Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbdirect: verifyremainingdatalength respects maxfragmentedrecvsize This issue is related to the check for dataoffset + datalength...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed NULL pointer dereferencing in trytoregistercard. In trytoregistercard, the return value of usbifnumtoif is passed directly to usbinterfaceclaimed without a NULL check. This can lead to a NULL pointer...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: stm32-csi: The dereference operation was corrected before the NULL check. In stm32csistart, the variable csidev-ssubdev is dereferenced directly when assigning a value to srcpad. However, the same value is then checked...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Loads the TSC multiplier of L1 based on L1’s state, not L2’s state. When emulating a nested VM-Exit, the TSC multiplier of L1 is loaded if L1’s desired ratio does not match the current ratio. This does not occur if L1’...

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a missing bounds check in smartcardunpackreadsizealign libfreerdp/utils/smartcardpack.c:1703 allowed a malicious RDP server to crash the FreeRDP client through a reachable WINPRASSERT → abort mechanism. This...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: cx88: A null-ptr-deref bug was fixed in the bufferprepare function. When the driver calls cx88riscbuffer to prepare the buffer, the function call may fail, resulting in an empty buffer and a null-ptr-deref later in the...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: kcm: fixed the order of calls to strpinit and cleanup. strpinit is called just a few lines above this csk-skuserdata check. It also initializes strp-work, etc. Therefore, there’s no need to call strpdone to cancel the newly...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: The issue related to null-ptr-deref in bitmapparselist has been fixed. A crash was observed with the following output: BUG: NULL pointer dereferencing in the kernel; address: 0000000000000010 Oops: 0000 1 SMP NOP...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Fixed the check for NULL values in the SCCB field. The tracing code called by the SCLP interrupt handler contains early exits if the SCCB address associated with an interrupt is NULL. This check is performed after the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ceph: fixed the issue where multifs mds auth caps was applied incorrectly The mds auth caps check should also validate the fsname along with the associated caps. Failure to do so would result in applying the mds auth caps of o...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Added a check for cstate. Since kzalloc may fail and return a NULL pointer, it would be better to check the cstate to avoid dereferencing the NULL pointer in drmatomichelpercrtcreset. Patchwork:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: iouring/zctx: Check chained notification contexts. Send zc only when there are links available for requests coming from the same context. There are some ambiguous reports related to syz, so let’s examine the assumption regardi...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: b2c2: Fix for a use-after-free caused by irqcheckwork in flexcoppciremove. The original code uses canceldelayedwork in flexcoppci Remove, which does not guarantee that the delayed task irqcheckwork has fully completed if i...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: dvm – Fixed a issue where memcpy was used for writing data that spanned multiple fields. The received TKIP key may be up to 32 bytes, as it may also contain MIC rx/tx keys. These keys are not used by iwlwifi, and...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mptcp: A stricter state check has been added in mptcpworker. According to Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: c connect // Incoming reset + fastclose // The mpt...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: av7110: prevent underflow in writetstodecoder The value of buf4 comes from the user via tsplay. This value is within the u8 range. The final length that we pass to av7110ipackinstantrepack is “len – buf4 + 1 – 4”. Therefor...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mtdchar: Fixed integer overflow in read/write ioctls. The req.start and req.len variables are u64 values that originate from the user at the beginning of the function. We mask the high 32 bits of req.len, ensuring that its value ...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: pxa: fixed a null-pointer dereference in filter The kasprintf function would return a NULL pointer when kmalloc fails to allocate memory. It is necessary to check the return pointer before calling strcmp...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: archtopology: The incorrect error check in topologyparsecpucapacity was fixed. The incorrect use of PTRERRORZERO in topologyparsecpucapacity was also corrected. This caused the code to proceed with NULL clock pointers. The curren...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: comedi: A flaw in the comedibufmunge function was addressed. This function performs a modulo operation async-mungechan %= async-cmd.chanlistlen, without first checking whether chanlistlen is zero. If a user program submits a...