Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: gfs2: Prevent recursive memory reclamation The function new inode returns a new inode with inode-imapping-gfpmask set to GFPHIGHUSERMOVABLE. This value includes the GFPFS flag, so allocations in that address space can recursively...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: hfs: Ensure that sb-sfsinfo is always cleaned up. When hfs was converted to the new mount API, a bug was introduced by changing the allocation pattern of sb-sfsinfo. If setupbdevsuper fails after a new superblock has been allocat...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ceph: fixed NULL pointer dereference in cephmdsauthmatch The CephFS kernel client has a regression starting from 6.18-rc1. There is an issue in cephmdsauthmatch if fsname is NULL: c const char fsname =...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Replace BTRFSMAXEXTENTSIZE with fsinfo-maxextentsize. In a zoned filesystem, data writing is limited by maxzoneAppendSize. A large ordered extent is split according to the size of a bio. On the other hand, the number of...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ovl: Fixed a NULL pointer dereference issue in the copy-up warning message. This patch addresses a NULL pointer dereference that caused a recently introduced warning message to fail...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ocfs2: The BUG function was replaced with ocfs2error in ocfs2MoveExtent. In ocfs2MoveExtent, the BUG function was changed to ocfs2error simply to avoid causing the entire kernel to crash due to filesystem corruption...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: jfs: fixed an array-index-out-of-bounds issue in dbFindLeaf. Currently, when searching for dmtreet to find sufficient free blocks, there is a situation where an array index goes out of bounds during the retrieval of elements from...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed the assignment logic of iocb. Commit 18ae8d12991b “f2fs: shows more DIO information in tracepoints” introduced the iocb field in the ‘f2fsdirectIOenter’ trace event. It only assigns the pointer and then accesses it...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Split the initial and dynamic conditions for extentcache. Let’s allocate the extentcache tree without dynamic conditions to avoid a panic caused by a missing condition, as shown below. Create a file with a compressed fla...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fixed data corruption after a failed write operation. When buffering a write attempt fails and data cannot be copied into the underlying page cache, the ocfs2writeendnolock function simply zeroes out and dirtyens the page...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Driver Core: Fixed the issue with waitfordeviceprobe and the interaction with deferredprobetimeout. The mounting of NFS rootfs timed out when deferredprobetimeout was non-zero 1. This occurred because the ipautoconfig initcall...

Astra Linux - уязвимость в grub2

A stack overflow flaw was discovered while reading a BFS file system. A specially crafted BFS file system may lead to an uncontrolled loop, causing grub2 to crash...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: The BUG function call has been removed after failing to insert a delayed directory index entry. Instead of calling BUG when we fail to insert a delayed directory index entry into the delayed node’s tree, we can simply...

Astra Linux - уязвимость в linux-5.10

A vulnerability was discovered in the Linux kernel’s blockinvalidatepage function in the fs/buffer.c file of the filesystem. A missing sanity check may allow a local attacker with user privileges to cause a denial of service DOS issue...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Use the volume UUID in FSOBJECTIDINFORMATION. Use sb-suuid as the primary identifier for volumes. For file systems that do not provide a UUID, fallback to stfs.ffsid, which is obtained from vfsstatfs...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed the issue of clearing dirty inodes in f2fsevictinode. As reported by Yanming in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215904 The kernel message is as follows: Kernel BUG at fs/f2fs/inode.c:825! Call...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: jffs2: fixed a memory leak in jffs2domountfs. If jffs2buildfilesystem in jffs2domountfs returns an error, we can observe the following kmemleak report: -------------------------------------------- Unreferenced object...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: In the vfs layer, a race condition related to mFlags has been fixed in vfscache. The ksmbd function maintains states such as “delete-on-close” and “pending-delete” in ksmbdinode-mFlags. In vfscache.c, this field is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed an uninitialized value in ‘ext4evict inode’. Syzbot identified the following issue: ===================================================== BUG: KMSAN: Uninitialized value in ext4evict inode+0xdd/0x26b0,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: a fix was made to avoid potential deadlocks. As reported by Jiaming Zhang and syzbot, there is a potential deadlock in f2fs as follows: A chain exists of: &sbi-cprwsem → fsreclaim → sbinternal2 Possible unsafe locking...