Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed a task that was hung in ext4xattrdelete inode. Syzbot reported a problem with hung tasks: ================================================================== INFO: Task syz-executor232:5073 is blocked for more than...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: nilfs2: Fixed a use-after-free of nilfsroot during the dirtying of inodes via iput. During the unmount process of nilfs2, nothing holds the nilfsroot structure after nilfsdetachlogwriter detaches its writer. Previously, nilfsevic...

Astra Linux - уязвимость в linux-5.10, linux

A use-after-free vulnerability was discovered in the Linux kernel’s ext4 file system, particularly regarding the handling of the additional inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: Fix for corruption during online resizing We observed corruption during online resizing of a file system that is larger than 16 TiB and has a 4k block size. When there are more than 2^32 blocks, resizeinode is turned off by...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iomap: fixed invalid folio access when iblkbits differs from the I/O granularity. The commit aa35ddcbc06 “iomap: fixed invalid folio access after folioendread” partially addressed invalid folio access for folios without an ifs...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: - ntfs: Added a sanity check on the allocation size. - ntfsread inodemount calls ntfsmallocnofs with an allocation size of zero. This triggers a bug in the ntfsmalloc function. Fix by adding a sanity check on ni-attrlistsize...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a use-after-free in ext4orphancleanup. I identified the issue as follows: BUG: KASAN: Use-after-free in listaddvalid+0x28/0x1a0. Read of size 8 at address ffff88814b13f378 by task mount/710. CPU: 1 PID: 710 Comm:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Unmarking an inode as in use in error paths If an error occurs, the inode is marked as “in use”. If the marking of the inode as “in use” occurs in cachefilesopenfile, Cachefiles will report an error message saying...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to perform sanity checks on inline inode. Yanming reported a kernel bug on Bugzilla Kernel 1, which can be reproduced. The bug message is as follows: The kernel message is displayed as follows: Kernel BUG at...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel up to version 6.2.7, fs/ntfs3/inode.c contains an invalid kfree function because it does not validate the MFT flags before replaying logs...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Release the correct amount of memory allocated during direct IO write operations. Running generic/406 causes the following warning in btrfsdestroyinode, which indicates that there are still unallocated extents remaining...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Added a null pointer check for inode operations This adds a sanity check for the iop pointer of the inode, which is returned after reading the Root directory MFT record. We should check that the iop is valid before...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: fscrypt: The destroykeyring function must be called after securitysbdelete. The fscryptDestroykeyring function must be called after all potentially-encrypted inodes have been evicted; otherwise, it cannot safely destroy the...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed the issue where idisksize can exceed isize in partially written cases. It is possible for idisksize to exceed isize, triggering a warning. The code includes the following steps: - genericperformwrite: Copied =...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ext4: Added the EXT4IGETBAD flag to prevent unexpected bad inodes. There are many places that may encounter problems and crash when ext4iget returns a bad inode. However, if the iget function returns a bad inode, it may not be...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Quota: Fixed the potential NULL pointer dereferencing. The race condition below may cause NULL pointer dereferencing. P1 P2 dquotfreeinode quotaoff dropdquotref removedquotref dquots = idquotinode dquots = idquotinode...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: NFSv4.2: fixed issues related to nfs42sscopen. A destination server, when performing a COPY operation, should not accept the passed-in filehandle if it is not a regular filehandle. If allocfilepseudo fails, we need to decremen...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed the bug in estreesearch caused by an invalid boot loader inode. We have encountered the following issues: kernel BUG at fs/ext4/extentsstatus.c:203! invalid opcode: 0000 1 PREEMPT SMP CPU: 1 PID: 945 Comm: cat Not...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Silence the warning when evicting an inode with dioreadnolock When evicting an inode with the default dioreadnolock setting, it may cause problems because the unwritten extents are converted by the kworker after writeback,...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ext2: Added more validation checks for inode counts. Checks were added to ensure that the number of inodes stored in the superblock matches the number calculated based on the number of inodes per group. It was also verified th...