Astra Linux – Vulnerability in libonig

A issue was discovered in Oniguruma 6.x before 6.9.4rc2. In the function fetchintervalquantifier formerly known as fetchrangequantifier in regparse.c, PFETCH is called without checking PEND. This leads to a buffer overflow issue based on the heap mechanism...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: - acpi: nfit: vmalloc-out-of-bounds read in acpinfitctl A issue detected by syzbot with KASAN has also been fixed: BUG: KASAN: vmalloc-out-of-bounds in cmdtofunc, drivers/acpi/nfit/core.c:416 inline BUG: KASAN:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/manaib: A boundary check was added before installing cq callbacks. A boundary check has been added inside manaibinstallcqcb to prevent index overflow...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: validate numifs to prevent out-of-bounds write The driver obtains swattr.numifs from the firmware via dpswgetattributes, but never validates it against DPSWMAXIF 64. This value controls the iteration in...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netpoll: A race condition has been fixed in netpollowneractive. KCSAN detected a race condition in netpoll: - BUG: KCSAN: Data race in netrxaction/netpollsendskb. A write operation marked as 0xffff8881164168b0, 4 bytes is perform...

Astra Linux – Vulnerability in ntfs-3g

In NTFS-3G versions before 2021.8.22, when a specially crafted NTFS attribute is provided to the function ntfsgetattributevalue, a heap buffer overflow can occur, allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access, which can be...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: RISCV: Check whether the code to be patched lies within the exit section. Otherwise, we proceed to vmalloctopage, which panics because the address does not lie within the vmalloc region...

Astra Linux – Vulnerability in xwayland, xorg-server

A buffer overflow vulnerability was discovered in X.Org and Xwayland. The code in XkbVModMaskText allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and will copy the data regardless of the siz...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: carl9170 – added a proper sanity check for endpoints. Syzkaller reports that a warning was triggered due to the presence of an incorrect endpoint type during the URB processing stage. Although a check was performed for a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: clk: mmp: pxa1908-mpmu: Fixed the issue where a NULL value was returned instead of an ISERR pointer. The devmkzalloc function now returns NULL if there is an error, rather than an error pointer. The check has been updated to matc...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: Fix endpoint check The syzbot fuzzer detected a problem with the udlfb driver, caused by an endpoint that does not have the expected type. usb 1-1: Failed to read the EDID byte 0; result: -71. usb 1-1: Unable to...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed the exception exit lock checking for subprogs The processbpfexitfull function passes checklock = !curframe to checkresourceleak, which is false in cases where bpfthrow is called from a static subprog. This causes...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been fixed: ksmbd: Fixed an out-of-bounds write issue in smb2getea. smb2getea applies a 4-byte alignment padding using memset after writing each EA entry. The bounds check on buffreelen is performed before the memcpy operation, but the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: gpio: loongson-64bit: Fixed an incorrect NULL check after devmkcalloc Fixed an incorrect NULL check in loongsongpioinitirqchip. The function checks chip-parent instead of chip-irq.parents...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In media: iris: gen2, a sanity check for session termination was added. In iriskillsession, inst-state is set to IRISINSTERROR, and sessionclose is executed, which will free memory allocated to insthfigen2-packet. If stopstreamin...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: usb-storage: alauda: Check whether the media is initialized. The member “uzonesize” of the struct alaudainfo will remain 0 if alaudainitmedia fails, potentially causing division errors in alaudareaddata and alaudawritelba. - A...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Add a NULL check in uclogicinputconfigured. The devmkasprintf function returns NULL when memory allocation fails. Currently, uclogicinputconfigured does not check for this case, resulting in a NULL pointer being...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed a UAF issue in bpftrampolinelinkcgroupshim. The root cause of this bug is that when bpflinkput reduces the refcount of shimlink-link.link to zero, the resource is considered released, but it may still be referenced via...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the validity of link-type in bpflinkshowfdinfo If a newly added link type does not invoke BPFLINKTYPE, accessing bpflinktypestrslink-type may lead to an out-of-bounds access. To detect such missed invocations early on ...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/komeda: check for error-valued pointer komedapipelinegetstate may return an error-valued pointer; therefore, it is necessary to check that the pointer has a negative or null value before dereferencing it...