22915 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: erofs: limited the level of fs stacking for file-backed mounts. Otherwise, it could cause potential kernel stack overflows e.g., when mounting EROFS itself...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: erofs: Avoid infinite loops caused by corrupted subpage compact indexes. Robert reported an infinite loop observed in two crafted images. The root cause is that clusterofs can be larger than lclustersize for !NONHEAD lclusters...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: qgroup: fix race between quota disable and quota rescan ioctl There is a race between a task that disables quotas and another task that runs the rescan ioctl. This can lead to a use-after-free of qgroup records from the...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid out-of-bounds access when system.data changes xattrs under the filesystem. When searching for an entry in an inline directory, if evalueoffs is changed under the filesystem due to changes in the block device, it may...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: btrfs: Replace BTRFSMAXEXTENTSIZE with fsinfo-maxextentsize. In a zoned filesystem, data writing is limited by maxzoneappendsize. A large ordered extent is split according to the size of a bio. On the other hand, the number of...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed the assignment logic of iocb. Commit 18ae8d12991b "f2fs: shows more DIO information in tracepoints" introduced the iocb field in the 'f2fsdirectIOenter' trace event. It only assigns the pointer and then accesses it...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ovl: Fixed a NULL pointer dereferencing issue in the copy-up warning message. This patch addresses a NULL pointer dereferencing issue that caused a recently introduced warning message to not function properly...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: The BUG function is removed after failing to insert a delayed directory index entry. Instead of calling BUG when we fail to insert a delayed directory index entry into the delayed node’s tree, we can simply release all the...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: Driver Core: Fixed the issue with waitfordeviceprobe and the interaction with deferredprobetimeout. The mounting of NFS rootfs timed out when deferredprobetimeout was non-zero 1. This occurred because the ipautoconfig initcall...
Astra Linux - уязвимость в linux-5.10
A vulnerability was discovered in the Linux kernel’s blockinvalidatepage function in the fs/buffer.c file of the filesystem. A missing sanity check may allow a local attacker with user privileges to cause a denial of service DOS issue...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fix for data corruption after a failed write. When buffering a write fails and data cannot be copied into the underlying page cache, ocfs2writeendnolock simply zeroes out and dirtyens the page. This can result in a dirty...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix tree mod log mishandling of reallocated nodes We have been seeing the following panic in production kernel BUG at fs/btrfs/tree-mod-log.c:677! invalid opcode: 0000 1 SMP RIP: 0010:treemodlogrewind+0x1b4/0x200 RSP:...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: Regenerate the buddy structure after block freeing fails when under fc replay. This fix primarily reverts to commit 6bd97bf273bd “ext4: Remove redundant mbregeneratebuddy”, and reintroduces the function mbregeneratebuddy...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ext4: Only dirty folio entries are marked when regular files are journaled. fstest generic/388 occasionally causes a crash that appears as follows: BUG: The kernel dereferes a NULL pointer. Address: 0000000000000000 Call Trace:...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: jfs: fixed an array-index-out-of-bounds issue in dbFindLeaf. Currently, when searching for dmtreet to find sufficient free blocks, there is a situation where an array index goes out of bounds during the retrieval of elements from...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2domountfs If jffs2buildfilesystem in jffs2domountfs returns an error, we can observe the following kmemleak report: -------------------------------------------- unreferenced object 0xffff88811b25a64...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Split the initial and dynamic conditions for extentcache. Let’s allocate the extentcache tree without dynamic conditions to avoid a panic caused by a missing condition, as shown below. Create a file with a compressed fla...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Use the volume UUID in FSOBJECTIDINFORMATION. Use sb-suuid as the primary identifier for volumes. For file systems that do not provide a UUID, fallback to stfs.ffsid, which is obtained from vfsstatfs...
Astra Linux - уязвимость в grub2
A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Mitigation of the issue where the EA inode refcount may underflow during xattr updates. Syzkaller identified a path in the ext4xattrinodeupdateref function where the refcount of EA inodes is checked. If the refcount is...