12422 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: Do not access a released socket during error recovery. While the error recovery mechanism is temporarily failing due to reconnect attempts, running the nvme list command causes a kernel NULL pointer derefrence by callin...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed the requestsock leak in sk lookup helpers A customer reported a requestsocket leak in a Calico cloud environment. We found that a BPF program was performing a socket lookup, taking a reference count of the socket. It w...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Handling of NULL sock pointer in l2capsockalloc A NULL sock pointer is passed into l2capsockalloc when it is called from l2capsocknewconnectioncb. Error handling mechanisms should also take this into account....
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: - rxrpc: Fixed the locking mechanism in rxrpc’s sendmsg function. - Three bugs in the implementation of rxrpc’s sendmsg function have been fixed: 1 The rxrpcnewclientcall function should release the socket lock when returning ...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mptcp: The crash occurred when performing a pressure test on mptcp. The following error occurred: dstrelease: dst: ffffa06ce6e5c058 refcnt: -1 The kernel attempted to execute a NX-protected page – an attempt to exploit a...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: scsi: iscsi: iscsitcp: Fixed a NULL pointer derefrence issue when calling getpeername. A crash due to a NULL pointer occurred when freeing a socket at the same time as accessing it via sysfs. The problem is as follows: 1...
Astra Linux - уязвимость в linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcpwritetimerhandler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not...
Astra Linux - уязвимость в linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: afbluetooth: Fixed deadlock issues Attempting to use socklock on .recvmsg may cause a deadlock as shown below. Therefore, instead of using socksock, use skreceivequeue.lock on btsockioctl to avoid UAF: INFO: Task...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: fixed information leakage in /proc/net/ptype In one network namespace, after creating a packet socket without binding it to a device, users in other network namespaces can observe the newly added packettype by reading the...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9khtc: Use skbsetlength to reset urb before resubmitting it. Syzbot points out that skbtrim has a sanity check on the existing length of the skb; this length might not be initialized in some error-prone situations. The...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: sunrpc: Clearing the XPRTSOCKUPDTIMEOUT when resetting the transport. Since the transport-sock has been set to NULL during the reset of the transport, the XPRTSOCKUPDTIMEOUT also needs to be cleared. Otherwise, the...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: atm: idt77252: prevent use after free in dequeuerx We cannot dereference “skb” after calling vcc-push, because the skb is released...
Astra Linux - уязвимость в ruby-websocket-extensions
The websocket-extensions Ruby module before version 0.1.5 allowed Denial of Service DoS attacks through Regex backtracking. The extension parser could take quadratic time when parsing a header containing an unclosed string parameter value whose content was a repeated two-byte sequence of a...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: btusb: Fixed memory leak This checks whether CONFIGDEVCOREDUMP is enabled before attempting to clone the skb, and also ensures that btmtkprocesscoredump frees the skb following the same logic...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fixed a potential use-after-free in hix5hd2rx. The skb is passed to npapigroreceive, which may free it. After calling this function, dereferencing the skb may trigger a use-after-free...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix the issue of failing to release the skbuff in seg6inputcore. The seg6input function is responsible for adding the SRH into a packet, delegating this operation to seg6inputcore. This function uses skbcowhead to ensur...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: tls: Always refresh the queue when reading sock. After recent changes in net-next, TCP compacts skb much more aggressively. This uncovered a bug in TLS, where we might attempt to operate on an old skb when checking whether all sk...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: espintcp: The caching of the encap socket has been removed to avoid reference leaks. The current scheme for caching the encap socket can lead to reference leaks when trying to delete the netns. The reference chain is: xfrmstate -...
Astra Linux - уязвимость в linux-5.15, linux-6.1, linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: TLS: Fixed a race condition between TX work scheduling and socket closure. Similar to previous commits, the submitting thread recvmsg/sendmsg may exit as soon as the async crypto handler calls complete. It’s more logical to...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: kcm: Race conditions occur when accessing skreceivequeue. sk-skreceivequeue is protected by the skb queue lock. However, for KCM sockets, the RX path requires mux-rxlock to protect more than just the skb queue. Nevertheless,...