Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: TCP: cdg: allows tcpcdgrelease to be called multiple times. It seems that MPTCP can call tcpdisconnect on a flow that is already disconnected. This is generally fine, unless the current congestion control mechanism is CDG, as ...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: fixed the potential integer overflow that could occur when shifting an int. The left shift of the 32-bit integer constant 1 is evaluated using 32-bit arithmetic, and then passed as a 64-bit function argument. In cas...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: dmaengine: imx-sdma: Fixed a possible memory leak in sdmatransferinit If the function sdmaloadcontext fails, the sdmadesc will be freed, but the allocated desc-bd is forgotten to be freed as well. We have already encountered the...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: char: tpm: Protect tpmpmsuspend with locks Currently, tpm transactions are executed unconditionally in the tpmpmsuspend function, which may lead to races with other tpm accessors in the system. Specifically, the hwrandom tpm driv...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: gpiolib: A memory leak was fixed in gpiochipsetupdev. Here is a backtrace report regarding the memory leak detected in gpiochipsetupdev: Unreferenced object: 0xffff88810b406400 size 512 - Source: comm "python3", pid 1682, jiffies...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fixed a use-after-free race condition for maps It is possible that before fastrpcfreemap is called, another thread may call fastrpcmaplookup and obtain a reference to a map that is about to be deleted. The function...

Astra Linux – Vulnerability in Linux 5.15, Linux

In the Linux kernel, the following vulnerability has been resolved: Firmware: armscmi: Hardened access to reset domains. Accessing reset domain descriptors via indexes in SCMI driver requests, through the SCMI reset operation interface, may potentially lead to out-of-bound violations if the SCMI...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ipvs: fixed an error in ipvsappnetcleanup During the initialization of ipvsappnetinit, if the file ipvsapp fails to be created, the initialization will still succeed by default. Therefore, the ipvsapp file will not be found durin...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: mdio: fixed an undefined behavior in bit shifting for mdiobusregister. Shifting a signed 32-bit value by 31 bits is undefined; therefore, the significant bit was changed to unsigned. The UBSAN warning appears as follows:...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ipv6: fixed an error in ip6routenetexitlate During the initialization of ip6routenetinitlate, if the files ipv6route or rt6stats fail to be created, the initialization is successful by default. Therefore, the ipv6route or rt6stat...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: fscrypt: stopped using the keyring subsystem for fscryptmasterkey. The approach of having fs/crypto/ manage the fscryptmasterkey structures internally as payloads within “struct key” objects contained in a “struct key” keyring...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: tipc: The issue in tipcnlcompatnametabledumpheader regarding the check of the msg-req TLV length was fixed. This is a follow-up to commit 974cb0e3e7c9 “tipc: fixing uninit-value in tipcnlcompatnametabledump", where a type cast fr...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: fixed the memory leak in the elf header buffer. This issue was reported by the kmemleak detector: Unreferenced object 0xffffc900002a9000 size 4096: comm “kexec”, pid 14950, jiffies 4295110793 age 373.951s Hex dump firs...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ipv4: Handled attempts to delete multipath routes when fibinfo contains a reference to nh. Gwangun Jung reported a buffer overflow vulnerability in fibnhmatch: fibnhmatch+0xf98/0x1130, linux-6.0-rc7/net/ipv4/fibsemantics.c:961...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: memcg: A potential “use-after-free” issue has been fixed in memcgwriteeventcontrol. memcgwriteeventcontrol accesses the dentry-dname of the specified control file to route the write operation. Since a cgroup interface file cannot...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Fixed the UAF issue related to GEM handle creation. The user space may attempt to guess the handle value and race the GEM object creation with the handle being closed. This can lead to a use-after-free scenario if we...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: sched/debug: The issue of dentry leaks during the updatescheddomain Debugfs operation has been fixed. Kuyo reports that the pattern of using DebugfsRemoveDebugfsLookup causes a dentry leak. During a hot-plug stress test, the...

Astra Linux – Vulnerability in Linux 5.15

The Linux kernel’s NFSD implementation before versions 5.19.17 and 6.0.2 is vulnerable to buffer overflow attacks. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call RPC into a single array of pages. A client can force the...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The validation of the request buffer size was added in smb2allocaterspbuf. The response buffer should be allocated in smb2allocaterspbuf before validation of the request. However, fields within the payload as well as the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed an array-index-out-of-bounds issue in dcn35clkmgr. Why There is a potential memory access violation during the iteration of the dcn35 clks’ array. How The iteration rate per array size has been limited...