Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

A flaw was discovered in the IPv4 Resource Reservation Protocol RSVP classifier within the Linux kernel. The xprt pointer may extend beyond the linear portion of the skb structure, resulting in an out-of-bounds read in the rsvpclassify function. This issue could potentially cause a local user to...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

A array indexing vulnerability was discovered in the netfilter subsystem of the Linux kernel. The absence of a certain macro could lead to an incorrect calculation of the offset of the h-nets array, giving attackers the ability to arbitrarily increment/decrement a memory buffer beyond its bounds...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net/iucv: Fixed the size of interrupt data iucvirqdata needs to be 4 bytes larger. These bytes are not used by the iucv module, but are written by the z/VM hypervisor in case a CPU is deconfigured. Reported as: BUG...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a task that was stuck in ext4xattrdeleteinode. Syzbot reported a problem with stuck tasks: ================================================================== INFO: Task syz-executor232:5073 is blocked for more than...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm/shmem-helper: The erroneous “put” operation has been removed from the error path. The drmgemshmemmmap function does not have a reference in the error code path, resulting in the dma-buf shmem GEM object being freed...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: Fixed the cleanup of steering rules The vport’s unicast, multicast, and multicast rules are not deleted during the teardown process when EEH occurs. Since the vport’s promiscuous settings unicast, unicast, and...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed an out-of-bounds shift in CalculateVMAndRowBytes REASON When PTEBufferSizeInRequests is zero, UBSAN reports the following warning because dmllog2 returns an unexpected negative value: The shift exponent...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: In the dmstats function, check for and propagate the allocpercpu failure. Check the return value of allocprecpu, and return an error from dmstatsinit if it fails. Update allocdev to fail if dmstatsinit does so. Otherwise, a NULL...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: “wifi: mac80211: fix memory leak in ieee80211ifadd” This resolution involves committing change 13e5afd3d773c6fc6ca2b89027befaaaa1ea7293. The function ieee80211iffree is already called from freenetdevndev, because...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/via: Avoid potential array out-of-bound access in addsecretdacpath The sndhdagetconnections function may return a negative error code. This could lead to accessing the ‘conn’ array at a negative index. This issue was...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: sched/psi: Fixed a use-after-free in epremovewaitqueue If a non-root cgroup is removed while there is a thread that registered a trigger and is polling on a pressure file within the cgroup, the polling waitqueue will be freed in...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel before version 6.4.5, the file driver/gpu/drm/drmatomic.c contained a use-after-free during a race condition between a nonblocking atomic commit and a driver unloading process...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

A issue was discovered in lib/kobject.c in the Linux kernel before version 6.2.3. With root access, an attacker can trigger a race condition that results in an out-of-bounds write of the fillkobjpath variable...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel up to version 6.3.1, a use-after-free issue in Netfilter’s nftables module arises when processing batch requests. This allows unprivileged local users to obtain root privileges. The issue occurs due to improper handling of anonymous sets...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: betop: Check the shape of output reports The betopffinit function only checks that the total sum of the report counts for each report field is at least 4. However, hidbetopffplay expects 4 report fields. A device that sends ...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed an oops due to uninitialized server-smbdconn during reconnection. In smbddestroy, the pointer to server-smbdconn is cleared after freeing the smbdconnection struct it points to, so that reconnection won’t be confused...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ipv4: Prevent potential spectre v1 gadgets in ipmetricsconvert if !type continue; if type RTAXMAX return -EINVAL; ... metricstype - 1 = val; @type is used as an array index, and we need to prevent CPU speculation or risk leaking...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Add exception protection processing for vd in the axichanhandleerr function. Since there is no protection for vd, a kernel panic will be triggered in exceptional cases. You can refer to the processing of the...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

A issue was discovered in the Linux kernel through version 6.1-rc8. The function dpucrtcatomiccheck in the file drivers/gpu/drm/msm/disp/dpu1/dpucrtc.c lacks a check for the return value of kzalloc. This issue may lead to a NULL Pointer Dereference...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel before version 6.1.13, there is a double-free in the net/mpls/afmpls.c file when an allocation failure occurs due to registering the sysctl table under a new location during the renaming of a device...