Astra Linux – Vulnerability in Linux, Linux 5.10

A flaw involving a null pointer dereference was discovered in the Linux kernel’s UDF file system functionality. This flaw allows a malicious UDF image to trigger the udffilewriteiter function. A local user could exploit this flaw to crash the system. The flaw is present in the Linux kernel versio...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

A heap out-of-bounds write vulnerability in the Linux Kernel Performance Events perf component of the Linux kernel can be exploited to achieve local privilege escalation. If the perfreadgroup function is called when the siblinglist of an event is smaller than that of its child, it may increment o...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

A use-after-free vulnerability exists in the netfilter component of the Linux kernel’s nftables module; this vulnerability can be exploited to achieve local privilege escalation. The nftpipapowalk function does not skip inactive elements during the set walk operation, which can result in double...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: Wil6210: debugfs: fixed the use of uninitialized variables in wilwritefilewmi Commit 7a4836560a61 replaces the simplewritetobuffer function with memdupuser, but it forgets to change the value returned by the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: spdifrx: fixed the issue of releasing the DMA channel in stm32spdifrxRemove. In case of an error when requesting the ctrlchan DMA channel, the pointer to ctrlchan is not null. Therefore, releasing the DMA channel lea...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

There is a use-after-free in iouring in the Linux kernel. The signalfdpoll and binderpoll functions use a waitqueue whose lifetime is the current task. The waitqueue will send a POLLFREE notification to all waiters before it is freed. Unfortunately, the iouring poll does not handle POLFREE. This...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

A flaw was discovered in the Linux kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While this will usually be correct, since tuntap devices require CAPNETADMIN, it may not always be the case. For example, a non-root user...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A use-after-free vulnerability exists in the net/sched:clsfw component of the Linux kernel, which can be exploited to achieve local privilege escalation. If the tcfchangeindev function fails, fwsetparms will immediately return an error after incrementing or decrementing the reference counter in...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fixed the error handling for regmap init. The devmregmapinitmmio function now returns ERRPTR upon an error, instead of NULL. The error check has also been fixed, and the error message has been corrected...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

A null pointer dereference flaw was discovered in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configurations, which could allow a local user to crash the system or escalate their...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

A flaw was discovered in the Linux kernel, where unauthorized access to the execution of the setuid file with specific capabilities was detected within the OverlayFS subsystem of the Linux kernel. This issue occurs when a user copies a file with capabilities from a nosuid mount to another mount...

Astra Linux – Vulnerability in Linux 5.10

A flaw was discovered in the Linux kernel. A null pointer dereference in the bondipsecaddsa function may lead to a local denial of service...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mm/swap: Fixed the race condition between swapoff and getswappages. The si-lock must be held when deleting the si from the available list. Otherwise, another thread may re-add the si to the available list, leading to memory...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Drivers: Base: Component – A memory leak was fixed in the use of debugfslookup. When calling debugfslookup, the result must also call dput on it; otherwise, a memory leak will occur over time. To simplify things, simply call...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: llc: Makes llcuisendmsg more robust against changes related to bonding. syzbot was able to exploit llcuisendmsg, allocating a skb without sufficient headroom, and then attempting to append 14 bytes of Ethernet header information...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: x86/hyperv: Fixed a NULL dereferencing in sethvtscchangecb if the Hyper-V setup fails. Checked for a valid hvvpindex array before dereferencing hvvpindex when setting Hyper-V’s TSC change callback. If Hyper-V setup fails in...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerabilities have been resolved: media: dvbdev: Fixed a memory leak in dvbMediaDeviceFree. The function dvbMediaDeviceFree leaks memory. It is necessary to free the dvbdev-adapter-conn object before setting it to NULL, as documented in...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Do not balance tasks to their current running CPUs. We encountered a situation where the balancer attempts to balance a migrated task with disabled status, triggering a warning in settaskcpu. The detailed error messag...

Astra Linux – Vulnerability in Linux 5.10

Due to a vulnerability in the iouring subsystem, it is possible for kernel memory information to be leaked to the user process. timensinstall calls currentissinglethreaded to determine whether the current process is single-threaded. However, this call does not take into account iouring’s ioworker...

Astra Linux – Vulnerability in Linux 5.15

A flaw in memory writing within the Linux kernel’s UDF file system functionality was discovered. This flaw allows a user to trigger certain file operations, which in turn triggers udfwritefi. A local user could exploit this flaw to crash the system or potentially cause other malicious actions...