Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: ocfs2: reserve space for inline xattr before attaching reflink tree One of our customers reported a crash and a corrupted ocfs2 filesystem. The crash was due to the detection of corruption. Upon troubleshooting, the fsck -fn outp...

Astra Linux - уязвимость в linux-5.15

A use-after-free flaw was discovered in nfsd4sscsetupdul in fs/nfsd/nfs4proc.c within the NFS filesystem of the Linux kernel. This issue could allow a local attacker to crash the system or may lead to a kernel information leak...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: afs: Fix dynamic root getattr The recent patch to make afsgetattr consult the server didn't account for the pseudo-inodes employed by the dynamic root-type afs superblock not having a volume or a server to access, and thus an oop...

Astra Linux - уязвимость в linux, linux-5.10

A race condition was discovered in ext4writeinlinedataend in fs/ext4/inline.c within the ext4 subsystem of the Linux kernel, as of version 5.13.13...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: don't allow unaligned truncation on released compress inode f2fs image may be corrupted after below testcase: - mkfs.f2fs -O extraattr,compression -f /dev/vdb - mount /dev/vdb /mnt/f2fs - touch /mnt/f2fs/file -...

Astra Linux - уязвимость в linux-5.15, linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ext4: fix bugon in estreesearch caused by bad boot loader inode We got a issue as fllows: ================================================================== kernel BUG at fs/ext4/extentsstatus.c:203! invalid opcode: 0000 1 PREEMP...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on ixattrnid in sanitycheckinode syzbot reports a kernel bug as below: F2FS-fs loop0: Mounted with checkpoint version = 48b305e4 ================================================================== BUG:...

Astra Linux - уязвимость в grub2

An integer overflow flaw was discovered in the BFS file system driver within grub2. When reading a file using an indirect extent map, grub2 fails to validate the number of extent entries to be read. A maliciously crafted or corrupted BFS file system may cause an integer overflow during file...

Astra Linux - уязвимость в chromium

Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 108.0.5359.71 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. Chromium security severity: Medium...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't dirty inode for readonly filesystem syzbot reports f2fs bug as below: kernel BUG at fs/f2fs/inode.c:933! RIP: 0010:f2fsevictinode+0x1576/0x1590 fs/f2fs/inode.c:933 Call Trace: evict+0x2a4/0x620 fs/inode.c:664...

Astra Linux - уязвимость в linux-5.15, linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: let's avoid panic if extenttree is not created This patch avoids the below panic. pc : lookupextenttree+0xd8/0x760 lr : f2fsdowritedatapage+0x104/0x87c sp : ffffffc010cbb3c0 x29: ffffffc010cbb3e0 x28: 0000000000000000 x27:...

Astra Linux - уязвимость в grub2

A flaw was discovered in grub2. When performing a symlink lookup from a ReiserFS filesystem, grub’s ReiserFS module uses user-controlled parameters from the filesystem’s geometry to determine the internal buffer size. However, it improperly checks for integer overflows. A maliciously crafted...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/nfs/read: fix double-unlock bug in nfsreturnemptyfolio Sometimes, when a file was read while it was being truncated by another NFS client, the kernel could deadlock because foliounlock was called twice, and the second call wou...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ocfs2: The ltreedepth field was validated to prevent out-of-bounds access. The ltreedepth field is 16-bit le16, but the actual maximum depth is limited to OCFS2MAXPATHDEPTH. A check was added to prevent out-of-bounds access if th...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: f2fs: vmunmapram may be called from an invalid context When testing F2FS with xfstests using UFS-backed virtual disks, the kernel sometimes reports that f2fsreleasedecompmem calls vmunmapram from an invalid context. An example...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Prevent integer overflow in AG size calculation The JFS filesystem calculates allocation group AG size using 1 2TB aggregates on 32-bit systems, this 32-bit shift operation causes undefined behavior and improper AG sizing...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: jfs: added a sanity check for agwidth in dbMount. When the width of the AG in dmapctl is zero, a divide error occurs when calculating the control page level in dbAllocAG. To avoid this issue, a check for agwidth was added in...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-boundary access in dnode page As Jiaming Zhang reported: dumpstack lib/dumpstack.c:94 inline dumpstacklvl+0x1c1/0x2a0 lib/dumpstack.c:120 printaddressdescription mm/kasan/report.c:378 inline...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: Properly handles errors when reading symbolic links. The patch series “Convert ocfs2 to use folios”. Mark converted ocfs2 to use folios and sent it to me as a major patch for review ;- So I reworked it into individual...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: iomap: avoid avoid truncating 64-bit offset to 32 bits on 32-bit kernels, iomapwritedelallocscan was inadvertently using a 32-bit position due to folionextindex returning an unsigned long. This could lead to an infinite loop when...