Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: mwifiex: Fixed out-of-bounds access to the skb-data buffer during OOB operations and integer underflow when processing RX packets. Ensure that functions such as mwifiexprocessmgmtpacket, mwifiexprocessstarxpacket,...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/sun4i: dsi: Prevent underflow when calculating packet sizes. Currently, the packet overhead is subtracted using unsigned arithmetic. With a short sync pulse, this could lead to an underflow, causing the value to wrap around t...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed the verifier’s assumptions regarding the socket-sk structure. The verifier assumes that the sk field in the struct socket structure is valid and not NULL when the socket pointer itself is trusted and not NULL. This...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: Properly clear the vmci transport packet when initializing it. In vmcitransportpacketinit, memset is used to clear the vmcitransportpacket before populating the fields, to avoid any uninitialized data remaining in the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed the exclusive map memory leak When exclproghash is 0 and exclproghashsize is non-zero, the map also needs to be freed. Otherwise, the map memory will not be reclaimed, similar to the memory leak issue reported by syzbo...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mctp i3c: handling of NULL header addresses daddr can be NULL if there is no neighbour table entry present; in that case, the TX packet should be discarded. saddr is usually set by the MCTP core, but NULL values are also...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed out-of-bounds access in cgroup local storage Lonial reported that an out-of-bounds access in cgroup local storage can occur through tail calls. This occurs when two programs each utilize a cgroup local storage with a...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-mixer: us16x08: validate meter packet indices The getmeterlevelsfromurb function parses the 64-byte meter packets sent by the device and fills the per-channel arrays meterlevel, complevel, and masterlevel in the struct...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not redirect packets with invalid pktlen Syzbot identified an issue 1: the fqcodel Drop function attempts to drop a flow without any SKBs, that is, when flow-head is null. The root cause, as described in 2, is that the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk = somelookupfunc bpfskassignskb, sk bpfskreleasesk That is, the sk is not consumed by bpfskassign. Therefore, the function must ensure...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: IB/qib: Protection against buffer overflow in struct qibusersdmapkt fields Overflowing either addrlimit or bytestogo can allow the user space to trigger a buffer overflow of kernel memory. Check for overflows in all places where...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Use VMMAP instead of VMALLOC for the ringbuf area. After the commit 2fd3fb0be1d1 “KASAN, vmalloc: Unpoison VMALLOC pages after mapping”, non-VMALLOC mappings will be marked as accessible in getvmareanode when KASAN is enable...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fixed the issue where the memory of skmsg was charged twice. If tcpbpfsendmsg is running during a cleanup operation, psock may be freed. c tcpbpfsendmsg tcpbpfsendverdict skmsgreturn tcpbpfsendmsgredir unlikely!psoc...

Astra Linux – Vulnerability in Wireshark

A memory leak in the Kafka protocol dissector in Wireshark versions 3.4.0 and 3.2.0 to 3.2.8 allows for denial of service through packet injection or malicious capture files...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Consider the return from setmemoryrox when using bpfjitbinarylockro setmemoryrox may fail, leaving memory unprotected. Check the return value and bail out if bpfjitbinarylockro returns an error...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed the requestsock leak in sk lookup helpers A customer reported a requestsocket leak in a Calico cloud environment. We found that a BPF program was performing a socket lookup, taking a reference count of the socket. It w...

Astra Linux – Vulnerability in Wireshark

In Wireshark versions 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This issue was addressed in the epan/dissectors/packet-nfs.c file by preventing excessive recursion, such as when a cycle occurred in the directory graph of a filesystem...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Net: Fixed the issue where load values were being altered in sk-skstamp during sockrecvcmsgs. KCSAN identified a data race in sockrecvcmsgs, where the read access to sk-skstamp requires a READONCE operation. Bug: KCSAN: Data...

Astra Linux – Vulnerability in libssh2

A vulnerability was discovered in the function libssh2packetadd in libssh2 1.10.0, allowing attackers to access out-of-bound memory...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In media: iris: gen2, a sanity check for session termination was added. In iriskillsession, inst-state is set to IRISINSTERROR, and sessionclose is executed, which will free memory allocated to insthfigen2-packet. If stopstreamin...