Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: igb: A potential invalid memory access issue has been fixed in igbinitmodule. The pciregisterdriver function may fail. When this occurs, the dcanotifier needs to be unregistered. Otherwise, the dcanotifier can be called when igb...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm/slub: A check for s-flags was added in the alloctaggingslabfree hook function. When CONFIGMEMCG, CONFIGKFENCE, and CONFIGKMEMLEAK are enabled, the following warning always occurs. This is because the following call stack...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed an incorrect match in devargsmatchdevice. Syzkaller discovered a failed assertion: “Assertion failed: args-devid != u64-1 || args-missing”, in fs/btrfs/volumes.c:6921. This issue can occur when we set devid to u64-1...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid memory allocation in iommususpend. The iommususpend system call’s suspend callback is invoked with IRQs disabled.allocating memory with the GFPKERNEL flag may re-enable IRQs during the suspend callback, which ca...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

Linux block and network PV device frontends do not zero memory regions before sharing them with the backend CVE-2022-26365, CVE-2022-33740. Additionally, the granularity of the grant table does not allow sharing smaller than a 4K page, resulting in unrelated data residing in the same 4K page as...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mm/slub: Fixed the issue by returning errno if kmalloc fails. In createuniqueid, kmalloc, GFPKERNEL may fail due to out-of-memory conditions. If this happens, errno should be returned correctly instead of triggering a panic via...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Do not enable interrupts in itsirqsetvcpuaffinity. The following call-chain results in the enabling of interrupts in a nested interrupt-disabled section: irqsetvcpuaffinity irqgetdesclock rawspinlockirqsave --...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Destroying vGIC structures during failed vCPU creation If the function kvmarchvcpucreate fails to share the vCPU page with the hypervisor, we propagate the error back to the ioctl, but leave the vGIC vCPU structures...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net/smc: Fixed an illegal access to rmbdesc during SMC-D connection dumping. A crash was detected when dumping SMC-D connections. This issue can be reproduced by performing the following steps: 1. Run the nginx/wrk test: smcrun...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: A reference count leak was fixed in snruncoremmiomap. pcigetdevice will increase the reference count of the returned pcidev. Therefore, snruncoregetmcdev will return a pcidev with its reference count...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The warning message “Do not call blocking operations when !TASKRUNNING” has been fixed. The waiteventtimeout function will set the state of the current task to TASKUNINTERRUPTIBLE before performing the condition check. Thi...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: Fixed a potential race condition in fib6 Droppcpufrom. syzbot detected a race condition in fib6 Droppcpufrom 1. If the compiler reads the value more than once ppcpurt, the second reading might result in NULL, especially ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: udp: Fixed multiple wraparounds of sk-skrmemalloc. The function udpenqueuescheduleskb has the following condition: c if atomicread&sk-skrmemalloc sk-skrcvbuf goto drop; sk-skrcvbuf is initialized with net.core.rmemdefault, and ca...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: xdp, net: Fixed a use-after-free in bpfxdplinkrelease. The issue occurs between devgetbyindex and devxdpattachlink. At this point, devxdpuninstall is called. As a result, the xdp link will not be automatically detached when the...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: l2cap: fixed a nullptrderef in l2capchantimeout. There is a race condition between l2capchantimeout and l2capchandel. When we use l2capchandel to delete the channel, the chan-conn will be set to null. However, the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Set the hugetlb mmap base address to be aligned with the pmd size. With the ltp test case “testcases/bin/hugefork02”, there is a dmesg error report message, such as: kernel BUG at mm/hugetlb.c:5550! Oops – BUG1: CPU: 0...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanreadfifo,echotxevent: The shift timestamp is now set to full 32 bits. In commit 1be37d3b0414 “can: mcan: fix periph RX path: use rx-offload to ensure that packets are sent from the softirq context”, the RX path for...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939netdevstart: fixed a UAF Use-After-Free condition related to rxkref of j1939priv. This issue would trigger a UAF for rxkref of j1939priv as follows: cpu0 cpu1 j1939skBindsocket0, ndev0, … j1939netdevStart...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

A issue was discovered in the x86 KVM subsystem of the Linux kernel before version 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVMVCPUPREEMPTED situations...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: afs: Fixed the delayed allocation of a cell’s anonymous key. The allocation of a cell’s anonymous key is performed in a background thread, along with other cell-related operations such as making DNS calls. In the reported bug, th...