Astra Linux – Vulnerability in Linux 5.15

A issue was discovered in the Linux kernel before version 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, resulting in an out-of-bounds read in the ntfssetea function in fs/ntfs3/xattr.c...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A issue was discovered in the Linux kernel through version 6.0.10. In the file drivers/media/dvb-core/dvbcaen50221.c, a use-after-free condition can occur due to the lack of a waitevent after a disconnection occurs...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A issue was discovered in the Linux kernel through version 6.0.9. In the file drivers/media/dvb-core/dvbnet.c, there is a race condition between .disconnect and dvbdeviceopen, which leads to a use-after-free situation...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fixed pointer-leak due to insufficient speculative store bypass mitigation To mitigate Spectre v4, the patch 2039f26f3aca “bpf: Fixed leakage due to insufficient speculative store bypass mitigation” includes instructions...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: fixed the out-of-bounds error in the netns ops registration error path. If the netassigngeneric function fails, the current error path in opsinit attempts to clear the gen pointer slot. However, during this error path, the g...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

A issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In rndisqueryoid in drivers/net/wireless/rndiswlan.c within the Linux kernel, from version 6.1.5 onwards, there is an integer overflow in a mathematical operation...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: tls: Stop recv if the initial processrxlist contains a record that is not of the DATA type. If there is a record on rxlist that is not of the DATA type, and there is another record of the same type still in the queue, we will mer...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: lib: cpurmap: Avoid using the function after freeing entries in the rmap-obj array. When calling irqsetaffinitynotifier with NULL as the notify argument, it will cause the glue pointer in the corresponding array entry to be freed...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: HID: Multitouch: Corrected the reference to the devm device for the hidinput inputdevice name. The reference should point to the HID device, rather than the input device, for the allocation of the inputdevice name. Referring to t...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Disabling ASPM when a multifunction device’s function is removed to avoid use-after-free errors. The struct pcielinkstate-downstream is a pointer to the pcidev of function 0. Previously, we retained this pointer when...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: md/raid10: check slab-out-of-bounds in mdbitmapgetcounter If we write a large number to md/bitmapsetbits, mdbitmapcheckpage will return -EINVAL because ‘page = bitmap-pages’. However, the returned value was not checked immediatel...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Added the missing IPSETHASHWITHNET0 macro for ipsethashnetportnet.c. The missing IPSETHASHWITHNET0 macro in ipsethashnetportnet can lead to the use of the incorrect CIDRPOSc for calculating array offsets, which...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Corrected the incorrect validation of the next buffer length in smb2setea. There are multiple smb2eainfo buffers in the FILEFULLEAINFORMATION request from the client. ksmbd uses the NextEntryOffset of the current...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: BUG: KASAN: Slab-out-of-bounds in crc32body lib/crc32.c:111 inline BUG: KASAN: Slab-out-of-bounds in crc32legeneric lib/crc32.c:179 inline BUG: KASAN: Slab-out-of-bounds in crc32lebase+0x58c/0x626 lib/crc32.c:197 A read of siz...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: VMCI: Check context-notifypage after calling getuserpagesfast to avoid GPF. The call to getuserpagesfast in vmcihostunlockedioctl may return NULL for context-notifypage, causing a GPF. To avoid this, check that context-notifypage...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: ipc: Fixed a potential use-after-free issue in the work function. When a reset notify IPC message is received, the ISR schedules a work function and passes the ISHTP device to it via a global pointer called...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Check kzalloc in lpfcsli4cgnparamsread. If kzalloc fails in lpfcsli4cgnparamsread, then we rely on lpfcreadobject’s routine to perform a NULL check on pdata. Currently, an early return error is thrown from...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: libsas: Fixed a use-after-free bug in smpexecutetasksg When executing an SMP task fails, the smpexecutetasksg function calls deltimer to delete the “slowtask-timer” timer. However, if the timer handler sastaskinternaltimedo...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: mvm – fix double-free on the TX path. We observe kernel crashes, lockups, and KASAN errors related to the ax210 firmware. One of the KASAN logs pointed to the TX path, and it appears that there is indeed a way to...