Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: Ensure waiting for page writeback in memoryfailure. Our syzkaller triggers "BUGON!listempty&inode-iwblist" in clearinode: - Kernel bug at fs/inode.c:519: Internal error; Oops – Bug: 0 1 SMP. - Modules linked in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ima: A memory leak was fixed in imainodehash. The commit f3cc6b25dcc5 “ima: always measure and audit files in policy” allows measurement or auditing to occur even when the file digest cannot be calculated. As a result, iint-imaha...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In ext4, it was determined that it is not allowed for the journal inode to have the “encrypt” flag. Mounting a filesystem whose journal inode has the “encrypt” flag causes a NULL dereference in fscryptlimitioblocks when the...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Nilfs2: Rejects invalid file types when reading inodes. To prevent inodes with invalid file types from causing malfunctions or assertion failures, a missing sanity check should be added when reading an inode from a block device. ...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Passing a u64 value to ocfs2truncateInline may lead to an overflow. Syzbot reported a kernel bug in ocfs2truncateInline. There are two reasons for this: first, the parameter value passed is greater than...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: fs: export anoninodemakesecureinode and fix the issue with secretmem LSM bypass. The anoninodemakesecureinode function was exported to allow KVM guestmemfd to create anonymous inodes with proper security context. This replaces...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed a bug in ext4mbnew inodepa due to overflow. When calculating the end position of ext4freeextent, this position might be exactly where ext4lblkt i.e., a uint overflows. For example, if acgex.felogical is 4294965248 and...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: proc: Fixed a UAF in procget inode. Fixed a race condition between rmmod and the instantiation of /proc/XXX’s inode. The bug is that pde-procops does not belong to /proc; instead, it belongs to a module. Therefore, dereferenci...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Fixing inode number range checks The patch series “nilfs2: Fixing potential issues related to reserved inodes” addresses one use-after-free issue reported by syzbot. This issue arises due to the internal inode of nilfs...

Astra Linux - уязвимость в linux-5.10, linux

The file drivers/usb/gadget/legacy/inode.c in the Linux kernel, up to version 5.16.8, improperly handles the release of dev-buf...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: gfs2: Prevent recursive memory reclamation The function new inode returns a new inode with inode-imapping-gfpmask set to GFPHIGHUSERMOVABLE. This value includes the GFPFS flag, so allocations in that address space can recursively...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: The release path occurs before igetfailed in btrfsreadlocked inode. In btrfsreadlocked inode, if we fail to look up the inode, we jump to the ‘out’ label with a path that has a read-locked leaf. Then we call igetfailed. Th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: The inode marked as “bad” can remain after attempting to remove a file’s name. The reproducer uses a file0 on an ntfs3 file system with a corrupted ilink. When renaming a file, the inode of file0 is marked as “bad”...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: Fix for corruption during online resizing We observed corruption during online resizing of a file system that is larger than 16 TiB and has a 4k block size. When there are more than 2^32 blocks, resizeinode is turned off by...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Lock the inode in shared mode before starting fiemap. Currently, fiemap does not lock the inode itself VFS lock; instead, it only locks a file range within the inode’s io tree. However, this can lead to a deadlock if there...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: fs: Fixed the UAF/GPF bug in nilfsmdtdestroy. In allocinode, inodeinitalways might return -ENOMEM if securityinodealloc fails, which results in the inode-iprivate being uninitialized. As a consequence, nilfsismetadatafileinode...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed the bug in ext4mbuse inodepa. Hulk Robot reported a BUGON: kernel BUG at fs/ext4/mballoc.c:3211! ... RIP: 0010:ext4mbmarkdiskspaceused.cold+0x85/0x136f ... Call Trace: ext4mbnewblocks+0x9df/0x5d30...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: - A few race conditions in the handling of MNTTREEBENEATH were fixed by using domovemount. Normally, dolockmountpath, locks a mountpoint pointed to by path. At the time when unlockmount is called, that location is still locked...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: gfs2: Always check the inode size of inline inodes. Check whether the inode size of inline inodes is within the allowed range when reading inodes from the disk gfs2dinodein. This prevents on-disk corruption. The two checks in...

Astra Linux - уязвимость в linux, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Fixed state management in the error path of the log writing function. After the commit a694291a6211 “nilfs2: separate the wait function from nilfssegctorwrite” was applied, the log writing function...