Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: nbd: Fix for the race between nbdallocconfig and module removal When the nbd module is being removed, nbdallocconfig may be called concurrently by nbdgenlconnect. Although trymoduleget will return false, nbdallocconfig does not...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: core – Ensure that the LLD module reference count is set after the SCSI device is released. The SCSI host release is triggered when the SCSI device is freed. We must ensure that the low-level device driver module is not...

Astra Linux - уязвимость в ansible

A flaw in log handling was discovered in Ansible when using the uri module, which exposes sensitive data to content and json output. This flaw allows attackers to access logs or outputs of executed tasks, thereby enabling them to read keys used in playbooks from other users within the uri module...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: tpm: Clean up the TPM space after a command failure. tpmdevtransmit prepares the TPM space before attempting to transmit a command. However, if the command fails, no rollback of this preparation occurs. This can lead to transient...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/meson: Explicitly remove the aggregate driver at module unload time. Since componentmasterdel was not called when unloading the mesondrm module, the aggregate device would remain in the global aggregatedevices list...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: core: The /proc/scsi/$procname directory was removed earlier. Removing this directory helps to fix a race condition between unloading and reloading kernel modules. This fixes a bug introduced in 2009 by commit 77c019768f06...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: platform/surface: aggregator: Add a missing call to ssamrequestsyncfree Although rare, ssamrequestsyncinit can fail. In that case, the request should be freed using ssamrequestsyncfree. Currently, the request is instead leaked. F...

Astra Linux - уязвимость в containerd

Containerd is a container runtime. A bug was discovered in containerd versions prior to 1.4.8 and 1.5.4, where pulling and extracting a specially crafted container image could result in changes to Unix file permissions for existing files in the host’s filesystem. Changes to file permissions could...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix connections leak when tlink setup failed If the tlink setup failed, lost to put the connections, then the module refcnt leak since the cifsd kthread not exit. Also leak the fscache info, and for next mount with fsc, it...

Astra Linux - уязвимость в linux

Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of the Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in orde...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Remove improper idxdfree The call to idxdfree introduces a duplicate putdevice call, resulting in a reference count underflow: refcountt: underflow; use-after-free. WARNING: CPU: 15, PID: 4428, at...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ubi: Fixed a use-after-free issue when volume resizing failed. There is a use-after-free problem reported by KASAN: ========================================= BUG: KASAN: Use-after-free in ubiebacopytable+0x11f/0x1c0 ubi A read of...

Astra Linux - уязвимость в pymongo

A out-of-bounds read in the ‘bson’ module of PyMongo 4.6.2 or earlier allows for deserialization of malformed BSON data provided by the server, which can trigger an exception that may contain arbitrary application memory...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: module: fix eshstrndx.shsize=0 OOB access It is trivial to craft a module to trigger OOB access in this line: if info-secstringsstrhdr-shsize - 1 != '\0' BUG: unable to handle page fault for address: ffffc90000aa0fff PGD 10000006...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ath11k: fixed the kernel panic that occurred during the unloading/loading of ath11k modules. Fixed the call to netifnapidel from ath11kahbfreeextirq, to prevent the following kernel panic when unloading/loading ath11k modules...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

A flaw was discovered in the handling of SMB2READ commands within the kernel’s ksmbd module. The issue arises from failing to release memory after its effective lifespan has ended. An attacker can exploit this flaw to create a denial-of-service condition on affected Linux installations...

Astra Linux - уязвимость в pcs

A flaw was discovered in the Pacemaker configuration tool pcs. The pcs daemon allowed expired accounts, as well as accounts with expired passwords, to log in when using PAM authentication. As a result, unprivileged expired accounts that had been denied access could still log in...

Astra Linux - уязвимость в linux-5.15, linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: configfs: Fixed a possible memory leak in configfscreatedir. kmemleak: Reported memory leaks in configfscreatedir. - Unreferenced object 0xffff888009f6af00 size 192: Command “modprobe”, PID 3777, jiffies 4295537735 time 233.78...

Astra Linux - уязвимость в python3.11, python3.7

The email module, specifically the “BytesGenerator” class, did not properly quote newlines for email headers when serializing an email message. This issue occurs only when using “LiteralHeader” to write headers that do not follow email folding rules. The new behavior will reject incorrectly folde...

Astra Linux - уязвимость в apache2

Some modproxy configurations on the Apache HTTP Server versions 2.4.0 through 2.4.55 allow for an HTTP Request Smuggling attack. These configurations are affected when modproxy is enabled along with some form of RewriteRule or ProxyPassMatch, where a non-specific pattern matches a portion of the...