Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nilfs2: Data corruption occurred during the dsync block recovery process for small block sizes. The helper function nilfsrecoverycopyblock in nilfsrecoverydsyncblocks incorrectly calculates the on-page offset when copying repair...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fs,hugetlb: fixed a NULL pointer dereferencing in hugetlbsfillsuper When configuring a hugetlb filesystem via the fsconfig syscall, there is a possibility of a NULL dereferencing in hugetlbfsfillsuper, caused by assigning NULL to...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: xgmac: Fixed the handling of Data Path Parity Errors for DMA channels. The commit 56e58d6c8a56 „net: stmmac: Implement Safety Features in XGMAC core“ checks for safety errors, but leaves Data Path Parity Errors for...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: pppasync: Limited MRU to 64K. The syzbot triggered a warning 1 in allocpages: WARNONONCEGFP order MAXPAGEORDER, gfp. Willem fixed a similar issue in the commit c0a2a1b0d631 “ppp: limited MRU to 64K”. Apply the same sanity chec...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: xhci: Properly handling isoc Babble and Buffer Overrun events. xHCI 4.9 explicitly prohibits making assumptions that the xHC has released its ownership of a multi-TRB TD when an error occurs in one of the early TRBs. However,...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fs: The UAF/GPF bug in nilfsmdtdestroy has been fixed. In allocinode, if inodeinitalways fails, it may return -ENOMEM. This failure causes inode-iprivate to remain uninitialized. As a result, nilfsismetadatafileinode returns true...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Staging: rtl8712 – fixed bugs related to use after freeing memory. The Read/WriteMACREG callbacks are set to NULL, so the read/writemacreghdl functions do nothing other than freeing the “pcmd” pointer. This results in a...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: fixed a small mempool leak in SMB2negotiate. In some cases of failures dialect mismatches in SMB2negotiate, after the request is sent, the checks would return -EIO. Instead, it should return rc = -EIO and then jump to negex...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in cfg80211connectresult If the ssid-datalen is greater than IEEE80211MAXSSIDLEN 32, it could lead to memory corruption. Therefore, bounds checking has been added...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in a report descriptor that is smaller than 607 bytes. mtreportfixup attempts...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: prevented NULL dereferencing in iovatophys. The riscviommupteFetch function returns either NULL for unmapped/never-mapped iovas, or a valid leaf PTE pointer that does not require further validation. The...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Check governor before using governor-name The commit 96ffcdf239de “PM / devfreq: Remove redundant governorname from struct devfreq” removes governorname and uses governor-name to replace it. However, devfreq-governo...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Input: gpio-keys – fix a sleep while atomic with PREEMPTRT. When PREEMPTRT is enabled, the gpiokeysirqtimer callback runs in the hardirq context. However, the inputevent function takes a spinlock, which is not allowed in that...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: Fixed call trace warnings and hangs when removing the amdgpu device. On GPUs with RAS enabled, hangs are observed during the shutdown process when checking the call trace. v2: Instead of using the shutdown flag, th...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fixed the bug: KASAN: null-ptr-deref in rxeqpdocleanup. The function rxecreateqp calls rxeqpfrominit. If an error occurs, the error handler for rxeqpfrominit will set both scq and rcq to NULL. Then, rxecreateqp calls...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: vfio: Split migration operations from main device operations The vfio core checks whether the driver sets certain migration operations e.g., setstate/getstate, and accordingly calls those operations. However, currently, the ml...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: avoided invalid memory access via nodeonlineNUMANONODE. KASAN reports: 4.668325 T0 BUG: KASAN: wild-memory-access in dmarparseonerhsa arch/x86/include/asm/bitops.h:214, arch/x86/include/asm/bitops.h:226,...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Firmware: armscpi: Ensure that scpiinfo is not assigned if the probe fails. When the scpi probe fails at any point, we need to ensure that scpiinfo is not set and will remain NULL until the probe succeeds. If this issue is not...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Net: Atlantic: Fixed an index out of range error in aqvec. The final update statement of the for loop exceeds the array range. The dereference of self-aqveci is not checked, leading to an index out of range error. This issue h...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: - net: genl: fixed a memory leak in the error path during policy dumping. - If the construction of the policy array fails when recording non-first policies, we need to unwind the process. - The netlinkpolicydumpaddpolicy...