22915 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: hfs: Ensure that sb-sfsinfo is always cleaned up. When hfs was converted to the new mount API, a bug was introduced by changing the allocation pattern of sb-sfsinfo. If setupbdevsuper fails after a new superblock has been allocat...
Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovldentryupdatereval by moving dput in ovllinkup The issue was caused by dputupper being called before ovldentryupdatereval, while upper-dflags was still accessed in ovldentryremote. Move dputupper after its last...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: f2fs: The return value of f2fsrecoverfsyncdata has been fixed. With the following scripts, a panic will occur in f2fs: bash mkfs.f2fs -f /dev/vdd mount /dev/vdd /mnt/f2fs touch /mnt/f2fs/foo sync echo 111 /mnt/f2fs/foo f2fsio fsy...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: jbd2: avoid bugon in jbd2journalgetcreateaccess when file system corrupted There's issue when file system corrupted: ------------ cut here ------------ kernel BUG at fs/jbd2/transaction.c:1289! Oops: invalid opcode: 0000 1 SMP...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ceph: fixed NULL pointer dereference in cephmdsauthmatch The CephFS kernel client has a regression starting from 6.18-rc1. There is an issue in cephmdsauthmatch if fsname is NULL: c const char fsname =...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: vfs: fix race on mflags in vfscache ksmbd maintains delete-on-close and pending-delete state in ksmbdinode-mflags. In vfscache.c this field is accessed under inconsistent locking: some paths read and modify mflags under...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid potential buffer over-read in parseapplysbmountoptions Unlike other strings in the ext4 superblock, we rely on tune2fs to make sure smountopts is NUL terminated. Harden parseapplysbmountoptions by treating smountopts ...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Do not report a BUG when INLINEDATAFL lacks the system.data xattr attribute. A syzbot fuzzed image triggered a BUG in ext4updateinlinedata, when an inode had the INLINEDATAFL flag set but lacked the system.data extended...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: nubus: Partially revert proccreatesingledata conversion The conversion to proccreatesingledata introduced a regression whereby reading a file in /proc/bus/nubus results in a seg fault: grep -r . /proc/bus/nubus/e/ Data read fault...
Astra Linux - уязвимость в f2fs-tools
There is an exploitable information disclosure vulnerability in the getdnodeofdata functionality of the F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can lead to information disclosure. An attacker can provide a malicious file that triggers this vulnerability...
Astra Linux - уязвимость в linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to call f2fswaitonpagewriteback in f2fswriterawpages BUGON will be triggered when writing files concurrently, because the same page is writtenback multiple times. 1597 void folioendwritebackstruct folio folio...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: f2fs: A fix was made to avoid the use of f2fsbugon in decvalidnodecount. As reported by Yanming in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215897 I have encountered a bug in the F2FS file system in the kernel version...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fs: Pass the ATGETATTRNOSEC flag to the getattr interface function. When vfsgetattrnosec calls the getattr interface function of a filesystem, the nosec flag should be propagated into this function, so that vfsgetattrnosec can be...
Astra Linux - уязвимость в chromium
Insufficient policy enforcement in the File System API of Google Chrome prior to version 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions through a crafted HTML page...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: virtiopmem: Added the missing REQOPWRITE for flushing bio. When performing mkfs.xfs on a pmem device, the following warning was encountered: ------------ Cut here ------------ Warning: CPU: 2, PID: 384; at block/blk-core.c:751:...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ovl: fixed the warning in ovlcreatereal Syzbot triggered the following warning in ovlworkdircreate - ovlcreatereal: if !err && WARNON!newdentry-d inode The reason is that the cgroup2 filesystem returns from mkdir without...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential out of bound read in ext4fcreplayscan For scan loop must ensure that at least EXT4FCTAGBASELEN space. If remain space less than EXT4FCTAGBASELEN which will lead to out of bound read when mounting corrupt file...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: netfs: Fixed the early read unlock of pages with an EOF condition in the middle. The collection of read results for buffered reads seems to occur ahead of the completion of subrequests under certain circumstances. This can be see...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed the issue where preallocated blocks were truncated in f2fsfileopen. Chenyuwen has reported the following f2fs bugs: Unable to handle a NULL pointer dereferencing at the virtual address 0000000000000011...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed an warning in ext4updateinlinedata. Syzbot identified the following issue: EXT4-fs loop0: Mounted a filesystem with ID 00000000-0000-0000-0000-000000000000 without a journal. Quota mode: none. fscrypt:...