Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Refresh the inline data size before write operations The cached ei-iInlineSize can become stale between the initial size check and when ext4updateInlineData/ext4createInlineData use it. Although ext4getmaxInlineSize reads t...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Fixed an out-of-bounds access when allocating config buffers When allocating the 2D array for handling IRQ type registers in regmapaddirqchipfwnode, the intention is to allocate a matrix with numconfigbases rows and...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: jbd2: avoided the bugon in jbd2journalgetcreateaccess when the file system is corrupted. The issue occurs when the file system is corrupted: ------------ cut here ------------ Kernel BUG at fs/jbd2/transaction.c:1289! Oops:...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoided potential dereferencing of error pointers in stihqvdpatomiccheck. The return value of drmatomicgetcrtcstate needs to be checked. This is done to avoid using the error pointer ‘crtcstate’ in case of a failure...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix for a race condition in devmap on PREEMPTRT On PREEMPTRT kernels, the per-CPU xdpdevbulkqueue bq can be accessed concurrently by multiple preemptible tasks on the same CPU. The original code assumes that bqenqueue and...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: xsk: fixed the refcount underflow in the error path. This fix addresses a refcount underflow issue reported by syzbot, which can occur when the system runs out of memory. If xpalloctxdescs fails—and it can only fail due to...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ethtool: Fixed an issue where the uninitialized number of lanes was used. It is not possible to set the number of lanes when adjusting link modes using the legacy IOCTL ethtool interface. Since the structure struct...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Netfilter: Use getrandomu32 instead of prandom. This issue may occur when updating the per-cpu rndstate from the user context, i.e., at the localout path. BUG: Using smpprocessorid in preemptible 00000000 code: nginx/2725 Caller:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: brwifi: brcmfmac – Fixed a potential kernel error when the probe function fails. When the probe of the sdio brwifi brcmfmac device fails for certain reasons e.g., missing firmware, the sdiodev-bus is set to “error” instead ...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fixed UBSAN array-index-out-of-bounds issues for Polaris and Tonga. For pptable structures that use flexible array sizes, use flexible arrays instead...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: clk: hisilicon: hi3559a: A mistake in the devmkfree function has been fixed. pclk is an array allocated just before the for loop for all clk elements that need to be registered. It is incremented at each loop iteration. If a...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Memory: Fixed the refcount leak issue in oflpddr3getddrtimings. We should add the ofnodeput function when exiting from foreachchildofnode, as it will automatically increase and decrease the refcount...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: The issue in the j1939tptxdatnew function could lead to out-of-bounds memory access if the size of skb-cb is larger than the size of struct j1939skbuffcb. This occurs because the memcpy operation uses the size of skb-cb, causing ...

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, there was a format string bug vulnerability in the InterpretImageFilename function, where user input was directly passed to FormatLocaleString withou...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: dm-bufio: fixed scheduling in atomic context If “tryverifyintasklet” is set for dm-verity, and DMBUFIOCLIENTNOSLEEP is enabled for dm-bufio. However, when bufio attempts to evict buffers, there is a possibility of triggering...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: soundwire: Reverted “soundwire: qcom: Add setchannelmap API support”. This reversion corresponds to commit 7796c97df6b1b2206681a07f3c80f6023a6593d5. This patch caused issues with Dragonboard 845c sdm845. The following errors...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Check for any of the tcpbpfprots when cloning a listener. A listening socket linked to a sockmap has its skprot overridden. It points to one of the struct proto variants in tcpbpfprots. This variant depends on the...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid use-after-free in ext4extshowleaf In ext4findextent, the path may be freed by an error or reallocated. Therefore, using a previously saved ppath may have already been freed, thereby potentially causing a use-after-fre...

Astra Linux – Vulnerability in uriparser

A issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: codetag: debug: handling the CODETAGEMPTY value in markobjextsempty for slabobjext. When allocslabobjexts fails and then successfully allocates a slab extension vector, it calls handlefailedobjextsalloc to mark all objects in the...