Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/9p: Fixed buffer overflow in the USB transport layer. There is a buffer overflow vulnerability in the USB 9pfs transport layer. In this case, inconsistencies in size validation between packet header parsing and actual data...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netfs: The “copy-to-cache” mechanism has been fixed so that it performs collection using Ceph+FSCache. The “copy-to-cache” mechanism used by Ceph with local caching creates a new request to write data that was just read from the...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: jfs: fixed a slab-out-of-bounds Read in dtSearch Currently, when searching for the current page in the sorted entry table of the page, there is an out-of-bound access. A bound check has been added to fix this error. Dave: The...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: A potential memory leak has been fixed in ext4fcrecordregions. Since krealloc may return NULL, in this case, state-fcregions may not be freed by krealloc. However, state-fcregions is already set to NULL. This could lead to ...

Astra Linux – Vulnerability in WebKit2GTK

In BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit, prior to version 2.34.1, there was a limited bypass of the sandbox mechanism. This allowed a sandboxed process to trick host processes into believing that the sandboxed process was not confined by the sandbox. This was achieved by exploiting...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mm: Use memallocnofssave in pagecacheraorder See commit f2c817bed58d “mm: Use memallocnofssave in readahead path”. Ensure that pagecacheraorder does not attempt to reclaim file-backed pages too often, as this can lead to a...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed an assertion issue when building the free space tree. When building the free space tree with the block group tree feature enabled, an assertion failure may occur like this: BTRFS info device loop0 state M: rebuilding...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: Fixed to avoid mapping the wrong physical block for the swapfile. Xiaolong Guo reported a bug related to f2fs in bugzilla 1. 1 https://bugzilla.kernel.org/showbug.cgi?id=220951 Quoted: “When using the stress-ng swap stress...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: sparc: Fixed inaccurate exception reporting in copyfromtouser for UltraSPARC III. Anthony Yznaga discovered that a bug in the ext4 code, where large amounts of data were allowed, resulted from copyfromuser returning impossibly...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: vfs: Do not leak disconnected dentrys during umount When the user calls openbyhandleat on an inode that is not cached, we will create a disconnected dentry for it. If such a dentry is a directory, exportfsdecodefhraw will attempt...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed an issue where inode lists were leaked during backref walking in findparentnodes. During backref walking, when findparentnodes is called, if we are dealing with a data extent and an error occurs while resolving...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Remove WARNON from functionfsbind This commit addresses an issue related to a kernel panic that occurs when paniconwarn is enabled. The issue is caused by the unnecessary use of WARNON in functionfsbind, which c...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: checks dot and dotdot of dxroot before making dir indexed Syzbot reports the following issue: ============================================ BUG: Unable to handle page fault for address: ffffed11022e24fe PGD 23ffee067 P4D...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: nilfs2: Fixed an underflow in calculations for the second superblock position. The macro NILFSSB2OFFSETBYTES calculates the position of the second superblock. This calculation results in an underflow when the devicesize argument ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netfs: Call invalidatecache only if implemented Many fileystems, such as NFS and Ceph, do not implement the invalidatecache method. On these fileystems, if writing to the cache NETFSWRITETOCACHE fails for some reason, the kernel...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix for unbuffered write error handling If all the subrequests in an unbuffered write stream fail, the subrequest collector does not update the stream-transferred value, and it retains its initial LONGMAX value...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: fs: Relaxing the assertions when encoding file handles fails Encoding file handles is typically performed via a filesystem method called encodefh, which may fail for various reasons. Legacy users of exportfsencodefh—such as nfsd...

Astra Linux – Vulnerability in Python-Django

A issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 when Python 3.7+ was used. The intermediate-level directories of the filesystem cache had the system’s standard umask instead of 0o077...

Astra Linux – Vulnerability in docker.io

In Docker versions prior to 9.03.15 and 20.10.3, there is a vulnerability related to the --userns-remap option. This option allows access to the remapped root directory, enabling privilege escalation to the actual root directory. When using --userns-remap, if the root user in the remapped namespa...

Astra Linux – Vulnerability in grub2

A flaw was discovered in the HFS filesystem. When reading the name of an HFS volume during the grubfsmount function, the HFS filesystem driver uses the user-provided volume name as input without properly verifying the length of that name. This issue may lead to a heap-based out-of-bounds write...