Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed ext4mbmarkbb with flexbg and fastcommit. In the case of the flexbg feature which is enabled by default, extents for any given inode may span across blocks from two different block groups. ext4mbmarkbb only reads the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: vfat: fixed missing checks for the return value of sbminblocksize When emulating an nvme device on qemu with both logicalblocksize and physicalblocksize set to 8 KiB, but without a file system format, a kernel panic was...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: filemap: Avoid truncating the 64-bit offset to 32 bits. On 32-bit kernels, the folioseekholedata function inadvertently truncated a 64-bit value to 32 bits, which could lead to an infinite loop when writing to an xfs filesystem...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Error checking was added to ext4extreplaysetiblocks. If the call to ext4mapblocks fails due to a corrupted file system, ext4extreplaysetiblocks may get stuck in an infinite loop. This issue can be reproduced by running...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixing access to uninitialized locks in the fc replay path The following kernel trace can be triggered with fstest generic/629 when executed against a filesystem with the fast-commit feature enabled: INFO: Trying to...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fsdax: Force the dirty mark to be cleared if CoW is used XFS allows CoW on non-shared extents to combat fragmentation1. The old non-shared extent can be rewritten before use; its dax entry is marked as “dirty”. This results in a...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nilfs2: Handling of inconsistent states in nilfsbtnodecreateblock. Syzbot reported that an inconsistency in the buffer state was detected in nilfsbtnodecreateblock, which triggered a kernel bug. It is not appropriate to consider...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Make sure the first directory block is not a hole. The syzbot constructs a directory that has no dirblock, but it is not inline; in other words, the first directory block is a hole. No errors are reported when creating file...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: FS:JFS:UBSAN: array-index-out-of-bounds in dbAdjTree Syzkaller reported the following issue: UBSAN: array-index-out-of-bounds in fs/jfs/jfsdmap.c:2867:6 Index 196694 is out of range for type ‘s81365’ aka ‘signed char1365’ CPU:...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Added bounds checking in getmaxinlinexattrvaluesize Normally, extended attributes within the inode body would be checked when the inode was first opened. However, if someone writes to the block device while the file system ...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: ext4: use of a stale path after allocation in ext4extinsertextent As Ojaswin mentioned in the link, in ext4extinsertextent, if the path is reallocated during ext4extcreatenewleaf, we will use a stale path, leading to a Use After...

Astra Linux - уязвимость в webkit2gtk

In BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit, prior to version 2.34.1, there was a limited bypass of the sandbox mechanism. This allowed a sandboxed process to trick host processes into believing that the sandboxed process was not confined by the sandbox. This was achieved by exploiting...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mm: Use memallocnofssave in pagecacheraorder See commit f2c817bed58d “mm: Use memallocnofssave in readahead path”. Ensure that pagecacheraorder does not attempt to reclaim file-backed pages too often, as this can lead to a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: Fixed to avoid mapping the wrong physical block for the swapfile. Xiaolong Guo reported a bug related to f2fs in bugzilla 1. 1 https://bugzilla.kernel.org/showbug.cgi?id=220951 As quoted: “When performing a swap stress test...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: core: Fixed a regression issue related to the removal of the procfs host directory The commit fc663711b944 “scsi: core: Removed the /proc/scsi/$procname directory earlier” fixed a bug related to module loading/unloading...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: nilfs2: Fixed an underflow in calculations for the second superblock position. The macro NILFSSB2OFFSETBYTES calculates the position of the second superblock. This calculation results in an underflow when the devicesize argument ...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: sparc: Fixed inaccurate exception reporting in copyfromtouser for UltraSPARC III. Anthony Yznaga identified a bug in the ext4 code where, when large folios were enabled, copyfromuser returned impossibly large values, ones that we...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Protect folio::private when attaching an extent buffer for folios. BUG Since version 6.8, several people have reported rare kernel crashes. The common cause is incorrect page status error messages like this: BUG: Incorrect...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: vfs: Do not leak disconnected dentrys during umount When the user calls openbyhandleat on an inode that is not cached, we will create a disconnected dentry for it. If such a dentry is a directory, exportfsdecodefhraw will attempt...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: xfs: Do not perform irele after failing to perform iget in xfsattrirecoverwork. xlogrecoveryiget never sets @ip to a valid pointer if it returns an error; therefore, this irele will cause a dangling pointer. This issue has bee...