17618 matches found
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: nullblk: The issue of kmemleak was fixed by releasing references to fault-configfs items. When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating configfs items such as...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: bitblit: In the bitPutcs function, the bound-check glyph index was derived from the character value masked by 0xff or 0x1ff. This may lead to reading beyond the end of the built-in font array, exceeding the actual number o...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: GPU: host1x – Fixed a race condition in syncptalloc and syncptfree. A race condition occurred between host1xsyncptalloc and host1xsyncptput, which was addressed by using krefputmutex instead of krefput plus manual mutex locking...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: smc91x: fixed a broken irq-context in PREEMPTRT When smc91x.c is built with PREEMPTRT, the following error occurs in FVPRevC: 13.055000 smc91x LNRO0003:00 eth0: link up, 10Mbps, half-duplex, lpa 0x0000 13.062137 BUG: The workqueu...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: vhost-scsi: Fixed the handling of multiple calls to vhostscsisetendpoint. If vhostscsisetendpoint is called multiple times without a vhostscsiclearendpoint between them, we may encounter several bugs identified by Haoran Zhang...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: smb/server: Fixed the reference count leak in smb2open. When ksmbdvfsgetattr fails, the reference count of ksmbdfile must be released...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: ACPI: APEI: Send SIGBUS to the current task if a synchronous memory error is not recovered. If a synchronous error is detected due to a user-space process triggering a 2-bit uncorrected error, the CPU will raise an exception,...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: interconnect: debugfs: initializing srcnode and dstnode to empty strings The debugfscreatestr API assumes that the string pointer is either NULL or points to valid kmalloc memory. Leaving the pointer uninitialized can cause...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ext4: The issue in parseapplysbmountoptions where string copying was corrected. strncpypad cannot be used to copy a non-NUL-terminated string into a NUL-terminated string of possibly larger size. Commit 0efc5990bca5 "string.h:...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: xfs: fixed a UAF Use-after-Free in xchkbtreecheckblockowner. We cannot dereference bs-cur when trying to determine whether bs-cur aliases bs-sc-sa.bno,rmapcur after the latter has been freed. This issue was fixed by introducing a...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: i3c: dw: Fixed a memory leak in dwi3cmasteri2cxfers The dwi3cmasteri2cxfers function allocates memory for the xfer structure using dwi3cmasterallocxfer. If pmruntimeresumeandget fails, the function returns without freeing the...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Use kvfree instead of kfree in amdgpugmcgetnpsmemranges. The amdgpudiscoverygetnpsinfo function internally allocates memory for ranges using kvcalloc, which may use vmalloc for large allocations. Using kfree to releas...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed an issue where engid could be negative, causing the streamenc regs array to be indexed out of bounds. The variable engid is used directly as an index into the streamenc regs array, which has only 5 elements...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Avoid NULL pointer dereferencing for evicted BOs It is possible for a BO to exist that is not currently associated with a resource, for example, because it has been evicted. When devcoredump attempts to read the contents...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: TC, delete flows only for existing peers When deleting TC steering flows, iterate only over actual devcom peers instead of assuming all possible ports exist. This avoids touching non-existent peers and ensures that...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ftrace: The soft lockup issue in ftracemoduleenable has been fixed. A soft lockup was observed when loading the amdgpu module. If a module contains many functions that can be traced, multiple calls to kallsymslookup may take too...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fixed a null dereference in aggdequeue. To prevent a potential crash in aggdequeue when cl-qdisc-ops-peekcl-qdisc returns NULL, we check the returned value before using it, similar to the existing approach in...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: spi: fsl-cpm: Length parity checks were performed before switching to 16-bit mode. The commit fc96ec826bce “spi: fsl-cpm: Use 16-bit mode for large transfers with even size” failed to ensure that the size of the data transfer was...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: NFSD: The free copynotify stateid in nfs4freeolstateid has been fixed. Typically, the copynotify stateid is freed either when the parent’s stateid is being closed/freed, or in nfsd4laundromat if the stateid has not been used duri...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: net: ipv6: Fixed warnings related to memcpy operations that span multiple fields in the AH output. These warnings occur when extension headers are copied to IPv6 address fields, causing Fortify-string warnings regarding writes...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: crypto: starfive – Properly handles the return of sgnentsforlen The return value of sgnentsforlen was assigned to a unsigned long in starfivehashdigest, causing negative error codes to be converted into large positive integers...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: bpf: Check skb-transportheader is set in bpfskbcheckmtu. The bpfskbcheckmtu helper needs to use skb-transportheader when the BPFMTUCHKSEGS flag is used: bpfskbcheckmtuskb, ifindex, &mtulen, 0, BPFMTUCHKSEGS. The transportheader i...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Always detect conflicting inodes when logging inode refs. After a rename operation either through the rename exchange operation or through regular renames in multiple non-atomic steps, when two inodes are renamed and at...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fixed a NULL pointer dereferencing in amdgpugmcfilterfaultsremove. On APUs such as Raven and Renoir GC 9.1.0, 9.2.2, 9.3.0, the ih1 and ih2 interrupt ring buffers are not initialized. This is by design, as these...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: dmaengine: idxd: Fixed device leaks during the compat bind and unbind operations. Make sure to remove the references to the idxd device when using the compat bind and unbind sysfs interfaces...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Input: croseckeyb – fix an invalid memory access If the croseckeybregistermatrix function is not called due to “buttonsswitchesonly” in croseckeybprobe, ckdev-idev remains NULL. An invalid memory access is observed in...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: NFS: Fixed a deadlock involving nfsreleasefolio Wang Zhaolong reported a deadlock involving NFSv4.1 state recovery, waiting on kthreadd, which attempts to reclaim memory by calling nfsreleasefolio. The latter cannot proceed due t...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: Avoid scheduling the deletion of associations twice. When forcibly shutting down a port via the configfs interface, nvmetportsubsysdroplink first calls nvmetportdelctrls, and then nvmetdisableport. Both functions will...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: s390/ctcm: Fixed double-kfree issue. The function ‘mpcrcvdsweepreqmpcginfo’ is called conditionally from the function ‘ctcmpcunpackskb’. It frees the passed mpcginfo. After that, a call to the function ‘kfree’ within the function...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: clk: samsung: exynos-clkout: Assign .num before accessing .hws The commit f316cdff8d67 annotated the hws member of the struct clkhwonecelldata with countedby. This informs the bounds sanitizer UBSANBOUNDS about the number of...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ksmbd: A memory leak was fixed in getfileallinfo. In getfileallinfo, if vfsgetattr fails, the function returns immediately without freeing the allocated filename, resulting in a memory leak. This issue was fixed by freeing the...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu – added a bounds check in the putuser loop for DSP events. In the DSP event handling code, the putuser loop copies event data. When the user buffer size is not aligned to 4 bytes, it may overwrite data beyond...
