Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: emu10k1: Fixed an out-of-bounds access in sndemu10k1pcmchannelalloc The voice allocator sometimes begins allocating from near the end of the array, and then wraps around. However, the sndemu10k1pcmchannelalloc function...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: The issue was that can: ucan: introduced an out-of-bound read in the strscpy function’s source code. Commit 7fdaf8966aae “can: ucan: use strscpy instead of strncpy” inadvertently resulted in an out-of-bound read of one byte from...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: ti-vpe: cal: Fixed a NULL pointer dereference in calctxv4l2initformats. In calctxv4l2initformats, devmkzalloc is assigned to ctx-activefmt, and there is a dereference of it afterward. This could lead to a NULL pointer...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: skbuff: In skbSegment, call zero-copy functions before using skbuff fragments. The commit bf5c25d60861 added the call to zero-copy functions in skbSegment. This change introduced a bug in skbSegment, as skborphanfrags may...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: virtio/vsock: Fixed an uninit-value issue in virtiotransportrecvpkt KMSAN reported the following uninit-value access issues: ===================================================== BUG: KMSAN: uninit-value in...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: mm/vmscan: fixed a bug that called wakeupkswapd with an incorrect zone index. When numa balancing is enabled, and a numa system is running where a numa node does not have its own local memory, causing it to have no managed...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mm/slub: Fixed the issue by returning errno if kmalloc fails. In createuniqueid, kmalloc, GFPKERNEL may fail due to out-of-memory conditions. If this happens, errno should be returned correctly instead of triggering a panic via...

Astra Linux – Vulnerability in ntfs-3g

A properly crafted NTFS image can lead to a out-of-bounds access vulnerability, caused by an unsanitized attribute length in ntfs inodelookupbyname, in NTFS-3G 2021.8.22...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: iavf: Fixed an out-of-bounds situation when setting channels during iavfremove. If the channels are set to a value greater than what is actually allocated, it will cause a timeout, and an error will be returned. However, the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fixed the KASAN global-out-of-bounds warning When running the “perf mem record” command on CWF, the following KASAN global-out-of-bounds warning was observed...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: meson: axg-card: fixed “use-after-free” issue The buffer “card-dailink” is reallocated in “mesoncardreallocatelinks”. Therefore, the initialization of the “pad” pointer should be moved after this function, when the memor...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Fixed a general protection fault in runismappedfull. ntfscreate inode: Fixed the deletion of a non-resident attribute...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: s390/ctcm: Fixed double-kfree issue. The function ‘mpcrcvdsweepreqmpcginfo’ is called conditionally from the function ‘ctcmpcunpackskb’. It frees the passed mpcginfo. After that, a call to the function ‘kfree’ within the function...

Astra Linux – Vulnerability in Linux 5.15

A issue was discovered in ksmbd within the Linux kernel versions 5.15 through 5.19, prior to 5.19.2. There is an out-of-bounds read and an OOPS error for SMB2write, when a large length is present in the zero DataOffset case. source-iocs-preserved const=SMB2WRITE...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/rds: fixed the possible null dereference of cp The cp parameter may be null. Calling cp-cpconn would result in a null dereference. Simon Horman adds: Analysis: cp is a parameter of rdsrdmamap and is not reassigned. The...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed an issue where the extent map was used after free, when adding pages to compressed Bio data structures. In the function addrabiopages, we access the extent map to calculate ‘addsize’. After dropping the reference to...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iouring/io-wq: The IOWQBITEXIT check is performed within the work run loop. Currently, this check is performed before running the pending work. Normally, this is completely fine, as the work items either end up blocking other tas...

Astra Linux – Vulnerability in Chromium

Before version 91.0.4472.164, using "after free" in WebSerial with Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cpufreq: The completion function is called before kobjectinitandadd. In cpufreqpolicyalloc, the uninitialized completion function is called in cpufreqsysfsrelease when kobjectinitandadd fails. This will cause a crash, such as a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: vdpa/vpvdpa: fixed an issue where the wrong pointer was passed as an argument to vpvdparemove. In vpvdparemove, the code kfree&vpvdpamgtdev-mgtdev.idtable uses a reference to a pointer as an argument to kfree. This is a wrong...