Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Discard Beacon frames sent to non-broadcast addresses Beacon frames are required to be sent to the broadcast address, see IEEE Std 802.11-2020, 11.1.3.1 “The Address 1 field of the Beacon frame shall be set to the...

Astra Linux - уязвимость в linux, linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fixed a potential “struct net” leak in inet6rtmgetaddr. It appears that if the user space provides a correct IFATARGETNETNSID value, but no IFAADDRESS or IFALOCAL attributes are set, inet6rtmgetaddr will return -EINVAL, alo...

Astra Linux - уязвимость в zabbix

The URL validation scheme receives input from a user and then parses it to identify its various components. This validation scheme ensures that all URL components comply with internet standards...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: amdgputtmgartbind set gtt bound flag Otherwise, after the GTT context is released, the GTT and gart space are freed. However, amdgputtmbackendunbind does not clear the gart page table entry, leaving a valid mapping...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fixed the calculation of the base address in the function kvmeiointc regsaccess. In the function kvmeiointc regsaccess, the base address of the register is calculated by adding an offset to the array base address...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: vdpasimblk: The number of address spaces and virtqueue groups was set. The commit bda324fd037a “vdpasim: control virtqueue support” added two new fields nas, ngroups to vdpasimdevattr. However, we forgot to initialize these field...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: x86/mm, kexec, ima: Use memblockfreelate instead of imafreekexecbuffer. The code that calls imafreekexecbuffer is executed long after the memblock allocator has already been removed. This may lead to a use-after-free in...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: fixed a null dereference issue in the parse of dev addr operation. A logical error was addressed, which could lead to a null dereference if the mode is set incorrectly for the given addr type...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: PowerPC: Fixed virtaddrvalid for 64-bit Book3E and 32-bit systems. MPE: On 64-bit Book3E, the vmalloc space starts at 0x8000000000000000. Due to the way pa works, we have: pa0x8000000000000000 == 0, and therefore...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: usb: mtu3: fix listhead check warning This issue is caused by the uninitialization of listhead. Bug: KASAN: use-after-free in listdelentryvalid+0x34/0xe4. Call trace: dumpbacktrace+0x0/0x298 showstack+0x24/0x34...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: lpass: Fix for KASAN use-after-free out of bounds. When we run syzkaller, we encounter an Out of Bounds error. The specific error message is: “KASAN: slab-out-of-bounds Read in regcacheflatread”. The issue can be traced as...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in the .notes section. When building with CONFIGXENPV=y, .text symbols are emitted into the .notes section so that Xen can find the “startupxen” entry point. This information is used before booting...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: rndishost: The secure rdrisquery check prevents integer overflow. The variables off and len, which are typed as uint32 in the rdrisquery function, are controlled by the incoming RNDIS response message. Therefore, their value...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: gfs2: Prevent recursive memory reclamation The function new inode returns a new inode with inode-imapping-gfpmask set to GFPHIGHUSERMOVABLE. This value includes the GFPFS flag, so allocations in that address space can recursively...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: riscv: Fixed the issue of loading 64-bit NOMMU kernels beyond the start of RAM. The commit 3335068f8721 “riscv: Use PUD/P4D/PGD pages for the linear mapping” added logic to allow using memory below the kernel’s load address...

Astra Linux - уязвимость в freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.22.0, the sdlPointerNew function freed memory upon failure. However, after that function called pointerfree, it would call sdlPointerFree to free the memory again, triggering a Universal Address Fault UAF in ASan...

Astra Linux - уязвимость в glibc

On the x86-64 architecture, the GNU C Library also known as glibc prior to version 2.31 fails to ignore the LDPREFERMAP32BITEXEC environment variable during program execution after a security transition. This allows local attackers to restrict the possible mapping addresses for loaded libraries,...

Astra Linux - уязвимость в curl

libcurl accidentally skips the certificate verification for QUIC connections when connecting to a host specified as an IP address in the URL. As a result, it does not detect impostor attacks or man-in-the-middle attacks...

Astra Linux - уязвимость в thunderbird

An attacker could create a malicious link that uses bidirectional characters to spoof the location in the address bar when visited. This vulnerability affects Firefox 117, Firefox ESR 115.4, and Thunderbird 115.4.1...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: cfg80211 – Reject authentication/association requests to APs using our own address. If the AP uses our own address as its MLD Media Access Layer address or BSSID Basic Service Set Identifier, then something is clearly wrong...