446717 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: net/sched: fixed the lockdep issue in qdisctreereducebacklog The qdisctreereducebacklog function is called with the qdisc lock held, not RTNL. We must use qdisclookuprcu instead of qdisclookup. syzbot reported: WARNING:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: zsmalloc: The LRU update has been moved from zsmapobject to zsmalloc. Under memory pressure, we sometimes observe the following crashes: 5694.832838 ------------ Cut here 5694.842093 Listdel corruption; ffff888014b6a448-next i...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/xe/xepagefault: Reads-only VMA writes are now prohibited. The page fault handler should reject write/atomic accesses to read-only VMA. Add code to handle this in xepagefaultservice after the VMA lookup. v2: – Applied the...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: inet: Sk-skrxdst was converted to RCU rules. The syzbot reported various issues related to early demux processing. One of these issues is included in this changelog 1. Sk-skrxdst uses RCU protection without proper documentatio...
Astra Linux – Vulnerability in Zabbix
A authenticated user with API access e.g., a user with the default User role can be added to any group e.g., Zabbix Administrators. Specifically, a user with access to the user.update API endpoint can be added to any group, except for groups that are disabled or have restricted GUI access...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fixed the issue to cover normal cluster writes using cprwsem. When we overwrite a compressed cluster with a normal cluster, we should not unlock cprwsem during f2fswriterawpages. Otherwise, data will be corrupted ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed an warning in ext4updateinlinedata. Syzbot identified the following issue: EXT4-fs loop0: Mounted a filesystem with ID 00000000-0000-0000-0000-000000000000 without a journal. Quota mode: none. fscrypt: Uses...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: smb: client: prevented races in -queryinterfaces It was possible for two query interfaces to simultaneously attempt to update the interfaces. This issue can be avoided by checking and updating ifacelastupdate under ifacelock...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net/xen-netback: This issue prevents a Use-after-Free UAF condition in xenvifflushhash. During the listforeachentryrcu iteration, when calling xenvifFlushHash, kfreercu does not exist within the rcu read critical section...
Astra Linux – Vulnerability in Containerd
Containerd is an open-source container runtime that emphasizes simplicity, robustness, and portability. A bug was discovered in Containerd where container root directories and certain plugins had insufficiently restricted permissions, allowing unprivileged Linux users to access the contents of...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fixed a possible use-after-free during activity updates. The “rule activity update” process periodically traverses a list of configured rules and queries their activity from the device. As part of this...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: fixed possible store tearing in neighperiodicwork. While reviewing a related syzbot report involving neighperiodicwork, I discovered that I forgot to add an annotation when deleting an RCU-protected item from a list. When...
Astra Linux – Vulnerability in Linux 5.10
A race condition was detected in the Linux kernel’s ebpf verifier between bpfmapupdateelem and bpfmapfreeze, due to a missing lock in the kernel/bpf/syscall.c file. In this flaw, a local user with special privileges capsysadmin or capbpf can modify the frozen mapped address space. This flaw affec...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Do not clone flow post-action attributes a second time. The code already clones post-action attributes in mlx5ecloneflowattrforpostact. Creating another copy in mlx5etcpostactadd is an error remaining from the original...
Astra Linux – Vulnerability in Firefox
A use-after-free vulnerability was identified during testing, and it was traced to an outdated Cairo library. Updating the library resolved the issue, and it may have also addressed other unknown security vulnerabilities. This vulnerability affects Firefox versions earlier than 90...
Astra Linux – Vulnerability in WebKit2GTK
A use-after-free vulnerability exists in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before version 2.36.8, allowing attackers to execute code remotely...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ice: Fixed a crash by retaining the old configuration when updating Traffic Classes beyond the allocated queues. There are issues when the number of allocated queues is less than the number of Traffic Classes. The commit...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ublk: Fix for deadlock when reading the partition table When a process such as udev opens the ublk block device e.g., to read the partition table using bdevopen, a deadlock can occur: 1. bdevopen grabs the disk-openmutex. 2. The...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Fixed the possibility of accessing a freed kirqfd instance. Nothing prevents simultaneous ioctl calls to privcmdirqfdassign and privcmdirqfddeassign. If this occurs, it is possible that a kirqfd created and added to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: md: fixed rcu protection in mdwakeupthread We attempted to use RCU to protect the pointer “thread”, but passed the value directly when calling mdwakeupthread. This means that the RCU pointer was acquired before rcureadlock was...