Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed ext4mbmarkbb with flexbg and fastcommit. In the case of the flexbg feature which is enabled by default, extents for any given inode may span across blocks from two different block groups. ext4mbmarkbb only reads the...

Astra Linux – Vulnerability in SOX

There is a heap-based buffer overflow vulnerability in the sphere.c startread function of the Sound Exchange libsox 14.4.2 version and the main commit 42b3557e. A specially crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to exploit this vulnerability...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: bamdma: fix runtime PM underflow The commit dbad41e7bb5f “dmaengine: qcom: bamdma: check if the runtime pm enabled” caused unbalanced pmruntimeget/put calls when the bam was controlled remotely. This commit rever...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: “aio”: fixed the issue with mremap after a fork operation involving null-dereferencing. The commit e4a0d3e720e7 “aio: Makes it possible to remap the aio ring” introduced a null-dereference if mremap is called on an old aio mappin...

Astra Linux - уязвимость в linux

The bpf verifier in the Linux kernel failed to properly handle truncation of the mod32 destination register when the source register was known to be 0. A local attacker who had the ability to load bpf programs could exploit this vulnerability by performing out-of-bounds reads in kernel memory,...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one errors in fast-commit block filling Due to several different off-by-one errors, or perhaps due to a late change in design that wasn't fully reflected in the code that was actually merged, there are several ve...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: catch commit test ctx allocation failure The patch series “mm/damon/sysfs: fix commit test damonctx deallocation” addresses this issue. The DAMON sysfs interface dynamically allocates and uses a damonctx object to...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: The NFSINOLAYOUTCOMMIT field was cleared in pnfsmarklayoutstateidInvalidial. This fix prevents a crash occurring when the layout is null during this call stack: write inode - nfs4write inode - pnfslayoutcommit inode...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: “Revert “block, bfq: honor already-setup queue merges”” A crash occurred in conjunction with the commit 2d52c58b9c9b “block, bfq: honor already-setup queue merges”. This issue was later reverted by the commit ebc69e897e17 “Revert...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Ring-Buffer: Do not trigger WARNON due to a commitoverrun. When reading a memory-mapped buffer, the reader page is simply swapped out with the last page written to the write buffer. If the reader page is the same as the commit...

Astra Linux – Vulnerability in Nasm

In NASM 2.15.04rc3, there is a double-free vulnerability in the pptokline asm/preproc.c file. This issue has been fixed in the commit numbered 8806c3ca007b84accac21dd88b900fb03614ceb7...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: fs: dlm: fixed use-after-free in midcomms commit While working on processing dlm messages in the softirq context, I encountered the following KASAN use-after-free warnings: 151.760477...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: musb: sunxi: Fixing the issue of accessing a released USB PHY. The commit 6ed05c68cbca “usb: musb: sunxi: Explicitly releasing the USB PHY upon exit” causes the USB PHY @glue-xceiv to be accessed after it has been released. ...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: A infinite loop occurs when replaying fastcommit. When performing a fastcommit replay, an infinite loop may occur due to an uninitialized extentstatus structure. The ext4extdetermineinserthole function does not detect this...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

There are use-after-free vulnerabilities in the net/bluetooth/l2capcore.c files, specifically in the l2capconnect and l2capleconnectreq functions. These vulnerabilities may allow code execution and the leakage of kernel memory remotely via Bluetooth. A remote attacker can execute code that leaks...

Astra Linux – Vulnerability in libxml2

The GNOME project’s libxml2 v2.9.10 has a global buffer over-read vulnerability in the xmlEncodeEntitiesInternal function within libxml2/entities.c. This issue has been fixed in the commit numbered 50f06b3e...

Astra Linux – Vulnerability in TIF format

LibTIFF 4.4.0 contains an out-of-bounds write vulnerability in tiffcrop, located at line 3502 of tools/tiffcrop.c. This vulnerability allows attackers to cause a denial-of-service attack through a malicious TIF file. For users who compile LibTIFF from source code, the fix is available in the comm...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Fix for access to uninitialized lock in the fc replay path. The following kernel trace can be triggered with fstest generic/629 when executed against a filesystem with the fast-commit feature enabled: INFO: Trying to regist...

[SECURITY] Fedora 42 Update: rust-sequoia-git-0.6.0-1.fc42

A tool for managing and enforcing a commit signing policy...

[SECURITY] Fedora 43 Update: rust-sequoia-git-0.6.0-1.fc43

A tool for managing and enforcing a commit signing policy...