3383 matches found
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Fixing inode number range checks The patch series “nilfs2: Fixing potential issues related to reserved inodes” addresses one use-after-free issue reported by syzbot. This issue arises due to the internal inode of nilfs...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Nilfs2: Rejects invalid file types when reading inodes. To prevent inodes with invalid file types from causing malfunctions or assertion failures, a missing sanity check should be added when reading an inode from a block device. ...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Initializing quotas for ‘old.inode’ in ‘ext4rename’. Syzbot identified the following issues: - ext4parseparam: swantextraisize=128 - ext4inodeinfoinit: swantextraisize=32 - ext4rename: old.inode=ffff88823869a2c8;...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: gfs2: Prevent recursive memory reclamation The function new inode returns a new inode with inode-imapping-gfpmask set to GFPHIGHUSERMOVABLE. This value includes the GFPFS flag, so allocations in that address space can recursively...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: fs: export anoninodemakesecureinode and fix the issue with secretmem LSM bypass. The anoninodemakesecureinode function was exported to allow KVM guestmemfd to create anonymous inodes with proper security context. This replaces...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: A NULL dereference in niwriteinode has been fixed. Syzbot reports a NULL dereference in niwrite inode. When creating a new inode, if the allocation fails in the miinit function called in the miformatnew function, mi-mre...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ovl: fixed null pointer dereferencing in ovlgetaclrcu The sequence of operations is as follows: P1 P2 pathopenat linkpathwalk maylookup inodepermissionrcu ovlpermission aclpermissioncheck checkacl getcachedaclrcu ovlget inodeacl...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed a race condition between direct IO writes and fsync operations when using the same file descriptor. If we have two threads that use the same file descriptor, and one of them performs direct IO writes while the other...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed the issue of clearing dirty inodes in f2fsevictinode. As reported by Yanming in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215904 The kernel message is as follows: Kernel BUG at fs/f2fs/inode.c:825! Call...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed a warning in ext4handleinodeextension We encountered the following issues: EXT4-fs error device loop0 in ext4reserveinodewrite:5741: Out of memory EXT4-fs error device loop0: ext4setattr:5462: inode 13: comm...
Astra Linux - уязвимость в linux-5.15, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: blk-crypto: made blkcryptoevictkey more robust. If blkcryptoevictkey determines that the key is still in use due to a bug or that -keyslotevict failed, it currently simply returns without unlinking the key from the keyslot...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ceph: avoided a kernel bug for encrypted inodes with unaligned file sizes. The generic/397 test encountered a bug in the case of encrypted inodes with unaligned file sizes for example, 33K or 1K: 877.737811 ran fstests generic/39...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: Ensure waiting for page writeback in memoryfailure. Our syzkaller triggers "BUGON!listempty&inode-iwblist" in clearinode: - Kernel bug at fs/inode.c:519: Internal error; Oops – Bug: 0 1 SMP. - Modules linked in...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: Always detect conflicting inodes when logging inode refs After a rename operation either through the rename exchange operation or through regular renames in multiple non-atomic steps, when two inodes are renamed and at lea...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ima: A memory leak was fixed in imainodehash. The commit f3cc6b25dcc5 “ima: always measure and audit files in policy” allows measurement or auditing to occur even when the file digest cannot be calculated. As a result, iint-imaha...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: In ext4, it was determined that it is not allowed for the journal inode to have the “encrypt” flag. Mounting a filesystem whose journal inode has the “encrypt” flag causes a NULL dereference in fscryptlimitioblocks when the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: The release path occurs before igetfailed in btrfsreadlocked inode. In btrfsreadlocked inode, if we fail to look up the inode, we jump to the ‘out’ label with a path that has a read-locked leaf. Then we call igetfailed. Th...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fixed data corruption caused by fallocate. When fallocate creates holes in the inode size, if the original size is located in the middle of the last cluster, then the portion of the block from isize to the end of the clust...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Audit: Fixed a possible soft lockup in audit inode child. Tracefs or debugfs might cause hundreds to thousands of PATH records. Too many PATH records might lead to a soft lockup. For example: 1. CONFIGKASAN=y && CONFIGPREEMPTION=...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: The inode marked as “bad” can remain after attempting to remove a file’s name. The reproducer uses a file0 on an ntfs3 file system with a corrupted ilink. When renaming a file, the inode of file0 is marked as “bad”...