Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: The LPAR panics during bootup due to a frozen PE. During the LPAR bootup, the partition firmware provides the ibm,dma-window property for the PE. This property is provided on the PCI bus to which the PE is...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Fixed the handling of the RTAS MSRHV for the Cell. The recent changes in MSR handling when entering RTAS firmware caused crashes on IBM Cell machines. An example trace is as follows: The kernel attempted to execute ...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: The numconnectors field is incorrectly handled. The UCSI specification states that the numconnectors field consists of 7 bits, with the 8th bit reserved and should be set to zero. Some faulty firmware has been...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: serial: qcom-geni: Fix blocked task The changes made in commit 1afa70632c39 “serial: qcom-geni: Enable PM runtime for serial driver” and its dependent commit 86fa39dd6fb7 “serial: qcom-geni: Enable Serial on SA8255p Qualcomm...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mips: bmips: BCM6358 – Ensure that CBR is set correctly. It was discovered that some devices have the CBR address set to 0, causing kernel panic when archsyncdmaforcpuall is called. This issue occurs when the system is booted fro...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mm: Move page table sync declarations to linux/pgtable.h During our internal testing, we began observing intermittent boot failures when the machine uses 4-level paging and has a large amount of persistent memory: BUG: Unable to...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Block layer: The feature of freezing the request queue from within sysfs store callbacks has been removed. Freezing the request queue may cause a deadlock when combined with the dm-multipath driver and the queueifnopath option...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: go7007: fix a memleak in go7007loadencoder In go7007loadencoder, the variable bounce i.e., go-bootfw is allocated without subsequent deallocation. After the following call chain: saa7134go7007init | | - go7007bootencoder |...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Thermal: Intel: HFI – Added syscore callbacks for system-wide PM The kernel allocates a memory buffer and provides its location to the hardware, which uses it to update the HFI table. This allocation occurs during boot and remain...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mlxbf-bootctl: The sysfsemitat function was used in securebootfusestateshow. A warning is displayed when running the latest kernel on a BlueField SOC: 251.512704 ------------ Cut here ------------ 251.512711 Invalid sysfsemit:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: x86/tdx: Panics occur in cases of incorrect configurations involving access to “private” memory, resulting in a VE exception. All normal kernel memory is considered “TDX private memory”. This includes everything, from kernel...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: mips: bmips: BCM6358: disabled RAC flush for TP1 RAC flush causes kernel panics on BCM6358 with EHCI/OHCI when booting from TP1: 3.881739 usb 1-1: new high-speed USB device number 2 using ehci-platform 3.895011 Reserved...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: regulator: da9063: Fix for null pointer dereferencing in partial DT configurations. When some of the da9063 regulators do not have corresponding DT nodes, a null pointer dereference occurs during bootup. This happens because such...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: x86/ioremap: Maps EFI-reserved memory as encrypted for SEV. Some drivers require memory that is marked as EFI boot services data. To prevent this memory from being reused by the kernel after ExitBootServices, efimemreserve is use...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: “mmc: dwmmc: Fix IDMAC operation with pages larger than 4K” The commit 8396c793ffdf “mmc: dwmmc: Fix IDMAC operation with pages larger than 4K” increased the maxreqsize, even for 4K pages, causing various issues: - Panic during...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Validates the BOOT recordsize field. When the NTFS BOOT recordsize field is less than 0, it represents a shift value. However, there is no sanity check on the shift result, and the sbi-recordbits calculation using...

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2 in versions prior to 2.06. During USB device initialization, descriptors are read without sufficient bounds checking, assuming that the USB device provides valid values. If exploited properly, an attacker could cause memory corruption, leading to arbitrary code...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed the bug in estreesearch caused by an invalid boot loader inode. We have the following issues: kernel BUG at fs/ext4/extentsstatus.c:203! invalid opcode: 0000 1 PREEMPT SMP CPU: 1 PID: 945 Comm: cat Not tainted...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: s390/vmem: Split pages when debug pagealloc is enabled. Since commit bb1520d581a3 “s390/mm: Start kernel with DAT enabled”, the kernel crashes early during boot when debug pagealloc is enabled. Symptoms: - Memory initialization:...

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module that serves as a dependency without checking whether any other dependent modules are still loaded, leading to a “use-after-free” scenario. This could allow arbitrary code to be...