Astra Linux – Vulnerability in Heimdal

The fix for CVE-2022-3437 involved changing the memcmp function to run in constant time, as well as providing a workaround for a compiler bug by adding comparisons of the result with the value “!= 0” to the memcmp function. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: quota: fixed the loop condition in f2fsquotasync The parameter cnt should be passed to sbhasquotaactive, rather than type, to correctly check the active quota. Moreover, when the type is -1, the compiler, with sufficient...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fixed a potential NULL pointer dereferencing in ionicqueryport. The function ionicqueryport calls ibdevicegetnetdev without checking the return value, which could lead to NULL pointer dereferencing. This issue has bee...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: xfs: fixed a Use-after-Free UAF in xchkbtreecheckblockowner. We cannot dereference bs-cur when trying to determine whether bs-cur aliases bs-sc-sa.bno,rmapcur after the latter has been freed. This issue was fixed by introducing a...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: qca: fixed an issue where information was leaked when retrieving the board ID. A missing sanity check was added when retrieving the board ID to prevent the leakage of slab data when requesting the firmware later...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Squashfs: sanity check for symbolic link sizes Syzkiller reports a bug named “KMSAN: uninit-value in picklink”. This issue is caused by an uninitialized page, which ultimately results from reading a corrupted symbolic link siz...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: psi: Added a check for kstrdup. Added a check on the return value of kstrdup, and return an error if it fails, in order to avoid NULL pointer dereferencing...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: exec: Fix for the issue involving the comparison between permission checks and setuid/gid usage When opening a file for execution using dofilpopen, permission checks are performed based on the file’s metadata at that moment. If t...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: Avoid division by zero in applyconstrainttosize The step variable is initialized to zero. It is changed during the loop, but if it isn’t changed, it will remain zero. Add a variable check before the division...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: x86: Shadow stacks – proper error handling for mmap lock Kim Young-min reported that shstkpopsigframe does not check for errors from mmapreadlockkillable. This is a silly oversight. It was also shown that we have not marked...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Ethernet: Hisilicon: HNS: hnsdsafmisc: A possible array overflow has been fixed in hnsdsafgesrstbyport. The if statement limits the value of port to be less than DSAFGENUM i.e., 8. However, if the value of port is 6 or 7, an arra...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: CDC-NCM: Avoid overflows in sanity checks. A malfunctioning device may produce an extreme offset like 0xFFF0, along with a fragment of reasonable length. In the currently formulated sanity check, this will cause an integer...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: cgroup: The cgroupgetfromid function must check that the looked-up key is a directory. The cgroup object must be a kernfs directory; otherwise, a kernel panic will occur, especially when the cgroup ID is provided from the user...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mm/pagetablecheck: A crash occurred when checking ZONEDEVICE. Not all pages apply to the pgtable check. An example is ZONEDEVICE pages: they directly map PFNs, and they never allocate pageext, even if there’s a struct page around...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fixed an issue where the BIOS boundary checking was off by one. Bounds checking during the parsing of init scripts embedded in the BIOS prevents access to the last byte. This causes driver initialization to fail on...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: - svcrdma: The bound check of rqpages index in the inline path. - svcrdmacopyInlineRange: Indexing rqstp-rqpagesrccurpage without verifying that rccurpage remains within the allocated page array. Add guards before the first us...

Astra Linux – Vulnerability in OpenSSL

Issue Summary: Checking excessively long DH keys or parameters can be very slow. Impact Summary: Applications that use functions like DHcheck, DHcheckex, or EVPPKEYparamcheck to check DH keys or parameters may experience prolonged delays. If the keys or parameters are obtained from an untrusted...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: btrfs: A sanity check for the btrfs root has been added in btrfssearchslot. Syzbot reports a nullptrderef issue in btrfssearchslot. The reproducer uses rescue=ibadroots, and the extent tree root is corrupted; as a result, the...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: virtiopmem: Check the device status before requesting flushing. If a PMEM device is in an invalid state, the driver could wait indefinitely for the host acknowledgment in virtiopmemflush, causing the system to hang. Therefore, a...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: RSI: Do not configure WoWlan in the shutdown hook if it is not enabled. If WoWlan was never configured during the operation of the system, hw-wiphy-wowlanconfig will be NULL. The rsiconfigwowlan function checks whether...