Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ftrace: Fixed a use-after-free issue for dynamic ftraceops. KASAN reported a use-after-free with ftrace ops 1. It was discovered that perf had registered two ops with the same content, both being dynamic. After unregistering t...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The warning message “Do not call blocking operations when !TASKRUNNING” has been fixed. The waiteventtimeout function will set the state of the current task to TASKUNINTERRUPTIBLE before performing the condition check. Thi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm/damon/reclaim: fixed a potential memory leak in damonreclaiminit. The damonreclaiminit function allocates a memory chunk for ctx using damonnewctx. When damonselectops fails, ctx is not released, which can lead to a memory...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: hfsplus: Fixed the missing hfsbnodeget function in hfsbnodecreate. When sync and link are called concurrently, both threads may enter hfsbnodefind, but fail to find the node in the hash table and proceed to creating it instead...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Added schedule points in batch operations. syzbot reported various soft lockups caused by bpf batch operations. Info: Task kworker/1:1:27 was blocked for more than 140 seconds. Info: The task got stuck in rcubarrier...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: Fixed races between hole punching and AIO+DIO. After the commit “ocfs2: return real error code in ocfs2diowrgetblock”, fstests/generic/300 now sometimes fail instead of always failing...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: “NFSD: Remove the cap on the number of operations per NFSv4 COMPOUND.” I have found that the pynfs COMP6 now leaves the connection or lease in a strange state, causing CLOSE9 to hang indefinitely. I have investigated this issue a...

Astra Linux - уязвимость в opensc

A flaw was discovered in OpenSC packages that could allow for a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length PIN is passed. This issue poses a security risk, especially for OS...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: skbuff: Account for tail adjustment during pull operations Extending the tail of a packet may have some unexpected side effects if a program uses a helper function like BPFFUNCskbpulldata to read partial content beyond the headle...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: fixed the out-of-bounds error related to the UaF in the netns ops registration error path. If the net AssignGeneric function fails, the current error path in opsinit attempts to clear the gen pointer slot. However, during th...

Astra Linux - уязвимость в linux-6.1, linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: defer final ‘struct net’ free in netns dismantle Ilya reported a slab-use-after-free in dstdestroy 1 The issue lies in xfrm6netinit and xfrm4netinit: They copy xfrm46dstopstemplate into net-xfrm.xfrm46dstops. However, the ne...

Astra Linux - уязвимость в open-vm-tools

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges, who has access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled, may exploit this vulnerability to escalate...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Check outstanding simultaneous SMB operations If a client sends multiple SMB requests to ksmbd, it may exhaust too much memory through the “ksmbdworkcache”. This can lead to an Out-of-Memory error OOM. ksmbd has a credit...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: can: j1939: fixed Use-after-Free, failed to increment the ref count of a skb while it was in use. This patch addresses a Use-after-Free issue identified by the syzbot. The problem arises when a skb is taken from the per-session s...

Astra Linux - уязвимость в xterm

xterm before 375 allows code execution via font ops. For example, an OSC 50 response may trigger Ctrl-g, thereby leading to command execution within the vi line-editing mode of Zsh. NOTE: Font ops are not allowed in the default configurations of xterm in some Linux distributions...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ipw2x00: Fixed a potential NULL dereference in libipwxmit crypt and crypt-ops could be null, so we need to check for null before performing the dereference operation...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential AB/BA lock with buffermutex and mmaplock syzbot detected a potential deadlock between the runtime-buffermutex and the mm-mmaplock. This issue arose due to the recent fix related to racy read/writes and...

Astra Linux - уязвимость в mbedtls

A vulnerability was discovered in Mbed TLS 2.x before version 2.28.7, and also in Mbed TLS 3.x before version 3.5.2. There was a timing-related side channel involved in RSA private operations. This side channel could allow a local attacker to recover the plaintext. To exploit this vulnerability,...

Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL OPDESC simply indexes into nfsd4ops based on the operation number, without any range checking of that value. It assumes that callers will be careful enough to avoid calling...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: mediatek: common: Fixed a reference count leak in parsedailinkinfo. Added calls to ofnodeput before the returns from ofnodeget and ofnodeput, which can prevent imbalance if the “foreachavailablechildofnode” loop terminat...