Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed an issue where the index out of bounds occurred in the DCN30 degamma hardware format translation. This commit addresses a potential index out of bounds issue in the cm3helpertranslatecurvetodegammahwformat...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ntb: ntbhwswitchtec: Fixed a use-after-free vulnerability in switchtecntbremove due to a race condition. In the switchtecntbadd function, it is possible to call the switchtecntbinitsndev function. Then, &sndev-checklinkstatuswork...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: scsi: sd: A “off-by-one” error has been fixed in sdreadBlockcharacteristics. If the device returns page 0xb1 with a length of 8 this occurs with QEMU v2.x, for example, sdReadBlockCharacteristics may attempt an out-of-bounds...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: “aoe”: The potential use-after-free problem has been fixed in multiple locations. Regarding the fix for CVE-2023-6270, f98364e92662 “aoe: The potential use-after-free problem has been fixed in aoecmdcfgpkts” involves replacing...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Slip: Make slhcremember more robust against malicious packets. syzbot found that slhcremember lacked checks against malicious packets 1. slhcremember only checks that the packet’s size is at least 20 bytes, which is...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bootconfig: Use memblockfreelate to free xbc memory to the buddy allocator. In the code for freeing xbc memory in xbcexit, memblock might have transferred memory to the buddy allocator. Therefore, it doesn’t make sense to free...

Astra Linux – Vulnerability in Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access. The recent fix for array out-of-bounds accesses replaced sprintf calls with snprintf. However, since snprintf returns the size of the data to be printed, not the actual output...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-clt: Resets cid to connum – 1 to remain within bounds. In the function initconns, after the createcon and createcm calls for the loop, if something fails. During the cleanup phase of the loop, after the destroy tag, we...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fixed the “in-kernel MMIO” check TDX only supports MMIO operations initiated by the kernel. The handlemmio function checks whether the VE exception occurred in the kernel and rejects the operation if it did. However, the...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: rtw88 – Always wait for both firmware loading attempts. In the function rtwwaitfirmwarecompletion, always wait for both regular and wowlan firmware loading attempts. Otherwise, if the rtwusbintfinit function fails in...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: vhostvdpa: The irqbypassunregisterproducer function must correctly assign the token. Previously, we used irqbypassunregisterproducer in vhostvdpasetupvqirq, which was problematic because we had no way of knowing whether the...

Astra Linux – Vulnerability in Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: A missing size check was added in amdgpudebugfsgprwaveread. This prevents a potential buffer overflow if the size exceeds 4K. Cherry-picked from the commit f5d873f5825b40d886d03bd2aede91d4cf002434...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: ISO: Fixed UAF in isosocktimeout The conn-sk might have been unlinked/freed while waiting for isoconnlock. Therefore, this check determines whether conn-sk is still valid by verifying that it is part of isosklist...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpudm initialization when the number of links is greater than maxlinks. Reason The Coverity report indicates an OVERRUN warning. There are only maxlinks elements within dc-links. The number of links can...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: dm cache: fix out-of-bounds access to the dirty bitset when resizing dm-cache checks the dirty bits of the cache blocks to be dropped when shrinking the fast device, but an index bug in bitset iteration causes out-of-bounds acces...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: The neighnotify function can be called without RTNL or RCU protection. Use RCU protection to avoid potential Universal Atomic Faults UAF...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/hyperv: Fixed an address space leak when the Hyper-V DRM device is removed. When a Hyper-V DRM device is probed, the driver allocates MMIO space for the vram and maps it as cacheable. If the device is removed, or if the devic...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: The dummy regulator must be checked before being used. Due to asynchronous driver probing, there is a possibility that the dummy regulator may not have been checked when accessed for the first time...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed an integer overflow issue while processing the closetimeo mount option. The user-provided closetimeo mount parameter, of type u32, is intended to have an upper limit. However, before this limit is validated, the value...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: switchdev: The blocking notification chain is converted to a raw notification chain. A blocking notification chain uses a read-write semaphore to protect the integrity of the chain. The semaphore is acquired for writing when...