Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: hwmon: gpiofan Fix for out-of-bounds access to arrays The driver does not check whether the cooling state passed to gpiofansetcurstate exceeds the maximum cooling state stored in fandata-numspeeds. Since the cooling state is late...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: fixed a use-after-free in stateshow stateshow reads kdamond-damonctx without holding damonsysfslock. This allows for a use-after-free race condition: CPU 0 CPU 1 ----- ----- stateshow damonsysfsturndamonon ctx =...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mm/debugvmpgtable: Clear page table entries at destroyargs The mm/debugvmpagetable test manually allocates page table entries for the tests it runs, using the mmstruct that it manually allocated. This itself is fine, but when it...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: iio: imu: bno055: fixed OOB access to the hwxlate array A potential out-of-bounds array access to the hwxlate array has been fixed in bno055.c. In bno055getregmask, the hwxlate array was iterated over the entire length of the val...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: scsi: megaraidsas: Fixed an invalid node index issue. On systems with DRAM interleave enabled, out-of-bound access was detected: megaraidsas 0000:3f:00.0: Requested/available msix 128/128 pollqueue 0 ------------ Cut here...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: lan743x: fixed a potential out-of-bounds write in lan743xptpioeventclockget. Before calling lan743xptpioeventclockget, the ‘channel’ value is checked against the maximum value of PCI11X1XPTPIOMAXCHANNELS8. This seems correct...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: kernfs: a potential NULL dereference occurred in kernfsremove. When lockdep is enabled, lockdepassertheldwrite could cause a potential NULL pointer dereference. The following smatch warnings have also been fixed:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cifs: A memory leak was fixed when using fscache. If the condition “index == nextcached” is encountered, a reference count of the struct page is leaked. This issue is fixed by using readaheadfolio, which handles the reference cou...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: cifs: A memory leak was fixed in the deferred close operation. The xfstests tests on smb21 report kmemleak as follows: unreferenced object 0xffff8881767d6200 size 64: comm "xfsio", pid 1284, jiffies 4294777434 age 20.789s Hex...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pnfs: A use-after-free bug has been fixed in open. If someone cancels the open RPC call, then we must not attempt to free either the open slot or the layoutget operation arguments, as they are likely still in use by the hun...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/sunrpc: fixed potential memory leaks in rpcsysfsxprtstatechange. This issue occurs during certain error-handling paths. When the function fails to obtain the object xprt, it simply returns 0, forgetting to decrease the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: xfrm: Policy: Fix metadata dst-dev xmit null pointer dereference When we try to transmit an skb with metadatadst attached i.e., dst-dev == NULL through the xfrm interface, we may encounter a null pointer dereference in xfrmixmit2...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ICE: xsk: prohibit usage of non-balanced queue ID Fix the following scenario: 1. ethtool -L $IFACE rx 8 tx 96 2. xdpsock -q 10 -t -z The above refers to a situation where a user wants to attach an XSK socket in txonly mode at a...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: fixed issues with space cache corruption and potential double allocations. When testing spacecache v2 on a large set of machines, we encountered a few issues: 1. Errors of the type “unable to add free space :-17” EEXIST...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: BPF: Do not use tnumrange for array range checking when dealing with poke descriptors. Hsin-Wei reported a KASAN issue triggered by their BPF runtime fuzzer, which is based on a customized syzkaller: - BUG: KASAN: Out-of-bound...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Block: Prevent division by zero in blkrqstatsum The expression dst-nrsamples + src-nrsamples may have a value of zero during overflow. It is necessary to add a check to avoid division by zero. This issue was identified by the Lin...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: BPF: Protection against integer overflows for stack access sizes This patch reintroduces protection against access to stack memory having a negative value. The access size can appear negative due to overflow in its signed integer...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: flush pending destroy work before exitnet release This issue is similar to 2c9f0293280e “netfilter: nftables: flush pending destroy work before netlink notifier”, aimed at addressing a race condition between...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: smb: Client: Fixed a potential Use-after-Free UAF in smb2isvalidoplockbreak. Skipped sessions that are being torn down status == SESEXITING to avoid UAF...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes When moving a station out of a VLAN and deleting the VLAN afterwards, the fastrx entry still holds a pointer to the VLAN’s netdev. This can lead to use-after-free...