Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Clear XSTATEBVi in the guest XSAVE state whenever XFDi=1 When loading the guest XSAVE state via KVMSETXSAVE, and when updating XFD in response to a guest WRMSR, the disabled features in XSTATEBV are cleared to ensure tha...

Astra Linux – Vulnerability in Poppler

Poppler is a library for rendering PDF files and examining or modifying their structure. A use-after-free vulnerability has been detected in versions of Poppler prior to 25.10.0 within the StructTreeRoot class. The issue arises from the use of raw pointers to elements of a std::vector; this can...

Astra Linux – Vulnerability in golang-golang-x-net

An attacker can cause excessive memory usage in a Go server that accepts HTTP/2 requests. HTTP/2 server connections include a cache of HTTP header keys sent by the client. Although the total number of entries in this cache is limited, an attacker who sends very large keys can cause the server to...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netfs: Fixed a kernel bug in netfslimititer for ITERKVEC iterators. When a process crashes and the kernel writes a core dump to a 9P filesystem, kernelwrite creates an ITERKVEC iterator. This iterator calls netfsunbufferedwrite,...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: um: vector: Fixed a memory leak in vectorconfig. If the return value of the umlparsevectorifspec function is NULL, we should call kfreeparams to prevent the memory leak...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Set the new vector length before reallocating it. As part of fixing the allocation of the buffer for SVE states when changing the SME vector length, we introduced an immediate reallocation of the SVE state. This...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RISCV: Vector: Fixed the context saving/restoring with xtheadvector. Previously, only v0-v7 were correctly saved/restored, and the context of v8-v31 was corrupted. Now, v8-v31 are correctly saved/restored to avoid breaking the us...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: arm/poly1305 – Fixed register corruption in no-SIMD contexts. The SIMD usability check, which was removed with the commit 773426f4771b „crypto: arm/poly1305 – Added block-only interface“, has been restored. This safet...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: arm64/poly1305 – Fixed register corruption in no-SIMD contexts. The SIMD usability check, which was removed with the commit a59e5468a921, has been restored. “crypto: arm64/poly1305 – Added a block-only interface.” Thi...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: s390/crypto: Use vector instructions only if they are available for ChaCha20. Commit 349d03ffd5f6 “crypto: s390 – add a crypto library interface for ChaCha20” added a library interface to the s390-specific ChaCha20...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: genirq/cpuhotplug, x86/vector: Prevents vector leaks during CPU offline states. The absence of IRQDMOVEPCNTXT prevents immediate effectiveness of interrupt affinity reconfiguration via procfs. Instead, the change is deferred unti...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mt76: mt7915: fixed the possible NULL pointer dereferencing in mt7915macfillrxvector. Fixed the possible NULL pointer dereferencing in mt7915macfillrxvector if the chip does not support dbdc and the hardware reports bandidx se...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state There are several issues with the way the hyp code lazily saves the host’s FPSIMD/SVE state. These include: The host SVE state is unexpectedly discarded due to...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: exec: Force a single empty string when argv is empty Quoting 1 Ariadne Conill: “In several other operating systems, it is a hard requirement that the second argument to execve2 be the name of a program. This prevents scenarios...

Astra Linux – Vulnerability in ruby-loofah

Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built upon the Nokogiri framework. Loofah 2.19.1 contains a inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize certain SVG attributes. This may lea...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: IB/hfi1: Fixed bugs related to non-PAGESIZE-end multi-iovec user SDMA requests. The processing of hfi1 user SDMA requests contains two bugs that can cause data corruption for user SDMA requests with multiple payload iovecs. In...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: powerpc/lib: Validate size for vector operations Some parts of the fp/vmx code in sstep.c assume a certain maximum size for the instructions being emulated. However, the size of these operations is determined separately in the...

Astra Linux – Vulnerability in Composer

Composer is a dependency manager for the PHP programming language. Integrators who use Composer code to call VcsDriver::getFileContent may encounter a code injection vulnerability if the user can control the $file or $identifier arguments. This vulnerability is documented on packagist.org, where...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Freeing irq vectors in order for v3 HW If the driver probe fails to request the channel IRQ or fatal IRQ, the driver will free the IRQ vectors before freeing the IRQs in freeirq, and this will cause a kernel BUG li...

Astra Linux – Vulnerability in Batik

A vulnerability in Batik of Apache XML Graphics allows an attacker to execute untrusted Java code from an SVG. This issue affects Apache XML Graphics versions prior to 1.16. It is recommended to update to version 1.16...