Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: eth: sungem: Remove .ndopollcontroller to avoid deadlocks. Erhard reports netpoll warnings from sungem: netpollsendskbondev: eth0 enables interrupts during polling gemstartxmit+0x0/0x398. Warning: CPU: 1, PID: 1; at...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: i2c: smbus – fixed the dereferencing of NULL function pointers. Baruch reported an OOPS error when using the Designware controller as the target. Only targeting mode breaks the assumption that one transfer function is always...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: atm: idt77252: prevent use after free in dequeuerx We cannot dereference “skb” after calling vcc-push, because the skb is released...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/gud: fixed NULL fb and crtc dereferences on USB disconnection. When the connection is disconnected, the function drmatomichelperdisableall is called, which sets both the fb and crtc for a plane to NULL before performing the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: can: isotp: sanitize CAN ID checks in isotpBind. Syzbot created an environment that led to a state machine status that cannot be reached with a compliant CAN ID address configuration. The provided address information consisted of...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Revert “i2c: i801: replace acpilock with I2C bus lock” This revertment is associated with the commit f707d6b9e7c18f669adfdb443906d46cfbaaa0c1. Under rare circumstances, multiple udev threads may collect information abo...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: lookup hciconn on the RX path at the protocol level The hdev lock/lookup/unlock/use pattern in the packet RX path does not ensure that hciconn is not concurrently modified/deleted. This locking mechanism seems...

Astra Linux – Vulnerability in Qemu

A issue was discovered in QEMU versions 7.1.0 through 8.2.1. In hw/pci/pciesriov.c, the registervfs function does not set NumVFs to PCISRIOVTOTALVF, resulting in improper interaction with hw/nvme/ctrl.c...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/sched: actskbmod: Skip non-Ethernet packets Currently, tcfskbmodact assumes that packets use Ethernet as their L2 protocol, which is not always the case. For example, for CAN devices: bash $ ip link add dev vcan0 type vcan $ ...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/stm: Avoid use-after-free issues with crtc and plane The function ltdcload calls the functions drmcrtcinitwithplanes, drmuniversalplaneinit, and drmencoderinit. These functions should not be called with parameters allocate...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: atmel-quadspi: Resources are freed even if the runtime resume attempt fails in .remove. An early error exit in atmelqspiremove does not prevent the device from being unbound. This results in an SPI controller with an unbound...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mmc: toshsd: fixed the return value check in mmcaddhost The mmcaddhost function may return an error. If we ignore its return value, the memory allocated in mmcallochost will be leaked, leading to a kernel crash due to the...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: mips: bmips: BCM6358: disabled RAC flush for TP1 RAC flush causes kernel panics on BCM6358 with EHCI/OHCI when booting from TP1: 3.881739 usb 1-1: new high-speed USB device number 2 using ehci-platform 3.895011 Reserved...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: PCI: rcar: The WARN function has been replaced with devwarnratelimited in rcarpciewakeup. It is sufficient to warn the user that there has been a link problem. Either the link has failed and the system requires maintenance, or th...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: Skipping DIMM enumeration on a disabled memory controller When loading the i10nmedac driver on some Intel Granite Rapids servers, a call trace may appear as follows: UBSAN: Shift-out-of-bounds in...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Prevention of certain integer underflows My static checker reports the following issue: drivers/infiniband/hw/irdma/ctrl.c:3605 irdmascceqinit Warning: Can subtract underflow for ‘info-dev-hmcfpmmisc.maxceqs’? It seem...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: cadence-qspi: Remove system-wide suspend helper calls from runtime PM hooks. The -runtimesuspend and -runtimeresume callbacks are not expected to call spicontrollersuspend and spicontrollerresume. Remove these calls from the...

Astra Linux – Vulnerability in Intel Microcode

In some IntelR XeonR processor memory controller configurations when using IntelR SGX, there is a check for improper conditions that may allow a privileged user to potentially enable privilege escalation through local access...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/stm: ltdc: fix late dereference check In ltdccrtcsetcrcsource, the struct drmcrtc was dereferenced before the pointer check by the containerof function. This could cause kernel panic. Fix this “match warning”:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-tegra: Reading the IOMMU Stream ID from the device tree Nvidia’s Tegra MGBE controllers require the IOMMU “Stream ID” SID to be written to the MGBEWRAPAXIASID0CTRL register. The current driver is hardcoded to u...