Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Do not allow CHAINID to refer to another table. When looking up chains within the same batch using their IDs, a chain from a different table can be utilized. If a rule is added to a table but refers to a chai...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: hdmi: Unregister codec device on unbind When the device is bound, we register the HDMI codec device. However, we do not unregister it when the device is unbound, resulting in a device leakage issue. We need to unregister...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevents potential Spectre v1 exploits. It seems that cmd could be a Spectre v1 exploit, as it is provided by a user and used as an array index. This vulnerability prevents the contents of kernel memory from being leake...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: hte: tegra-194: Fixed an error in tegrahtemaptolineid where the comparison was set to “”, but it should be changed to “=” to prevent a out-of-bounds read. “mapsz” represents the number of elements in the “m” array; therefore, the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: armmpam: Fixed a null pointer dereference issue when restoring bandwidth counters. When a MSC that supports memory bandwidth monitoring is brought offline and then brought back online, the mpamrestorembwustate function calls...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: NFS: Check the TLS certificate fields in nfsmatchclient If the TLS security policy is of type RPCXPRTSECTLSX509, then the certserial and privkeyserial fields also need to match, as they define the client’s identity, as presented ...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: The page extent mapping was set after the readfolio operation in relocateonepage. One of the CI runs triggered the following panic: Assertion failed: PagePrivatepage && page-private, in fs/btrfs/subpage.c:229 ----------...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a data race around sysctltcpearlyretrans. While reading sysctltcpearlyretrans, it can be changed concurrently. Therefore, we need to add READONCE to its reader...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: udmabuf: Set the DMA mask for the udmabuf device v2 If the DMA mask is not set explicitly, the following warning occurs when the user space attempts to access the dma-buf via the CPU, as reported by syzbot: WARNING: CPU: 1 PID...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

Closing an event channel in the Linux kernel can lead to a deadlock. This occurs when the closure operation is performed in parallel with an unrelated Xen console action, and the handling of a Xen console interrupt occurs in a unprivileged guest. The closure of an event channel is triggered, for...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net/rds: fixed the warning in rdsconnconnectifdown. If a connection is not established yet, getmr will fail, causing the connection to be initiated after getmr...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: e1000: Moved cancelworksync to avoid deadlock. Previously, e1000down called cancelworksync for the e1000 reset task via e1000downandstop, which caused a deadlock. According to user reports and syzbot observations, a deadlock can...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cfg80211: Fixed a race condition in the destruction of the netlink owner interface. My previous fix to fix this issue left a race condition where the exact same deadlock situation as referred to in the original commit could still...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: erofs: corrected incorrect kunmap when using LZMA on HIGHMEM platforms As shown in the call trace, the root cause is incorrect pages handled by kunmap: BUG: Kernel NULL pointer dereferencing, address: 00000000 CPU: 1 PID: 40 Comm...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: MAC comparisons need to be performed in constant time. To prevent timing attacks, MAC comparisons must be done in constant time. Replace the memcmp function with the correct function, cryptomemneq...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: fix leak of memory fw...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: fixed the refcount leak in pcigetdevwrapper. As stated in the comment for pcigetdomainbusandslot, it returns a PCI device with the refcount incremented. Therefore, there is no need to call an additional pcidevget in...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: IB/IPoIB: Fixed legacy IPoIB issues due to an incorrect number of queues. The referenced commit creates child PKEY interfaces through netlink, which involve multiple TX and RX queues. However, some devices do not support more tha...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sendone: fixed the issue of missing CAN header initialization. The read access to struct canxlframe::len within a j1939 object revealed that the reserved elements in struct canframe were not properly initialized...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Fixed a hang that occurred during unmount when the block group reclaim task was running. When starting an unmount, at closectree, if the reclaim task is running and is in the middle of a data block group relocation, a...