446731 matches found
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: fixed possible store tearing in neighperiodicwork. While reviewing a related syzbot report involving neighperiodicwork, I discovered that I forgot to add an annotation when deleting an RCU-protected item from a list. When...
Astra Linux – Vulnerability in Linux 5.10
A race condition was detected in the Linux kernel’s ebpf verifier between bpfmapupdateelem and bpfmapfreeze, due to a missing lock in the kernel/bpf/syscall.c file. In this flaw, a local user with special privileges capsysadmin or capbpf can modify the frozen mapped address space. This flaw affec...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Do not clone flow post-action attributes a second time. The code already clones post-action attributes in mlx5ecloneflowattrforpostact. Creating another copy in mlx5etcpostactadd is an error remaining from the original...
Astra Linux – Vulnerability in Firefox
A use-after-free vulnerability was identified during testing, and it was traced to an outdated Cairo library. Updating the library resolved the issue, and it may have also addressed other unknown security vulnerabilities. This vulnerability affects Firefox versions earlier than 90...
Astra Linux – Vulnerability in WebKit2GTK
A use-after-free vulnerability exists in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before version 2.36.8, allowing attackers to execute code remotely...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ice: Fixed a crash by retaining the old configuration when updating Traffic Classes beyond the allocated queues. There are issues when the number of allocated queues is less than the number of Traffic Classes. The commit...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ublk: Fix for deadlock when reading the partition table When a process such as udev opens the ublk block device e.g., to read the partition table using bdevopen, a deadlock can occur: 1. bdevopen grabs the disk-openmutex. 2. The...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Fixed the possibility of accessing a freed kirqfd instance. Nothing prevents simultaneous ioctl calls to privcmdirqfdassign and privcmdirqfddeassign. If this occurs, it is possible that a kirqfd created and added to...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: cachefiles: Added missing lock protection when polling. A missing lock protection was added to the poll routine when iterating the xarray. Otherwise, even with the RCU read lock held, only the slot of the radix tree is guaranteed...
Astra Linux – Vulnerability in WebKit2GTK
A privacy issue was addressed through improved handling of files. This issue is fixed in Safari 18.3, iOS 18.3, and iPadOS 18.3, as well as macOS Sequoia 15.3. Copying a URL from the Web Inspector may lead to command injection...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: md: fixed rcu protection in mdwakeupthread We attempted to use RCU to protect the pointer “thread”, but passed the value directly when calling mdwakeupthread. This means that the RCU pointer was acquired before rcureadlock was...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: The possibility of a Use-after-Free condition arises when selecting an endpoint. The functions selectlocaladdress and selectsignaladdress both select an endpoint from a list within the RCU-protected section. However,...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Added a null check for the ‘afb’ variable in the amdgpudmplanehandlecursorupdate function v2. This commit moves the null check for the ‘afb’ variable to the line where it is actually used in the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: futex: Fixed a race condition between futexkeytonodeopt and vmareplacepolicy During the execution of futexkeytonodeopt, vma-vmpolicy is read under the speculative mmap lock and RCU. Concurrently, mbind may call vmareplacepolicy,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: clonesetfence only affects the “flush” set The Syzbot triggered a failing memory allocation with GFPKERNEL, resulting in a WARN message: iter.err WARNING: net/netfilter/nftablesapi.c:845 at...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed a NULL pointer dereference in dcn401inithw. dcn401inithw assumes that updatebwboundingbox is valid when entering the update path. However, the current condition: !fams2enable && updatebwboundingbox ||...
Astra Linux – Vulnerability in PostgresSQL 11
A flaw was discovered in PostgreSQL. By using an UPDATE...RETURNING command on a specially crafted table, an authenticated database user could read arbitrary bytes of server memory. The most significant threat of this vulnerability is data confidentiality...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: jbd2: fixed the potential buffer head reference count leak. In the case of jbd2fcwaitbufs, if the buffer is not up-to-date, it will return -EIO without updating journal-jfcoff. However, in jbd2fcreleasebufs, the buffer head will ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: HWS, fixed the issue where complex rule rehash operations failed. Moving rules from one matcher to another should not fail. However, if it does fail due to various reasons, the error handling mechanism should allow t...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Use raw spinlock for cgrlock The smpcallfunction always runs its callback in a hard IRQ context, even when running under PREEMPTRT, where spinlocks may be in a sleeping state. Therefore, we need to use a raw...