Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/hsmp: Ensure that sock-metrictbladdr is non-NULL. If the metric table address is not allocated, accessing metricsbin will result in a NULL pointer dereference; therefore, a check must be added...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fixed the issue with rcudereferenceprotected. When destroying all sets, we are either in the pernetexit phase or executing a “destroy all sets” command from user space. The latter was taken into account in...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: added an missing RCU unlock in the error path in tryreleasesubpageextentbuffer. Call rcureadlock before exiting the loop in tryreleasesubpageextentbuffer, because there is a rcureadunlock call after the loop. This issue wa...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: hisiaccvfiopci: fixed the XQE DMA address error. The DMA addresses of EQE and AEQE are incorrect after migration, resulting in failures in the guest kernel-mode encryption services. By comparing the definitions of hardware...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: raw: Fixed NULL dereference in rawgetnext. Dae R. Jeong reported a NULL dereference in rawgetnext. It seems that the reproduction test was running these sequences in parallel, so one thread was iterating over a socket that was...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Deferring the release of the inner map when necessary When updating or deleting an inner map in the map array or map htab, the map may still be accessed by non-sleepable programs or sleepable programs. However, when the...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Deferring the epfree function in eventpoll.c to an RCU callback during a grace period. In certain situations, epfree in eventpoll.c will free the epi-ep structure while it is still being used by another concurrent...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fixed soft lockups in fib6selectpath under high next hop changes. Soft lockups were observed on a cluster of Linux-based edge routers located in a highly dynamic environment. Using the bird service, these routers continuous...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: fpga: region: adding the owner module and taking its reference count The current implementation of the fpga region assumes that the low-level module registers a driver for the parent device and uses its owner pointer to take the...

Astra Linux – Vulnerability in Flatpak

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app that used persistent directories could access and write files outside of its usual access rights, which constituted an attack on integrity and...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: jbd2: fixed the potential buffer head reference count leak. In the case of jbd2fcwaitbufs, if the buffer is not up-to-date, it will return -EIO without updating journal-jfcoff. However, in jbd2fcreleasebufs, the buffer head will ...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fixed the buffer overflow in showrcu TasksTracegpkthread. There is a possibility of buffer overflow in showrcuTasksTracegpkthread if the counters passed to sprintf are very large. The counter values used for this...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdkfd: Fixed the lock dependency warning with srcu ====================================================== WARNING: A circular locking dependency was detected. 6.5.0-kfd-yangp 2289 Not tainted...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: HWS, fixed the issue where complex rule rehash operations failed. Moving rules from one matcher to another should not fail. However, if it does fail due to various reasons, the error handling mechanism should allow t...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: NFS: A race condition during the update of an existing write request has been fixed. After the nfslockandjoinrequests function checks whether the request is still attached to the mapping, nothing prevents a call to nfs...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: amd: acp: Fixed NULL pointer dereference in acpi2ssettdmslot. Updated chip data using devgetdrvdatadev-parent to fix the NULL pointer dereference in acpi2ssettdmSlot...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Use raw spinlock for cgrlock The smpcallfunction always runs its callback in a hard IRQ context, even when running under PREEMPTRT, where spinlocks may be in a sleeping state. Therefore, we need to use a raw...

Astra Linux – Vulnerability in docker.io

Docker CLI is the command-line interface for the Docker container runtime. A bug was discovered in Docker CLI where running docker login my-private-registry.example.com with a misconfigured configuration file typically /.docker/config.json, which lists a credsStore or credhelpers that cannot be...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: cxl/region: Fixed leakage in constructregion. The first call to sysfsupdategroup requires explicitly freeing the resource, as it is too early for cxlregioniomemrelease to be called...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: The incorrect check in updateparentsubpartscpumask has been fixed. It was discovered that the check to determine whether a partition can use all the CPUs from the parent cpuset in updateparentsubpartscpumask was...