Astra Linux – Vulnerability in Linux 5.15

A issue was discovered in the Linux kernel before version 6.3.4. In the file fs/ksmbd/smb2pdu.c of ksmbd, there is a flaw where the UserName value is not properly checked. This occurs because the address of the security buffer is not taken into consideration, resulting in a out-of-bounds read...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Media: PCI: cx23885: Check cx23885vdevinit return. cx23885vdevinit may return a NULL pointer, but that pointer is used in the next line without any checks. Add a NULL pointer check, and proceed with error unwinding if the pointer...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm: Check that output polling is initialized before disabling it. In drmkmshelperpolldisable, check that output polling is initialized before disabling polling. If not, flag this as a warning. Additionally, in...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: SOF: Added bounds checking to firmware data. Smatch complains that “head-fullsize – head-headersize” can cause underflow. To some extent, we will always have to trust the firmware. However, it’s easy to add checks for...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: crypto: hisilicon/debugfs – Fixed the issue with the uninit process of debugfs. During the zip probe process, a failure in debugfs does not stop the probe. When the initialization of debugfs fails, jumping to the error branch...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: nxp: imx8-isi: Check whether the crossbar pad is non-NULL before accessing it. When translating source streams to sink streams in the crossbar subdev mechanism, the driver attempts to locate the remote subdev connected to...

Astra Linux – Vulnerability in Poppler

A issue was discovered in Poppler 0.71.0. There is a potentially fatal abort in Object.h; this will lead to a denial of service, as EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: pdscore: The pdsccheckpcihealth function was fixed to use a work thread for execution. When the driver detects that fwstatus == 0xff, it attempts to perform a PCI reset on itself using the pciresetfunction function within the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: EDAC/mc: Fixed the error path ordering in edacmcalloc. When the mci-pvtinfo allocation in edacmcalloc fails, the error path will call putdevice, which will ultimately call the device’s release function. However, the initializatio...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: jfs: fixed a null pointer dereference in dtInsertEntry Reported by syzbot General protection fault, likely for a non-canonical address 0xdffffc0000000001: 0000 1 PREEMPT SMP KASAN PTI KASAN: nullptrderef in range...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisipcie: Fixed out-of-bound access when a valid event group is used. The perf tool allows users to create event groups using the cmd 1. However, the driver does not check whether the array index is out of bounds wh...

Astra Linux – Vulnerability in Ansible

A flaw was discovered in the Ansible Engine when using the moduleargs feature. Tasks executed with the --check-mode option do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The greatest threat posed by this vulnerability is...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: The BUG function call has been removed after failing to insert a delayed directory index entry. Instead of calling BUG when we fail to insert a delayed directory index entry into the delayed node’s tree, we can simply...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: spi: bcm2835: bcm2835spihandleerr: Fixed the issue of NULL pointer dereferencing for non-DMA transfers. If an IRQ-based transfer times out, the bcm2835spihandleerr function is called. Since commit 1513ceee70f2 “spi: bcm2835: Drop...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: s390/dasd: fixed an issue where error recovery led to data corruption on ESE devices. Extent Space Efficient ESE or thin-provisioned volumes need to be formatted on demand during normal IO processing. The dasdeseneedsformat...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Fixed a slab out-of-bounds write in smbinheritdacl. The slab out-of-bounds write occurs because the offsets are larger than the allocation size of pntsd. This patch adds a check to validate the three offsets using the...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Added a check for a valid ‘madagent’ pointer. When unregistering an MAD agent, the srpt module performs a non-null check on the ‘madagent’ pointer before invoking ibunregistermadagent. This check can fail if the...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoided potential dereferencing of error pointers in stihqvdpatomiccheck. The return value of drmatomicgetcrtcstate needs to be checked. This is done to avoid using the error pointer ‘crtcstate’ in case of a failure...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: Added an atomiccheck to bridge operations. In the DRM committails function, if both conditions for disabling the downstream crtc/encoder/bridge are required, and crtc-active is set before pushing a new frame downstrea...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Added a upper bound check on user inputs in wait ioctl. Large input values in amdgpuuserqwaitioctl can lead to a Out-of-Memory OOM condition, and this vulnerability could be exploited. Therefore, it is recommended to...