52984 matches found
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: fscrypt: The destroykeyring function must be called after securitysbdelete. The fscryptDestroykeyring function must be called after all potentially-encrypted inodes have been evicted; otherwise, it cannot safely destroy the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/amdkfd: Fixed error handling in kfdprocessdeviceinitvm. It is recommended to only destroy the ibmem and let the process cleanup worker free the outstanding BOs. Reset the pointer in the pdd-qpd structure to avoid NULL...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: tcp: Fix tcpinittransfer so that icskcainitialized is not reset. This commit fixes a bug discovered by syzkaller. The bug could cause spurious double-initulations for congestion control modules. This could lead to memory leaks or...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: net: macb: fixed the use of “free” after calling “rmmod”. “platdev-dev-platformdata” is released by calling “platformdeviceunregister”. The use of “pclk” and “hclk” constitutes a use-after-free. Since “deviceunregister” does n...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ipack: ipoctal: fix module reference leak A reference to the carrier module was taken every time it was used, but it was only released once, when the final reference to the tty struct was removed. This issue is fixed by taking th...
Astra Linux - уязвимость в samba
The Samba vfsfruit module utilizes extended file attributes EA, xattr to enhance compatibility with Apple SMB clients and interoperability with Netatalk 3 AFP file servers. Samba versions prior to 4.13.17, 4.14.12, and 4.15.5, when vfsfruit was configured, allowed out-of-bounds heap read and writ...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: brd: Automatic disk creation is deferred until module initialization succeeds. My colleague Wupeng identified the following issues during fault injection: BUG: Unable to handle page faults for address: fffffbfff809d073 PGD:...
Astra Linux - уязвимость в libmodule-scandeps-perl
Qualys discovered that if unsanitized input was used with the Modules::ScanDeps library, before version 1.36, a local attacker could potentially execute arbitrary shell commands by opening a “pesky pipe” e.g., passing “commands|” as a filename or by passing arbitrary strings to the eval function...
Astra Linux - уязвимость в pam-pkcs11
PAM-PKCS11 is a Linux-PAM login module that enables user login using X.509 certificates. Prior to version 0.6.13, if certpolicy was set to none the default value, then pampkcs11 would only check whether the user was capable of logging into the token. An attacker could create a new token using the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: idpf: A memory leak in the flow steering list has been fixed in rmmod. The flow steering list maintains entries that are added and removed as ethtool creates and deletes flow steering rules. Removing a module with active entries...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: The commit mutex should not be released during the critical section between nftgcseqbegin and nftgcseqend. Otherwise, the async GC worker could collect expired objects and obtain the released commit lock with...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: In the proc subsystem, the same handling is used for checking proclseek as for procreaditer and others. Directly checking pde-procops-proclseek may lead to a Use-After-Value UAF in the rmmod scenario. This issue arises from a fla...
Astra Linux - уязвимость в imagemagick
ImageMagick is free software available as a ready-to-run binary distribution or as source code that you can use, copy, modify, and distribute in both open and proprietary applications. In affected versions, Postscript files may be read and written when specifically excluded by a module policy in...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: - media: verisilicon: Fixed a kernel panic caused by misuse of initconst. - Fixed a kernel panic when probing the driver as a module: - Unable to handle kernel paging requests at the virtual address ffffd9c18eb05000. - Locatio...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: nfc: nxp-nci: Fixed a potential memory leak in nxpncisend The nxpncisend function calls nxpncii2cwrite. The skb is only freed when nxpncii2cwrite fails. However, even if nxpncii2cwrite succeeds, the skb is not freed at that...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: bonding: An oops occurred during the rmmod operation. The command “rmmod bonding” causes an oops since the commit with the code change cc317ea3d927” „bonding: remove the redundant NULL check in the debugfs function”. The followin...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: Core: Fix for NULL module pointer assignment at card init The commit 81033c6b584b “ALSA: Core: Warning on empty module” introduced a WARNON function for handling NULL module pointers passed during object creation using...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ftrace: The soft lockup issue in ftracemoduleenable has been fixed. A soft lockup was observed when loading the amdgpu module. If a module contains many functions that can be traced, multiple calls to kallsymslookup may spend too...
Astra Linux - уязвимость в apache2
Insufficient escaping of user-supplied data in modssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%varnamex" or "%varnamec" to log variables...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: alloctag: Dynamically allocate percpu counters for module tags. When a module is unloaded, it checks whether any of its tags are still in use. If so, it keeps the memory containing the module’s allocation tags alive until all tag...