Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iavf: corrected out-of-bounds writes in iavfgetethtoolstats iavf incorrectly uses realnumtxqueues for ETHSSSTATS. Since the value could change during runtime, we should use numtxqueues instead. Additionally, iavfgetethtoolstats...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: mana: The use-after-free issue in manahwcdestroychannel has been fixed by reordering the teardown process. There is a potential race condition in manahwcdestroychannel. In this situation, hwc-callerctx is freed before the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/mlx5: Fixed error handling when the firmware fails and the RQ is destroyed. When the RQ is destroyed, if the firmware command fails—which is the last resource to be destroyed—some SW resources are already cleaned,...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Fixed a race condition between unprepare and queuebuf. A client driver may use mhiunpreparefromtransfer to quiesce incoming data during the client driver’s tear-down process. The client driver might also be...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Harden depth calculation functions A vulnerability was identified where the operating system can pass in U32MAX as the size of SQ/RQ/SRQ. This can lead to integer overflow and truncation of the SQ/RQ/SRQ depth values...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: igb: The napisynchronize function was removed from igbdown. When an AFXDP zero-copy application terminates abruptly e.g., using kill -9, the XSK buffer pool is destroyed, but NAPI polling continues. The igbcleanrxirqzc functio...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1, and Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fixed deadlock issues with SRQ async events. The xalock function for the SRQ table may be required in AEQ. Use xastoreirq/xaeraseirq to avoid deadlock...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: iavf: Fixed error handling related to adminq. iavfallocasqbufs/iavfallocarqbufs allocate memory for VF mailbox using dmaalloccoherent. DMA regions are freed for both ASQ and ARQ in case an error occurs during the configuration...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fixed the issue where immediate work requests were flushed to the completion queue incorrectly. The opcode of the send queue element was set correctly during the flushing of immediate work requests in the post-sendqueue...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Net: Do not write to msggetinq in the callee. This fix addresses the issue of NULL pointer dereferencing. msggetinq is an input field from the caller to the callee. Do not set it in the callee, as the caller may not clear it duri...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: gadgetfs: epio – wait until IRQ finishes. After usbepqueue, if waitforcompletioninterruptible is interrupted, we need to wait until IRQ is completed. Otherwise, complete from epiocomplete may corrupt the stack...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: In the net: stream module, the purge skerrorqueue operation in skstreamkillqueues has been fixed. Changheon Lee reported TCP socket leaks, with a detailed reproduction code. It appears that we encounter TCP socket leaks in the...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net/net Failover: Fix for TX queue exceeding warning The failover TX queue is initialized as 16 queues. When a packet is transmitted from the failover device, the failover device will select the queue returned from the primary...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: xenvifrxnextskb: Avoid entering this function with an empty rx queue. xenvifrxnextskb expects that the rx queue is not empty. However, if the loop in xenvifrxaction performs multiple iterations, the availability of another skb in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: workqueue: fixed a data race with the pwq-stats increment KCSAN has identified a data race in kernel/workqueue.c:2598: 1863.554079 ================================================================== 1863.554118 BUG: KCSAN: data-ra...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: In the net:sock section, there is a fix for a panic that occurs during the sockrecverrqueue function when the hardenedusercopy feature is enabled. The skbufffclonecache structure was created without defining a usercopy region...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: aoe: The cleandevicerqlist function in aoedevdowndev was corrected. The rqlist of an AOE device contains accepted block requests that are waiting to be transmitted to the AOE target. This queue was added as part of the transition...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: virtionet: Fixed an issue with error unwinding of XDP initialization. When initializing XDP in virtnetopen, some rq xdp initializations may encounter errors, resulting in failed network device openings. However, previous rqs have...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/sched: Increasing the job count before swapping the SPSC queue. There is a minor race condition between spscqueuepush and the run-job worker. In this race condition, spscqueuepush may return not-first, while the run-job worke...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: mana: Fixed error handling for TX CQE messages. For an unknown type of TX CQE error likely due to newer hardware, still free the SKB, update the queue tail, etc. Otherwise, the accounting data will be incorrect...