Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: ipa: Fixed the issue where the event ring index was not properly programmed for IPA v5.0+. For IPA v5.0+ onwards, the event ring index field has been moved from CHCCNTXT0 to CHCCNTXT1. In IPA v5.0, this field was intended to...

Astra Linux – Vulnerability in Netty

The HttpObjectDecoder.java file in Netty before version 4.1.44 allowed a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: i2c: xiic: xiicxfer: Fixed a runtime PM leak on the error path. The xiicxfer function acquires a runtime PM reference when it is entered. This reference is released when the function is exited. Currently, there is one error path...

Astra Linux – Vulnerability in Waitress

Waitress version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value. If that value was not in the “chunked” format, it would proceed using the Content-Length header instead. According to the HTTP standard, Transfer-Encoding should be a comma-separated list, wit...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: media: vidtv: Local pointers must be initialized upon transferring memory ownership. The vidtvchannelsiinit function creates a temporary list program, service, event, and the ownership of the memory itself is transferred to th...

Astra Linux – Vulnerability in Gunicorn

Gunicorn fails to properly validate Transfer-Encoding headers, resulting in HTTP Request Smuggling HRS vulnerabilities. By creating requests with conflicting Transfer-Encoding headers, attackers can bypass security restrictions and access restricted endpoints. This issue arises due to Gunicorn’s...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: i2c: validation of user data in compact ioctl commands. Incorrect user data may cause warnings in i2ctransfer. For example, it may result in no messages being sent at all. Userspace should not be able to trigger such warnings...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: Ensure that the TX and RX FIFOs are empty at the start of a transfer. When transmitting with rxlen == 0, the RX FIFO will not be emptied in the interrupt handler. As a result, the next transfer might read dat...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: i2c: riic: Moving suspend handling to NOIRQ phase Commit 53326135d0e0 “i2c: riic: Adding suspend/resume support” added suspend support for the Renesas I2C driver. Following this change, on RZ/G3E, the following warning appears...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect currxfer in tegraqspicombinedseqxfer The currxfer field is read by the IRQ handler without holding a lock. This allows the IRQ handler to check whether a transfer is in progress. When clearing the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: smb: server: The use of smbdirectsocket.sendio.bcredits has been addressed. It turns out that our code will corrupt the stream of reassabled data transfer messages when we trigger an immediate empty send. To fix this issue, we wi...

Astra Linux – Vulnerability in JRuby

A vulnerability was discovered in Ruby versions 2.5.8, 2.6.x up to 2.6.6, and 2.7.x up to 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, did not rigorously check the transfer-encoding header value. An attacker could potentially exploit this vulnerability to bypass a reverse proxy which...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: usbtmc: Fixed a bug in the pipe direction for control transfers. The syzbot fuzzer reported a minor bug in the usbtmc driver: usb 5-1: The BOGUS control direction, pipe 80001e80, does not match bRequestType 0. WARNING: CPU: ...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: Fixed an issue where the index out of bounds occurred in the DCN30 color transformation. This commit addresses a potential index out of bounds issue in the cm3helpertranslatecurvetoHWformat function within the...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed an issue where the index out of bounds occurred in the DCN30 degamma hardware format translation. This commit addresses a potential index out of bounds issue in the cm3helpertranslatecurvetodegammahwformat...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: Fixed a potential index out of bounds issue in the color transformation function. The issue could occur when the index ‘i’ exceeds the number of transfer function points TRANSFERFUNCPOINTS. The fix includes a...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: comedi: vmk80xx: fixed transfer-buffer overflows The driver uses USB transfer buffers sized at the endpoint level, but until recently, there were no sanity checks on these buffer sizes. The commit e1f13c879a7c “staging: comedi...

Astra Linux – Vulnerability in Qemu

A NULL pointer dereference flaw was discovered in the am53c974 SCSI host bus adapter emulation in QEMU in versions prior to 6.0.0. This issue occurs when handling the “Information Transfer” command. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Wait unconditionally after issuing the ENDXFER command. Currently, for all controller IP/versions except DWC3usb3 = 310a, a 1ms wait is required unconditionally for the completion of ENDXFER when the IOC is not set. Th...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Landlock: Do not lose track of restrictions on credtransfer. When a process’s credstruct is replaced, this mechanism almost always invokes the credprepare LSM hook. However, in one special case when KEYCTLSESSIONTOPARENT updates...