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurred in the RDPGFX ClearCodec decode path, where maliciously crafted residual data caused out-of-bounds writes during color output. A malicious server could trigger thi...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Added a missing lock in cfg80211checkandendcac. Callers of wdevchandef must hold the wiphy mutex. However, the worker function cfg80211propagatecacdonewk never holds the wiphy mutex. This triggers the following...
Astra Linux – Vulnerability in grub2
A vulnerability has been identified in the GRUB2 bootloader’s normal command, posing an immediate Denial of Service DoS risk. This flaw is a Use-after-Free issue, caused by the fact that the normal command is not properly unregistered when the module is unloaded. An attacker who can execute this...
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfAppUpdateWindowFromSurface read data from a freed xfAppWindow, because the RDPGFX DVC thread obtained a bare pointer via xfrailgetwindow without any lifetime protection. Meanwhile, the main thread could...
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.1, the NDR array reader in RDPEAR did not perform bounds checking on the number of on-wire elements, and could write beyond the heap buffer allocated from hints, resulting in a heap buffer overflow in...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: In btusb, there is an issue where the cleanup operations during btusbdisconnect are not performed in the correct order, leading to a Use-After-Free UAF condition. There is also a KASAN issue in btusbdisconnect: A re...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Added a signal type check for dcn401 getphyd32clksrc Attempting to access link enc on a dpia link will cause a crash...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: bpf: It is necessary to preserve the id of the register in the synclinked regs function. The synclinked regs function copies the id of knownreg to reg when propagating the bounds of knownreg to reg, using the offset of knownreg...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: The code for radeonfenceprocess has been removed in issignaled, preventing deadlocks. The attempt to advance the queue when checking whether the fence is signaled has been eliminated. This prevents deadlocks. The...
Astra Linux – Vulnerability in imagemagick
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a continue statement in the JPEG extent binary search loop in the jpeg encoder caused an infinite loop when writing persistent errors. An attacker could trigger...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: “smack”: fixed a bug where an unprivileged task could create labels. If an unprivileged task is allowed to relabel itself "/smack/relabel-self is not empty", it can freely create new labels by writing their names into its own...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Avoid invalid reads in irdmanetevent. The irdmanetevent function should not dereference anything from “neigh” alias “ptr” until it has checked that the event is of type NETEVENTNEIGHUPDATE. Other events are pointed to...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ublk: Fix for deadlock when reading the partition table When a process such as udev opens the ublk block device to read the partition table using bdevopen, a deadlock can occur: 1. bdevopen grabs the disk-openmutex. 2. The proces...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: schedext: A potential deadlock has been fixed in deferredirqworkfn. For PREEMPTRT=y kernels, deferredirqworkfn is executed in the per-cpu irqwork/ task context, and not in disable-irq. If the rq returned by containerof is the...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Added a call to putpid. Added a call to putpid corresponding to gettaskpid. host1xmemorycontextalloc does not take ownership of the PID; therefore, we need to free it here to avoid leaks. [email protected]: reword...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: fbcon: Set fbdisplayi-mode to NULL when the mode is released. Recently, we discovered the following issue through syzkaller: BUG: KASAN: Slab-use-after-free in fbmodeisequal+0x285/0x2f0 A read of size 4 at address ff11000001b3c69...
Astra Linux – Vulnerability in xwayland, xorg-server
A flaw was discovered in the X.Org X server’s validation of XKB key type requests. A local attacker could send a specially crafted request to the X server, leading to a vulnerability where out-of-bounds memory access could occur. This could result in the disclosure of sensitive information or cau...
Astra Linux – Vulnerability in xwayland, xorg-server
A flaw was discovered in the X.Org X server. This vulnerability, an out-of-bounds read, affects the handling of XKB X Keyboard Extension modifier maps. An attacker with access to the X11 server can exploit this by sending a malformed request, causing the server to read beyond its intended memory...