Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Validated user queue size constraints. Added validation to ensure that user queue sizes meet hardware requirements: - The size must be a power of two for efficient ring buffer wrapping. - The size must be at least...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs – validates the length of the inner IPv4 header in the IPTFS payload. Validation of the totlen and ihl fields of the inner IPv4 packet has been added to the process of parsing decrypted IPTFS payloads in...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: Wil6210: debugfs: fixed the use of uninitialized variables in wilwritefilewmi Commit 7a4836560a61 replaces the simplewritetobuffer function with memdupuser, but it forgets to change the value returned by the...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tundetach Syzbot reported a use-after-free in tundetach. This causes a call trace like the following: ================================================================== BUG: KASAN: use-after-free i...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: e100: A potential use of memory after freeing it has been fixed in e100xmitprepare. In e100xmitprepare, if we cannot map the skb, then -ENOMEM is returned. As a result, e100xmitframe will return NETDEVTXBUSY, and the upper layer...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: nbd: defer config put in recvwork There is one UAF issue in recvwork when running NBDCLEARSOCK and NBDCMDRECONFIGURE: - nbdgenlconnect // confref=2 connect and recvwork A - nbdopen // confref=3 - recvwork A completed //...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fixed a race condition in cpumap on PREEMPTRT kernels. On PREEMPTRT kernels, the per-CPU xdpbulkqueue can be accessed concurrently by multiple preemptible tasks on the same CPU. The original code assumes that bqenqueue an...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: dm-bufio: fixed scheduling in atomic context If “tryverifyintasklet” is set for dm-verity, and DMBUFIOCLIENTNOSLEEP is enabled for dm-bufio. However, when bufio attempts to evict buffers, there is a possibility of triggering...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: Fixed null-ptr-deref in l2capsockresumecb. syzbot reported null-ptr-deref in l2capsockresumecb. 0 l2capsockresumecb has a similar issue that was fixed in commit 1bff51ea59a9 “Bluetooth: fixed use-after-free errors i...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: net: sierra: check for no status endpoint The driver checks whether it has three endpoints, as well as endpoints for bulk in-and-out operations. However, it does not check whether the third endpoint is an interrupt input. Th...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nfconntrack: A crash occurred when attempting to remove an uninitialized entry from the hash bucket list. A crash occurred while trying to remove the conntrack entry from the hash bucket list: Exception RIP:...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: HID: core: Ensure that the allocated report buffer can contain the reserved report ID. When the report ID is not used, the low-level transport drivers expect the first byte to be 0. However, currently, the allocated buffer does n...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Fixed OOB read on empty string write When writing an empty string to either ‘qwsign’ or ‘landingPage’ sysfs attributes, the store functions attempt to access pagel – 1 before verifying that the length ‘l’ i...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: HID: core: Do not bypass hidhwrawrequest The hidhwrawrequest function is actually useful for ensuring that the provided buffer and length are valid. Directly calling this function in the low-level transport driver bypassed those...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: misc: miscminoralloc will now use ida to allocate IDs for all dynamic/misc dynamic minors. Previously, miscminoralloc only used ida to allocate IDs for minors in the case of MISCDYNAMICMINOR. However, miscminorfree always used...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/rtrs: Ensure that the ‘ibsge list’ is accessible. Move the declaration of the ‘ibsge list’ variable outside the ‘alwaysinvalidate’ block to ensure that it remains accessible for use throughout the function. Previously, th...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net:sched: fix use-after-free in tapriochange In tapriochange, the admin pointer may become dangling due to the sched switch/removal caused by advancesched. The critical section protected by q-currententrylock is too small to...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/mad: Improved handling of time-out WRs for mad agents. The current timeout handler for mad agents acquires/releases the madagentpriv lock for every time-out WR. This causes heavy locking contention when multiple WRs need to ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: soundwire: Reverted “soundwire: qcom: Add setchannelmap API support”. This reversion corresponds to commit 7796c97df6b1b2206681a07f3c80f6023a6593d5. This patch caused issues with Dragonboard 845c sdm845. The following errors...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: iio: accel: fxls8962af: Fixed an issue where the fxls8962affifoflush function used indiodev-activescanmask without ensuring that indiodev remained in buffer mode. There is a race condition if indiodev exits buffer mode during...