Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Added a upper bound check on user inputs in wait ioctl. Large input values in amdgpuuserqwaitioctl can lead to a Out-of-Memory OOM condition, and this vulnerability could be exploited. Therefore, it is recommended to...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fixed potential memory corruption in childcfsrqonlist. childcfsrqonlist attempts to convert a ‘prev’ pointer to a cfsrq. This ‘prev’ pointer can originate from the struct rqs’s leafcfsrqlist, making the conversion...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: The issue in the j1939tptxdatnew function could lead to out-of-bounds memory access if the size of skb-cb is larger than the size of struct j1939skbuffcb. This occurs because the memcpy operation uses the size of skb-cb, causing ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: IMA: Verify that the IMA buffer from the previous kernel is within the addressable RAM. Patch series “Address page fault in imarestoremeasurementlist”, version 3. When the second-stage kernel is booted using kexec with a limiting...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: gfs2: Always check the inode size of inline inodes. Check whether the inode size of inline inodes is within the allowed range when reading inodes from the disk gfs2dinodein. This prevents on-disk corruption. The two checks in...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: RISCV: kprobe: Fixed kernel panic when probing an illegal position The kernel would panic when trying to probe an illegal position. For example: CONFIGRISCVISAC=n Example code: bash echo 'p:hello kernelclone+0x16 a0=%a0'...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A issue was discovered in the Linux kernel before version 6.3.3. There is an out-of-bounds read in the crc16 function in lib/crc16.c when called from fs/ext4/super.c, because ext4groupdesccsum does not properly check an offset. NOTE: This issue is disputed by third parties, as the kernel is not...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fixed a potential use-after-free issue in airohanpuget. np-name was being used after calling ofnodeputnp, which releases the node and could lead to a use-after-free bug. Previously, ofnodeputnp was called...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ice: Added a NULL check in the eswitch lag check. The function icelagisswitchdevrunning is called from outside the LAG event handler code. This results in lag-uppernetdev being NULL sometimes. To avoid dereferencing a NULL pointe...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: hwmon: ftsteutates Fixed the TOCTOU race condition in ftsread In the ftsread function, when handling hwmonpwmautochannelstemp, the code accesses the shared variable data-fansourcechannel twice without holding any locks. This chec...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Enhanced sanity check during attribute list generation The nicreateattrlist function uses WARNON to catch error cases during attribute list generation. Currently, it only prints the stack trace, which may not be...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: md: raid1: fixed a potential out-of-bounds error in raid1removedisk. If rddev-raiddisk is greater than mddev-raiddisks, an out-of-bounds error will occur in raid1removedisk. We have already encountered similar reports, as...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Check if there is a station first in the client probe. When probing a client, first check if one exists, and then check the channel context. Otherwise, a warning can easily be triggered by probing when the AP hasn...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rcu: Avoid stack overflow due to rcuirqenterchecktick being kprobed. Registering a kprobe for rcuirqenterchecktick can cause a kernel stack overflow, as shown below. This issue can be reproduced by enabling CONFIGNOHZFULL and...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Range checks for the CHDBOFF and ERDBOFF registers. If the values read from the CHDBOFF and ERDBOFF registers are outside the range of the MHI register space, an invalid address may be calculated, which can later...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbAllocAG Syzbot identified a crash issue: UBSAN: shift-out-of-bounds in dbAllocAG. The underlying bug lies in the lack of a check on bmp-dbagl2size. This field can be larger than 64, leading t...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed a potential null dereference in dmresume Why Fixed the match error: The dmresume error: We previously assumed that ‘aconnector-dclink’ could be null. How Checked whether dclink is null at the beginning of t...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fixed a missing pointer check in the hdacomponentmanagerinit function. The componentmatchadd function may assign the ‘matchptr’ pointer the value ERRPTR-ENOMEM, which will subsequently be dereferenced. The call stack...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: coresight: Fixed incorrect handling of the return value of devmkzalloc. The return value of devmkzalloc could potentially be a null pointer. Use !desc.pdata to correct the incorrect handling of this return value...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: check p-vecbuf for NULL When the PAGEMAPSCAN ioctl is invoked with veclen = 0 and results in pagemapscanbackoutrange, the kernel panics due to a null-ptr-deref. 44.936808 Oops: general protection fault, likely fo...