Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ipvs: A warning in ipvscleanupbatch has been fixed. During the initialization of ipvsconnnetinit, if the files ipvsconn or ipvsconnsync fail to be created, the initialization is successful by default. Therefore, the ipvsconn or...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: gpiolib: fixed a race condition related to gdev-srcu If two drivers call gpiochipadddatawithkey, one might traverse the srcu-protected list in gpionametodesc, while the other just adds its gdev in gpiodevaddtolist unlocked. Th...

Astra Linux – Vulnerability in LibreOffice

LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted using a single master key provided by the user. There was a flaw in LibreOffice where the required initialization vector for encryption was always the same,...

Astra Linux – Vulnerability in Firefox

A memory-out-of-memory condition during object initialization could lead to an empty shape list. If the JIT compiler traces the object subsequently, it will cause a crash. This vulnerability affects Firefox versions less than 125...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Initialize Xen timers only once A check for existing xen timers was added before initializing a new timer. Currently, the kvmxeninittimer function is called every time KVMXENVCPUATTRTYPETIMER is used. This causes th...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/msm/a3xx: Fixed error handling in a3xxgpuinit. These error paths now return 1 on failure, instead of a negative error code. This could lead to an Oops in the calling function. Another issue is that the check for "if ret !=...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: A memory leak has been fixed in qla2x00probeone. There is also a memory leak reported by kmemleak: unreferenced object 0xffffc900003f0000 size 12288: - Source: comm "modprobe", pid 19117, jiffies 4299751452 age...

Astra Linux – Vulnerability in SQLite3

SQLite version 3.31.1 allows attackers to cause a denial of service segmentation fault through a malformed window-function query, due to improper handling of the initialization of the AggInfo object...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: NFSD: Fixed the crasher in nfsd4encodefattr4 Ensured that args.acl is initialized early. It is used in a unconditional call to kfree at the end of nfsd4encodefattr4...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: md: initbioset in mddevinit. IO operations may be required before mdrun, such as updating metadata after writing to sysfs. Without bioset, this triggers a NULL pointer dereference, as shown below: BUG: NULL pointer dereference in...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ipvs: fixed an error in ipvsappnetcleanup During the initialization of ipvsappnetinit, if the file ipvsapp fails to be created, the initialization will still succeed by default. Therefore, the ipvsapp file will not be found durin...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: net: arcnet: com20020: Fixed nullptrderef in com20020pciprobe During driver initialization, the pointer to card info is required—specifically, the variable ‘ci’. However, the definition of ‘com20020pciidtable’ indicates that this...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: um: initcputasks earlier. This issue is currently addressed in umlfinishsetup. However, for example, when KCOV is enabled, this could still cause crashes, as some initialization code might call functions like memparse, which have...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nvmet: pci-epf: Do not complete commands twice if nvmetreqinit fails The issue arises when nvmetreqinit calls nvmetreqcomplete internally in case of failures, such as when an unsupported opcode is encountered. This triggers the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: it6505: Initialize AUX channel in it6505i2cprobe During device booting, the HPD interrupt might be triggered before the DRM subsystem registers it6505 as a DRM bridge. In such cases, the driver attempts to access the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: vdpasimblk: The number of address spaces and virtqueue groups was set. The commit bda324fd037a “vdpasim: control virtqueue support” added two new fields nas, ngroups to vdpasimdevattr, but we forgot to initialize them for...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm: Check output polling initialized before disabling In drmkmshelperpolldisable check if output polling support is initialized before disabling polling. If not flag this as a warning. Additionally in drmmodeconfighelpersuspend...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: nbd: Always initialize struct msghdr completely. syzbot reports that the value of msg-msggetinq may be uninitialized 1. The struct msghdr has many new fields recently. We should always ensure that their values are zero by...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: go7007: fix a memleak in go7007loadencoder In go7007loadencoder, the variable bounce i.e., go-bootfw is allocated without subsequent deallocation. After the following call chain: saa7134go7007init | | - go7007bootencoder |...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/panthor: Fixed a UAF in the panthorgemcreatewithhandle function’s debugfs code. The object may potentially have already been deleted after the drmgemobjectput call. In general, the object should be fully constructed before...