Astra Linux - уязвимость в wpa

Implementations of EAP-pwd in hostapd before version 2.10 and wpasupplicant before version 2.10 are vulnerable to side-channel attacks due to cache access patterns. NOTE: This issue exists because of an incomplete fix for CVE-2019-9495...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to avoid updating zero-sized extents in the extent cache. As reported by syzbot: F2FS-fs loop0: updateextenttreerange: extent len is zero, type: 0, extent 0, 0, 0, age 0, 0. ------------ Cut here ------------ Kernel b...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ext4: The bug related to delayed allocation was fixed in ext4clumapped for bigalloc and inline scenarios. When converting files with inline data to extents, delayed allocations made on a file system created with both bigalloc and...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mm: Use memallocnofssave in pagecacheraorder See commit f2c817bed58d “mm: Use memallocnofssave in readahead path”. Ensure that pagecacheraorder does not attempt to reclaim file-backed pages too often, as this can lead to a...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: dm cache: Fixed UAF in destroy Dmcache also has the same UAF issue when dmresume and dmdestroy are executed concurrently. Therefore, the timer is cancelled again in destroy...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: “Revert ‘f2fs: fix to do sanity check on extent cache correctly’” The syzbot reports a bug in f2fs as follows: UBSAN: Array-index-out-of-bounds in fs/f2fs/f2fs.h:3275:19 Index 1409 is out of range for type ‘le32923’ aka ‘unsigned...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Fixed the issue of a reference leak during queue teardown in version 2. The user mode queue maintains a pointer to the most recent fence in userq-lastfence. This pointer retains an additional dmafence reference...

Astra Linux - уязвимость в symfony

Symfony is a PHP framework for web and console applications, along with a set of reusable PHP components. The Symfony HTTP cache system functions as a reverse proxy: it caches entire responses including headers and returns them to clients. In a recent change to the AbstractSessionListener,...

Astra Linux - уязвимость в chromium

Before version 91.0.4472.101, using BFCache in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: A NULL pointer dereferencing issue was addressed when splitting folio objects. The commit c010d47f107f “mm: thp: splitting huge pages into lower-order pages” introduced a preliminary check on the order of the folio...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfs: The “copy-to-cache” mechanism has been fixed so that it performs collection using Ceph+FSCache. The “copy-to-cache” mechanism used by Ceph with local caching creates a new request to write data that was just read from the...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: - In the net subsystem, do not delay the execution of dstentriesadd within dstrelease. - dstentriesadd uses data per-core that might be freed during the dismantling of ip6routenetexit, by calling dstentriesdestroy. Before...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nfsd: move the initialization of the reply cache cache counters back into nfsdinitnet The commit f5f9d4a314da “nfsd: move the reply cache initialization into nfsd startup” moved the initialization of the reply cache into nfsd...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Cache streams targeting the link when performing LT automation. REASON The last LT automation update could cause a crash by referencing currentstate and calling dcupdateplanesandstream, which might corrupt...

Astra Linux - уязвимость в python-django, python2.7

Packages containing “python/cpython” from versions 0 and earlier, including 3.6.13, 3.7.0 and earlier than 3.7.10, 3.8.0 and earlier than 3.8.8, 3.9.0 and earlier than 3.9.2, are vulnerable to Web Cache Poisoning via “urllib.parse.parseqsl” and “urllib.parse.parseqs”. This vulnerability occurs du...

Astra Linux - уязвимость в python-django

A issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 when Python 3.7+ was used. The intermediate-level directories of the filesystem cache had the system’s standard umask instead of 0o077...

Astra Linux - уязвимость в python-bottle

Packages from versions 0 and before 0.12.19 are vulnerable to Web Cache Poisoning, due to a mechanism called “parameter cloaking”. When attackers can separate query parameters using a semicolon ;, they can create a discrepancy in the interpretation of requests between the proxy running with defau...

Astra Linux - уязвимость в squid

In versions 4.14 and 5.x through 5.0.5, in some configurations, the Squid vulnerability allows information disclosure due to an out-of-bounds read in the WCCP protocol data. This vulnerability can be exploited as part of a chain for remote code execution, as there is no one to stop such attacks...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Shmem writes are flushed before mapping buffers with cached mappings. The shmem layer zeroes out new pages using cached mappings. If we do not flush these writes using the CPU, we might leave dirty cachelines behind,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfs: Call invalidatecache only if implemented Many filesystems such as NFS and Ceph do not implement the invalidatecache method. On those filesystems, if writing to the cache NETFSWRITETOCACHE fails for some reason, the kernel...