14.339139 processsdiopendingirqs+0x68/0x1a0 14.339144...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Prevention of certain integer underflows My static checker reports the following issue: drivers/infiniband/hw/irdma/ctrl.c:3605 irdmascceqinit Warning: Can subtract underflow for ‘info-dev-hmcfpmmisc.maxceqs’? It seem...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: bpf, sockmap: Fixed a memory leak in tcpbpfsendmsg when skmsg is full. If tcpbpfsendmsg is running while skmsg is full, and skmsgalloc returns an -ENOMEM error, tcpbpfsendmsg will enter a waitformemory state. If part of the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: MIPS: pgalloc: fixed a memory leak caused by pgdfree The pgd page is freed by the generic implementation pgdfree since commit f9cb654cb550 „asm-generic: pgalloc: provides a generic pgdfree”, however, there are scenarios in which...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: dax: Make sure that inodes are flushed before destroying the cache. A bug can be triggered by executing the following command: $ modprobe ndpmem && modprobe -r ndpmem The following error messages were recorded: 10.060014 BUG...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fixed potential crashes during module unloading. The vmbus driver relies on the panic notifier infrastructure to perform certain operations when a panic event is detected. Since vmbus can be built as a module,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fixed the initialization of the device object in vmbusdeviceregister. Initialized the device’s dmamask,parms pointers and the device’s dmamask value before invoking deviceregister. This issue was addressed in...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: virtioconsole: removed the anonymous moduleinit and moduleexit functions. These anonymous functions can cause confusion or ambiguity when reading the System.map file, or may lead to crashes, oopses, or bugs. Additionally, they...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: Fixed memory leaks in the probe code. Handled the error branches to free memory where necessary. Addressing-Coverity-ID: 1491825 “Resource leak”...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fixed a memory leak in pm8001chipfwflashupdatereq In pm8001chipfwflashupdatebuild, if pm8001chipfwflashupdatebuild fails, the struct fwcontrolex allocated must be freed...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/nldev: Prevent underflow in nldevstatsetcounterdynamicdoit. This code checks that the “index” has an upper limit, but it does not check for negative values. Changing the data type to unsigned will prevent underflow issues...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mptcp: The crash occurred when performing a pressure test on mptcp. The following error occurred: dstrelease: dst: ffffa06ce6e5c058 refcnt: -1 The kernel attempted to execute a NX-protected page – an attempt to exploit a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mips: cdmm: Fixed the refcount leak in mipscdmmphysbase. The offindcompatiblenode function returns a node pointer with the refcount incremented. We should use ofnodeput on it after processing. Also, add the missing ofnodeput to...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: drm/msm/dp: populate the connector of the struct dppanel structure. In the DP CTS test case 4.2.2.6, the edid has a valid checksum, but the checksum is intentionally incorrect. It is expected that the DP source returns a corre...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed a bug in btf DeclTag when tagging a function. syzbot reported a bug in btf DeclTag with a stack trace as follows: - General protection fault, likely for the non-canonical address 0xdffffc0000000000: 0000 1 PREEMPT SMP...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fixed a possible null pointer dereferencing issue. In radeonfpnativemode, the return value of drmmodeduplicate is assigned to mode, which could lead to a NULL pointer dereferencing issue upon failure of...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm: mxsfb: Fix NULL pointer dereference mxsfb should never dereference a NULL pointer, as drmatomicgetnewbridgestate may return such a pointer. Instead, a fixed format should be used instead...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ovl: Fixed a NULL pointer dereference issue in the copy-up warning message. This patch addresses a NULL pointer dereference that caused a recently introduced warning message to fail...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: EFI: Runtime: Avoid EFIv2 runtime services on Apple x86 machines Aditya reports that his recent MacBookPro crashes during firmware updates when variable services are used at runtime. The culprit seems to be a call to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bpf: Protection against accessing NULL pt regs in bpfgettaskstack The taskptregs function can return NULL on the powerpc architecture for kernel threads. This NULL value is then used in bpfgetstack to check for the user mode...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/smc: Avoid overwriting the copies of clcsock callback functions. The clcsock callback functions will be saved and replaced during the fallback process. However, if the fallback occurs more than once, the copies of these...