Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: llc: do not use skbget before devqueuexmit syzbot is able to crash hosts 1, using llc and devices not supporting IFFTXSKBSHARING. In this case, e1000 driver calls ethskbpad, while the skb is shared. Simply replace skbget by...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: return fail if interface is down in bnxtqueuememalloc The bnxtqueuememalloc function is called to allocate new queue memory when a queue is restarted. It internally accesses the rx buffer descriptor corresponding to th...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fixed the slab-use-after-free read issue in rxequeuecleanup. Call Trace: dumpstack lib/dumpstack.c:94 inline dumpstacklvl+0x7d/0xa0 lib/dumpstack.c:120 printaddressdescription mm/kasan/report.c:378 inline...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid issuing a WARNON when configuring MQPRIO with HTB offload enabled. When attempting to enable MQPRIO while HTB offload is already configured, the driver currently returns -EINVAL and triggers a WARNON, resulting i...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Added a NULL check in ufshcdmcqcomplpendingtransfer. Also added a NULL check for the returned hwq pointer by ufshcdmcqreqtohwq. This is similar to the fix in commit 74736103fb41 “scsi: ufs: core: Fix ufs abort ra...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: nvkm: The available space of the GSP cmdq buffer is calculated correctly. r535gspcmdqpush waits for an available page in the GSP cmdq buffer when handling a large RPC request. When it encounters at least one available page in...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fixed the issue with the mlx5pollone function’s update of the curqp. When curqp is not NULL, in order to avoid fetching the QP from the radix tree again, we check if the next CQE QP is identical to the one we already...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fixed a UAF vulnerability in class handling This patch addresses a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue arises due to a time-of-check/time-of-use condition in hfscchangeclass,...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Block: Fixed resource leak in the blkmqsysfsregister error path. When registration of a queue fails after blkmqsysfsregister is successful, but the function later encounters an error, we need to clean up the blkmqsysfs resources...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fixed a accounting bug when using peek in hfscenqueue. When enqueuing the first packet to an HFSC class, hfscenqueue calls the peek operation of the child qdisc before incrementing sch-q.qlen and sch-qstats.backlog. If t...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: pdscore: make waitcontext a full part of the qinfo structure, rather than a stack variable that disappears after pdscadminqpost is executed. This ensures that the context is still available after the wait loop has ended. There wa...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: nfsd: The value of sccount is decreased directly if the dlrecall queue operation fails. A deadlock warning occurred when invoking nfs4putstid after a failed dlrecall queue operation: T1 T2 nfs4laundromat nfs4getclientreaplist...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: codel: The check sch-q.qlen was removed before the call to qdisctreereducebacklog. After ensuring that all calls to -qlennotify are idempotent, it is now safe to remove the check for qlen!=0 from both fqcodeldequeue and...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: USB: Gadget: fmidi: fmidicomplete calling queuework When using USB MIDI, a lock attempt is made twice through a reentrant call to fmiditransmit, resulting in a deadlock. The issue is fixed by using queuework to schedule the inner...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: Fixed a kernel panic that occurred in bnxtgetqueuestatsrx | tx. When the qstats-get operation is executed, calls to netdevstatsops are made. bnxtgetqueuestatsrx | tx collects per-queue statistics from swstats in the...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Media: Venus: HFI – Add a check to handle incorrect queue size. qsize represents the size of the shared queue between the driver and the firmware. The firmware can modify this value to an invalid, large value. In such situations,...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ublk: Make sure that ubq-canceling is set when the queue is frozen. Now, the ublk driver relies on ubq-canceling to determine whether a request can be dispatched via uringcmd and iouringcmdcompleteintask. Once ubq-canceling is se...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: watchqueue: fix pipe accounting mismatch Currently, watchqueuesetsize modifies the pipe buffers allocated to user-pipebufs, without updating the pipe-nraccounted value on the pipe itself. This occurs due to the if...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: mvm – Ensure that the queue for the offloaded TID exists. The resume code path assumes that the TX queue for the offloaded TID has been configured. At the time of resuming operations, it attempts to synchronize the...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Ice: Fixed error handling in the Tx scheduler during the XDP callback. When the XDP program is loaded, the XDP callback adds new Tx queues. This means that the callback must update the Tx scheduler with the new queue numbers. In...