Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: exfat: A memory leak has been fixed in exfatloadbitmap. If the first directory entry in the root directory is not a bitmap directory entry, the variable ‘bh’ will not be released and reassigned, which will cause a memory leak...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: cxl: Fixed a memory leak in the error handling path. The bitmapzalloc function must be balanced with a corresponding bitmapfree function in the error handling path of afuallocateirqs...

Astra Linux - уязвимость в htmldoc

A buffer under-reading issue based on stacks in the htmldoc before version 1.9.12 allows attackers to cause a denial of service by using a crafted BMP image with the imageloadbmp function...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Additional checks have been added in niclear. The addition of a check for NTFSFLAGSLOGREPLAYING prevents access to the uninitialized bitmap during the replay process...

Astra Linux - уязвимость в openimageio

There are multiple denial-of-service vulnerabilities in the image output closing functionality of the OpenImageIO Project’s OpenImageIO v2.4.4.2. specially crafted ImageOutput Objects can lead to multiple null pointer dereferences. An attacker can provide malicious inputs to exploit these...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: A overflow issue was addressed in the bitmapipcreate function. When firstip is 0, lastip is 0xFFFFFFFF, and the netmask is 31, the value of an arithmetic expression 2 netmask - maskbits - 1 is susceptible to...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Tracing: Prevent an incorrect count for tracingcpumaskwrite. If a large count is provided, it will trigger a warning in bitmapparseuser. Also, check for zero values as well...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: md/raid10: check slab-out-of-bounds in mdbitmapgetcounter If we write a large number to md/bitmapsetbits, mdbitmapcheckpage will return -EINVAL because ‘page = bitmap-pages’. However, the returned value was not checked immediatel...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: The issue related to null-ptr-deref in bitmapparselist has been fixed. A crash was observed with the following output: BUG: NULL pointer dereferencing in the kernel; address: 0000000000000010 Oops: 0000 1 SMP NOP...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: md/md-bitmap: corrected incorrect usage of sbindex The commit d7038f951828 "md-bitmap: do not use -index for pages backing the bitmap file" removed page-index from the bitmap code. However, incorrect code logic remained in...

Astra Linux - уязвимость в freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, deleting offscreen bitmaps caused gdi-drawing to point to freed memory, leading to UAF when related update packets arrived. A malicious server could trigger client-side use after the objects were freed,...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: udf: Avoid excessive partition sizes. Avoid mounting file systems where the partition would overflow the 32-bit range used for block numbers. Also, refuse to mount file systems where the partition size is so large that it is...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: hfs: fixed the KMSAN uninit-value issue in hfsfindsetzerobits The syzbot reported an issue in hfsfindsetzerobits: ===================================================== BUG: KMSAN: uninit-value in hfsfindsetzerobits+0x74d/0xb60...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: f2fs: A fix was made to avoid using f2fsbugon in f2fsnewnodepage. As reported by Dipanjan Das , syzkaller discovered a bug in f2fs as follows: RIP: 0010:f2fsnewnodepage+0x19ac/0x1fc0 fs/f2fs/node.c:1295 Call Trace: writeallxattrs...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: CGX: fix bitmap leaks The RX/TX flow-control bitmaps rxfcpfvfbmap and txfcpfvfbmap are allocated by cgxlmacinit, but never freed in cgxlmacexit. Unbinding and rebinding the driver therefore triggers a kmemleak:...

Astra Linux - уязвимость в poppler, poppler-22

Before version 25.04.0, crafted input files could cause out-of-bounds reads in the JBIG2Bitmap::combine function within JBIG2Stream.cc, due to an improperly placed isOk check...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: iommufd/iovabitmap: Fixed a out-of-bounds situation in iovabitmapoffsettoindex. A UBSAN out-of-bounds issue was addressed in iovabitmapoffsettoindex. Shifting the constant “1” of type int by bitmap-mapped.pgshift a unsigned long...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Use the number of bits to manage bitmap sizes To allocate bitmaps, the mpi3mr driver calculates the sizes of bitmaps using bytes as the unit. However, bitmap helper functions assume that bitmaps are allocated using...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid dividing by 0 in the mbupdateavgfragmentsize function when the block bitmap is corrupted. Determine whether to set bbfragments to 0 instead of determining bbfree to eliminate the risk of dividing by zero when the bloc...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Reject index allocation if $BITMAP is empty but index blocks exist. Index allocation requires at least one bit in the $BITMAP attribute to track the usage of index entries. If the bitmap is empty while index blocks are...