Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: Networks: Ethernet – Fix for potential use-after-free in ecbhfremove. The code static void ecbhfremovestructpcidev dev looks as follows: c ... struct ecbhfpriv priv = netdevprivnetdev; unregisternetdevnetdev; freenetdevnetdev;...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: irqchip/gic/realview: A refcount leak was fixed in realviewgicofinit. The function offindmatchingnodeandmatch returns a node pointer with a incremented refcount. We should use ofnodeput on it when there is no longer a need for...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set ubuf-sg = NULL if the creation of the sg table fails. When the user space attempts to map the dmabuf, and for some reason e.g., OOM, the creation of the sg table fails, ubuf-sg needs to be set to NULL. Otherwise, whe...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: amdgpu: validate offsetinbo of drmamdgpugemva This issue arises due to OOB access in amdgpuvmupdaterange when offsetinbo + mapsize causes an overflow. Changes made in versions v2 and v3: - The validations were retained in...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fixed potential memory corruption in childcfsrqonlist. childcfsrqonlist attempts to convert a ‘prev’ pointer to a cfsrq. This ‘prev’ pointer can originate from the struct rqs’s leafcfsrqlist, making the conversion...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: fs/smb: Fixed inconsistent refcnt updates. An inconsistent update of the refcount was identified in smb2compoundop. Such inconsistent updates could lead to potential resource leaks. Why this is a potential bug: 1. In the comment...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Remove the spinlockbh operation when releasing resources after uploading. Session resources are used by the firmware and driver when the session is offloaded. Once the session is uploaded, these resources are no...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bnxten: Adjusted the logging of firmware messages in case the token is released in hwrmsend. If the token is released because token-state equals BNXTHWRMDEFERRED, the released token set to NULL is used in log messages. This issue...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: “Revert ‘drm/amd/display: Use HW lock mgr for PSR1’” This revertment is associated with the commit a2b5a9956269 “drm/amd/display: Use HW lock mgr for PSR1”. It may cause system hangs when connecting with the two EDP panels...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Net: Reenabling NETIFFIPV6CSUM offloading for BIG TCP packets The problematic commit disabled the hardware offloading of IPv6 packets with extension headers on devices that advertise NETIFFIPV6CSUM. This was based on the definiti...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/qxl: Added a check for drmcvtmode. Added a check on the return value of drmcvtmode, and return an error if it fails, in order to avoid NULL pointer dereferencing...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Firmware: csdsp – Fixed the overflow checking of the wmfw header. The issue involved fixing the check to ensure that the firmware file buffer is large enough to accommodate the wmfw header, thereby preventing the buffer from bein...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/sched: accept TCASTAB only for root qdisc Most qdisc implementations maintain their backlog using qdiscpktlenskb, under the assumption that this value remains invariant between the enqueue and dequeue handlers. Unfortunately,...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference iwlmvmtxskbsta and iwlmvmtxmpdu check that the mvmvsta pointer is not NULL. They retrieve this pointer using iwlmvmstafrommac80211, which dereferences the ieee80211sta pointer. I...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: rtmutex: The rtmutex::waitlock function is dropped before scheduling. The rtmutexhandledeadlock function is called with the rtmutex::waitlock lock still held. In the good case, it returns with the lock held; in the deadlock case,...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: core: Reject skbcopyexpand for fraglist GSO skbs. SKBGSOFRAGLIST values must not be linearized; otherwise, they become invalid. Return NULL if such an skb is passed to skbcopy or skbcopyexpand, in order to prevent a crash...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fixed an overflow issue in the bounds check of the dacloffset field. The dacloffset field was originally defined as an int type and was used in an unchecked addition operation. This could lead to an overflow condition,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fixed a use-after-free issue in the hidishtpclremove function. During the rmmod operation for the intelishtphid driver, a use-after-free issue can occur in the hidishtpclremove function. The function...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: vop: Fixed a warning regarding dereference of a variable before checking it. The ‘state’ parameter cannot be NULL; we should check crtcstate accordingly. Fixed the warning:...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: dmarraycursorend: Fix to prevent releasing a faulty array block twice when using dmarraycursorend. When dmbmreadlock fails due to locking or checksum errors, it releases the faulty block implicitly, leaving an invalid output...