Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: Fix for null-ptr-deref in ext4writeinfo I identified a bug involving null-ptr-deref as follows: ========================================== KASAN: null-ptr-deref in range 0x0000000000000068-0x000000000000006f CPU: 1 PID: 158...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Initializing quotas for ‘old.inode’ during ‘ext4rename’. Syzbot identified the following issues: - ext4parseparam: swantextraisize=128 - ext4inodeinfoinit: swantextraisize=32 - ext4rename: old.inode=ffff88823869a2c8;...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid crashes when inline data creation occurs after DIO write When an inode is created and written using direct IO, there is no way to clear the EXT4STATEMAYINLINEDATA flag. As a result, when the inode is truncated to just...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed the function prototype mismatch in ext4featktype. With Clang’s Kernel Control Flow Integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to ensure that the...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: jbd2: Check ‘jh-btransaction’ before removing it from the checkpoint. The following process will corrupt the ext4 image: Step 1: jbd2journalcommittransaction jbd2journalinsertcheckpointjh, committransaction // Place jh into...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: memory leaks have been fixed in ext4fnamesetupfilename,preparelookup. If filename case-folding fails, memory will be leaked from the fscryptname structure, specifically from the 'cryptobuf.name' member. Make sure that this...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Fix for leaking uninitialized memory in the fast-commit journal When space at the end of the fast-commit journal blocks is unused, make sure to zero it out so that uninitialized memory is not leaked to the disk...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Added the EXT4IGETBAD flag to prevent unexpected bad inodes. There are many places that may encounter problems and crash when ext4iget returns a bad inode. However, if the iget function returns a bad inode, it may not be...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed an uninitialized value in ‘ext4evict inode’. Syzbot identified the following issue: ===================================================== BUG: KMSAN: Uninitialized value in ext4evict inode+0xdd/0x26b0,...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: Improved error handling for ext4dirhash The ext4dirhash function almost never fails, especially since the “hash tree” feature was first introduced. However, with the addition of support for encrypted, case-folded file names...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Allow ext4getgroupinfo to fail. Previously, ext4getgroupinfo would treat an invalid group number as a BUG, since this should never happen in theory. However, if a malicious attacker modifies the superblock via the block...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: fixed the issue of possible double unlocking when moving a directory...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a use-after-free issue in ext4findextent when using bigalloc with inline data. Syzbot identified the following issue: - loop0: A change in capacity was detected, from 0 to 2048. - EXT4-fs loop0: The filesystem...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: jbd2: Prevent softlockup in jbd2logdocheckpoint. Both jbd2logdocheckpoint and jbd2journalshrinkcheckpointlist periodically release the jlistlock after processing a batch of buffers to avoid long hold times on the jlistlock...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: a potential memory leak has been fixed in ext4fcrecordmodified inode. Since krealloc may return NULL, in this case, state-fcmodifiedinodes may not be freed by krealloc. However, state-fcmodifiedinodes is already set to NULL...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed a warning in mbfindextent Syzbot identified the following issues: EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioreadnolock, ODIRECT, and fastcommit support! EXT4-fs loop0: orphan...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed the erefcnt leak in ext4xattrblockcachefind. Syzbot reports the following warning: ============================================ WARNING: CPU: 0, PID: 5075, at fs/mbcache.c:419, module mbcachedestroy+0x224/0x290. Linke...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Do not create EA inodes under the buffer lock The ext4xattrsetentry function creates new EA inodes while holding the buffer lock on the external xattr block. This is problematic because all allocation-related locking...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: checks dot and dotdot of dxroot before making dir indexed Syzbot reports the following issue: ============================================ BUG: Unable to handle page fault for address: ffffed11022e24fe PGD 23ffee067 P4D...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: nfsd: Map EBADMSG to nfserrio to avoid warnings. Ext4 will throw -EBADMSG during ext4readdir when a checksum error occurs, resulting in the following warning. Fix this by mapping EBADMSG to nfserrio. nfsdbufferedreaddir...