Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: RISCV: Fixed sleeping in an invalid context in die. Die can be called in an exception handler, and therefore cannot sleep. However, die takes spinlockt, which can sleep when PREEMPTRT is enabled. This causes the following warning...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Misc: Microchip: PCI1xxxx – Resolve kernel panic during GPIO IRQ handling This issue resolves the kernel panic caused by improper handling of IRQs when accessing GPIO values. This is achieved by replacing the generichandleirq...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Remove WARNON from functionfsbind This commit addresses an issue related to a kernel panic that occurs when paniconwarn is enabled. The issue is caused by the unnecessary use of WARNON in functionfsbind, which c...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iio: imu: kmx61: fixed information leakage in the triggered buffer. The “buffer” local array is used to push data to user space from a triggered buffer. However, it does not set values for inactive channels, as it only uses...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed an out-of-bounds access in ‘dcn21linkencodercreate’. An issue was identified in the dcn21linkencodercreate function, where an out-of-bounds access could occur when the hpdsource index was used to reference...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Tracing: Fixed a use-after-free in printgraphfunctionflags during tracer switching. Kairui reported a UAF issue in printgraphfunctionflags during ftrace stress testing 1. This issue can be reproduced by putting a ‘mdelay10’ after...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: x86/xen: Remove the USERGSSYSRET64 paravirt call. This change is committed as upstream commit afd30525a659ac0ae0904f0cb4a2ca75522c3123. USERGSSYSRET64 is used to return from a syscall via SYSRET. However, a Xen PV guest will stil...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

A vulnerability was discovered in vhostnewmsg in drivers/vhost/vhost.c within the Linux kernel. This issue arises due to the improper initialization of memory in messages transmitted between virtual guests and the host operating system, as implemented in the vhostnewmsg function. This vulnerabili...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

A vulnerability, classified as critical, was discovered in the Linux kernel. The affected function is l2capconndel in the file net/bluetooth/l2capcore.c of the Bluetooth component. This vulnerability allows for exploitation after the memory allocation has been freed. It is recommended that patche...

Astra Linux – Vulnerability in Linux, Linux 5.10

A flaw after-free usage in the function scosocksendmsg of the Linux kernel’s HCI subsystem was discovered. This flaw allows a privileged local user to exploit it to crash the system or escalate their privileges on the system. This flaw triggers a race condition when the user calls ioct...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ice: Do not use the WQMEMRECLAIM flag for the workqueue. When both the ice and irdma drivers are loaded, a warning is triggered in the checkFlushDependency function. This occurs because the ice driver’s workqueue is allocated wit...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net/iucv: Avoid explicit allocation of the cpumask variable on the stack. For the CONFIGCPUMASKOFFSTACK=y kernel, explicit allocation of the cpumask variable on the stack is not recommended, as it may cause a potential stack...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/i915/gt: Fixed a potential UAF issue by revoking the fence registers. CI has been sporadically reporting the following issue triggered by igt@i915selftest@live@hangcheck on ADL-P and similar machines: 414.049203 i915:...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Net: Ethernet: lantiqetop: fixed a double-free condition in the “detach” operation. The number of descriptors that have been released so far is never incremented, which results in the same skb being released multiple times...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Network layer: Do not leave a dangling “sk” pointer when socket creation fails. It is possible to trigger a use-after-free by: - Attaching a “fentry” probe to sockrelease and the probe that calls bpfgetsocketcookie; - Running...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: jfs: xattr: fixed buffer overflow for invalid xattr values. When the xattr size is not as expected, it is printed out to the kernel log in hexadecimal format as a form of debugging. However, when that xattr size is larger than...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: Discarded command completions in internal errors. Fixed the use of “free” after a device enters an internal error state. Avoid calling the completion handler in this case, as the device will flush the command interfa...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

A out-of-bounds read vulnerability was discovered in Netfilter Connection Tracking conntrack within the Linux kernel. This flaw allows a remote user to disclose sensitive information through the DCCP protocol...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

A use-after-free vulnerability in the netfilter component of the Linux kernel’s nftables module can be exploited to achieve local privilege escalation. A flaw in the error handling of bound chains causes a use-after-free in the abort path of NFTMSGNEWRULE. This vulnerability requires that...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A issue was discovered in the Linux kernel before version 6.3.2. A use-after-free was found in the renesasusb3remove function in drivers/usb/gadget/udc/renesasusb3.c...