Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: macvlan: The forgotten nlapolicy has been added for IFLAMACVLANBCCUTOFF. The previous commit 954d1fa1ac93, titled “macvlan: Add netlink attribute for broadcast cutoff”, added an additional attribute named IFLAMACVLANBCCUTOFF to...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: rejecting negative ifindex values Recent changes in net-next commit 759ab1edb56c refactored the handling of pre-assigned ifindex values. This led to a latent issue in ovs. ovs does not validate ifindex values,...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: netlink: Annotate accesses to nlk-cbrunning Both netlinkrecvmsg and netlinknativeseqshow read nlk-cbrunning without locking it. Use READONCE in those functions. Add corresponding WRITEONCE to netlinkdump and netlinkdumpstart...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: netlink: Do not hard code the device address length in fdb dumps. syzbot reports that some netdev devices do not have a six-byte address. Replace ETHALEN with dev-addrlen. 1 In cases where dev-addrlen = 4 BUG: KMSAN:...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: netlink: Annotate lockless accesses to nlk-maxrecvmsglen. syzbot reported a data race in netlinkrecvmsg. Indeed, netlinkrecvmsg can be executed concurrently, and netlinkdump also requires protection. 1 Bug: KCSAN: Data race in...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ethtool: Do not perform operations on net devices that are not yet registered. There is a short period between when a net device starts to be unregistered and when it is actually gone. During that time frame, ethtool operations c...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Added check for filling the poll mod list. In cases where improtocols has a value of 1 and tmprotocols has a value of 0, this combination successfully passes the check. This condition is specified as “!improtocols &&...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211: Use two-phase skb reclamation in ieee80211dostop Since devqueuexmit should be called with interrupts enabled, the following backtrace is shown: ieee80211dostop ... spinlockirqsave&local-queuestopreasonlock, flags...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: mptcp: pm: fixed the UaF read in mptcppmnlrmaddrorsubflow Syzkaller reported this issue as follows: ================================================================== BUG: KASAN: slab-use-after-free in...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: nl80211: Fix for “NL80211ATTRMLOLINKID off-by-one” issue. Since the validation of the netlink attribute range includes inclusive checking, the maximum value of the attribute NL80211ATTRMLOLINKID should be...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: only set fullmesh for subflow endp With the in-kernel path-manager, it is possible to change the ‘fullmesh’ flag. The code in mptcppmnlfullmesh expects to change it only on ‘subflow’ endpoints, to recreate more or less...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: vxlan: Fixed an uninitialized value in vxlanvnifilterdump. KMSAN reported an uninitialized value access in vxlanvnifilterdump. 1 If the length of the netlink message payload is less than sizeofstruct tunnelmsg,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/core: Fixed a use-after-free when renaming device names. Syzbot reported a slab-use-after-free with the following call trace: ========================================== BUG: KASAN: slab-use-after-free in nlaput+0xd3/0x150...

Astra Linux - уязвимость в linux

In the Linux kernel up to version 5.8.7, local attackers who were able to inject conntrack netlink configurations could exploit an overflow in a local buffer, resulting in crashes or triggering the use of incorrect protocol numbers in ctnetlinkparsetuplefilter in net/netfilter/nfconntracknetlink....

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: netlink: afnetlink: Added a check on the len parameter to prevent empty skb objects. This prevents a division error in the netemenqueue function, which occurs when skb-len=0 and skb-datalen=0 during the randomized corruption...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nfc: fixed a segfault in nfcgenldumpdevicesdone When kmalloc in nfcgenldumpdevices fails, nfcgenldumpdevicesdone causes a segfault as follows: KASAN: null-ptr-deref in range 0x0000000000000008-0x000000000000000f CPU: 0 PID: 25...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mptcp: never allow the PM to close a listener subflow Currently, when deleting an endpoint, the netlink PM traverses all local MPTCP sockets, regardless of their status. If an MPTCP listener socket is bound to the IP correspondin...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cfg80211: fixed a race condition in the netlink owner interface destruction process. My previous fix to address this issue created a deadlock situation, and there was a race condition where the exact same deadlock could occur...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nbd: The function genlunregisterfamily is called first in nbdcleanup. Otherwise, there may be a race between the removal of the module and the handling of the netlink command, which can lead to an oops as shown below: BUG: Kernel...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: revisit gc autotuning As of commit 4608fdfc07e1, this issue has been addressed. “netfilter: conntrack: collect all entries in one cycle” The behavior related to conntrack’s garbage collection has been change...