Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Squashfs: check that the inode number is not the invalid value of zero. Syskiller has identified an out-of-bounds access in the fillmetaindex function. This out-of-bounds access occurs because the inode has an inode number of zer...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Fixed the sanity check on ixattrnid in sanitycheck inode. syzbot reports a kernel bug as follows: F2FS-fs loop0: Mounted with checkpoint version = 48b305e4 ========================================== BUG: KASAN:...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a use-after-free in ext4orphancleanup. I identified the issue as follows: BUG: KASAN: Use-after-free in listaddvalid+0x28/0x1a0. Read of size 8 at address ffff88814b13f378 by task mount/710. CPU: 1 PID: 710 Comm:...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Quota: Fixed the potential NULL pointer dereferencing. The race condition below may cause NULL pointer dereferencing. P1 P2 dquotfreeinode quotaoff dropdquotref removedquotref dquots = idquotinode dquots = idquotinode...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: NFS: Issues with the LTP test failing when timestamps are delegated have been fixed. The utimes01 and utime06 tests fail when delegated timestamps are enabled, especially in subtests that modify the atime and mtime fields using t...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: A possible null pointer dereference has been fixed in niclear. In a previous commit c1006bd13146, ni-mi.mrec in niwrite inode could be NULL. Therefore, a NULL check was added for this variable. However, in the same call...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed a traversal bug in ext4mbusepreallocated. During allocation, when searching for pre-allocations PA in the per-inode rbtree, we cannot perform a direct traversal of the tree. This is because...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Nilfs2: Added a missing check for inode numbers on directory entries. Syzbot reported that mounting and unmounting a specific pattern of corrupted Nilfs2 filesystem images causes a use-after-free of metadata file inodes, which...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ext4: Added the EXT4IGETBAD flag to prevent unexpected bad inodes. There are many places that may encounter problems and crash when ext4iget returns a bad inode. However, if the iget function returns a bad inode, it may not be...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed an inode list leak during backref walking at resolveindirectrefs During backref walking, at resolveindirectrefs, if an error occurs, we jump to the ‘out’ label and call freeleaflist on the ‘parents’ ulist. This frees...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed an issue where inode lists were leaked during backref walking in findparentnodes. During backref walking, when findparentnodes is called, if we are dealing with a data extent and an error occurs while resolving...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Ensure that write operations are atomic. syzbot reported a NULL pointer dereference in genericfilewriteiter. Before the write operation is completed, the user executes ioctl to clear the compress flag of the file. This...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Prevent the release of journal inode after journal shutdown Before calling ocfs2deleteosb, the function ocfs2journalshutdown has already been executed in ocfs2dismountvolume. Therefore, osb-journal must be NULL. As a resul...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: compress: does not allow unaligned truncation on released compress inode An F2FS image may become corrupted after performing the following test cases: - mkfs.f2fs -O extraattr,compression -f /dev/vdb - mount /dev/vdb...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to not dirty the inode for a read-only filesystem. The syzbot reports the f2fs bug as follows: Kernel bug at fs/f2fs/inode.c:933! RIP: 0010:f2fsevict inode+0x1576/0x1590 fs/f2fs/inode.c:933 Call trace: evict+0x2a4/0x6...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Release the correct amount of memory allocated during direct IO write operations. Running generic/406 causes the following warning in btrfsdestroyinode, which indicates that there are still unallocated extents remaining...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: NFSv4.2: fixed issues related to nfs42sscopen. A destination server, when performing a COPY operation, should not accept the passed-in filehandle if it is not a regular filehandle. If allocfilepseudo fails, we need to decremen...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed the bug in estreesearch caused by an invalid boot loader inode. We have encountered the following issues: kernel BUG at fs/ext4/extentsstatus.c:203! invalid opcode: 0000 1 PREEMPT SMP CPU: 1 PID: 945 Comm: cat Not...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Added a null pointer check for inode operations This adds a sanity check for the iop pointer of the inode, which is returned after reading the Root directory MFT record. We should check that the iop is valid before...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: vfs: fixed a race condition between eviceinodes and findinode&iput Hi, everyone, I recently noticed a bug in btrfs. After investigating it further, I believe it’s a race condition in vfs. Let’s assume that there’s an inode i.e.,...