Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: uart: Set tty-discdata only in the successful path. Setting tty-discdata before opening the NCI device means that we need to clean up the state in error paths. This also opens a short window during operation—if the devi...

Astra Linux – Vulnerability in Linux, Linux 5.10

A issue was discovered in the Linux kernel through version 5.16.11. The mixed IPID assignment method, combined with the hash-based IPID assignment policy, allows an off-path attacker to inject data into a victim’s TCP session or terminate that session...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: mptcp: always handle address removal under msk socket lock Syzkaller reported a lockdep splat in the PM control path: WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 sockownedbyme include/net/sock.h:1711 inline WARNING:...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: comedi: vmk80xx: fixed transfer-buffer overflows The driver uses USB transfer buffers sized at the endpoint level, but until recently, there were no sanity checks on these buffer sizes. The commit e1f13c879a7c “staging: comedi...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt2701 – Added a check for the return value of mtkallocclkdata. The check is added to prevent NULL pointer dereferencing...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: TCP: cdg: allows tcpcdgrelease to be called multiple times. It seems that MPTCP can call tcpdisconnect on a flow that is already disconnected. This is generally fine, unless the current congestion control mechanism is CDG, as ...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: AppArmor: A memory leak has been fixed in multitransactionnew. In multitransactionnew, the variable t is not freed or passed away after a failure in the copyfromusert-data, buf, size operation. This could lead to a memory leak...

Astra Linux – Vulnerabilities in Linux-6.1, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Fixed NULL pointer access issues. This patch ensures that the UCSI driver waits for all pending tasks in the ucsidisplayportwork workqueue to complete execution before proceeding with the partner...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the drivers/usb/gadget/udc/udc-xilinx.c file within the Linux kernel, before version 5.16.12, the endpoint index was not validated, and it could be manipulated by the host for out-of-array access...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Fixed unbalanced regulator disabling in UTMI PHY mode When transitioning from USBROLEDEVICE to USBROLENONE, the code assumed that the regulator should be disabled. However, if the regulator is marked as always-o...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: hfsplus: fixed a slab-out-of-bounds issue in hfsplusbnoderead The hfsplusbnoderead method can trigger this issue: 174.852007 T9784 ================================================================== 174.852709 T9784 BUG: KASAN:...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Fixed a race condition related to waking up the NFSLAYOUTDRAIN task. We identified several systems where tasks were stuck in a writeback state, waiting for the same page lock. Additionally, one task was waiting for th...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm: Prevent drmcopyfield from attempting to copy a NULL pointer. There are some fields in the struct drmdriver structure that are required by drivers. Since drmcopyfield attempts to copy these fields to user-space via...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: usb: qmiwwan: Initialize the MAC header offset in qmimuxrxfixup Raw IP packets do not have a MAC header, resulting in skb-macheader being uninitialized. This can trigger kernel panics on ARM64 when xfrm or other subsystems...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: jfs: Verify the inode mode when loading from disk. The inode mode loaded from a corrupted disk may be invalid. Do as described in the commit 0a9e74051313 “isofs: Verify the inode mode when loading from disk”...

Astra Linux – Vulnerability in Linux, Linux 5.10

A use-after-free exists in the drivers/tee/teeshm.c file within the TEE subsystem of the Linux kernel, as of version 5.15.11. This issue arises due to a race condition during the teeshmgetfromid function, when attempting to free a shared memory object...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Net: Ethernet: mvpp2main: A possible out-of-band OOB write attack has been addressed in mvpp2ethtoolgetrxnfc. The rules parameter is allocated in ethtoolgetrxnfc, and its size is determined by rulecnt from the user space...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: NFC: Digital: Fixed a possible memory leak in digitaltglistenmdaa. The variable ‘params’ is allocated in digitaltglistenmdaa, but it is not freed when digitalsendcmd fails. This could lead to a memory leak. The issue is fixed by...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: dma-buf: A memory barrier should be inserted before updating numfences. smpstoremb inserts a memory barrier after storing data. This differs from what the comment originally intended; a null pointer dereferencing can occur if the...

Astra Linux – Vulnerability in Linux, Linux 5.10

The pepsockaccept function in the net/phonet/pep.c file in the Linux kernel, as of version 5.15.8, has a reference count leak...