Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cfg80211: Calling cfg80211stopap when switching from P2PGO type If the user-space tools switch from NL80211IFTYPEP2PGO to NL80211IFTYPEADHOC via sendmsgNL80211CMDSETINTERFACE, it does not call the cleanup function cfg80211stopap...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: blk-iolatency: Fixed imbalances in the number of in-flight IO operations and issues with hanging during offline conditions. iolatency needs to track the number of in-flight IO operations per cgroup. Since this tracking can be...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mac80211: Fixed an error in the ieee80211chanbwchange function for APVLAN stations. The ieee80211chanbwchange function iterates through all stations and accesses link-reserved.oper via sta-sdata-linklinkid. For stations on...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix for crashes occurring upon reactivation of the regular task queue rq. When the regular task queue is reactivated after the XSK socket is closed, it may read stale cancellation requests cqes, which can eventual...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags The MSGSPLICEPAGES function can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFLSHAREDFRAG after skbsplicefromiter, so later processes that may modi...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: HID: core: Do not bypass hidhwrawrequest The hidhwrawrequest function is actually useful for ensuring that the provided buffer and length are valid. Directly calling this function in the low-level transport driver bypassed those...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ublk: The SQE128 flag is validated before accessing the cmd field. The ublkctrlcmddump function accesses the sqe-cmd field before checking the IOURINGFSQE128 flag. This could lead to out-of-boundary memory access. The flag...

Astra Linux – Vulnerability in binutils

A vulnerability was discovered in GNU Binutils 2.45. The affected function is bfdx86elflatesizesections in the file bfd/elfxx-x86.c of the Linker component. This vulnerability leads to out-of-bounds read attacks. The attack must be approached locally. The exploit has been made public and can be...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fixed a UAF issue when sva unbind was performed with pending IOPFs. The commit 17fce9d2336d “iommu/vt-d: Added iopf enablement to the domain attach path” disables IOPFs on devices by removing the device from its IOMMU...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fs/proc: fixed the softlockup issue in readvmcore part 2. Since the commit 5cbcb62dddf5 fs/proc: fix softlockup in readvmcore, the number of softlockups during readvmcore at the time of kdump has decreased, but they still occur...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Thermal: Intel: PowerClamp: Fixing a mismatch in the get function for maxIdle. KASAN reported this issue. 444.853098 BUG: KASAN: Global-out-of-bounds access in paramgetint+0x77/0x90 444.853111 A size 4 value was read from the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cfg80211: Fixing management registration locking issues The issue with management registration locking was addressed. The list was locked for each wdev, but the cfg80211mgmtregistrationsupdate function iterated over it without...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: PCI: Endpoint: pci-epf-vntb: Remove duplicate resource teardown The epfntbepcdestroy function duplicates the teardown that the caller is supposed to perform later. This leads to an error when .allowlink fails, or when .droplink i...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: - riscv: ftrace: Fixed a panic caused by preemption being disabled. In RISCV, we need to use an AUIPC + JALR pair to encode an immediate jump, creating a jump to an address beyond 4K. This may cause errors if we want to enable...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: tpd12s015: A buggy exit annotation for the remove function was removed. With tpd12s015remove marked with exit, this function is discarded when the driver is compiled as a built-in component. As a result, when the driv...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: fixed a stack-out-of-bounds read in usbcheckintendpoints Syzbot1 identified a stack-out-of-bounds read of the epaddr array from the hid-thrustmaster driver. This array is passed to the usbcheckintendpoints...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Fixed the check for NULL values in the SCCB field. The tracing code called by the SCLP interrupt handler contains early exits if the SCCB address associated with an interrupt is NULL. This check is performed after the...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: fixed potential NULL pointer dereferencing in ncmbitrate In Google’s internal bug report 265639009, we received a crash report from a aarch64 GKI 5.10.149-android13 running device. This report is currently...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: ath9k: Fixed a potential array-index-out-of-bounds read in ath9khtctxstatus. The bug occurs when txs-cnt—data from a URB provided by a USB device—is larger than the size of the array txs-txstatus, which is HTCMAXTXSTATUS...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: brnetfilter: do not check the confirmed bit in brnflocalin after confirmation. When sending a broadcast packet to a tap device, which is added to a bridge, the brnflocalin function is called to confirm the conntrack. I...