Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: tpd12s015: A buggy exit annotation for the remove function was removed. With tpd12s015remove marked with exit, this function is discarded when the driver is compiled as a built-in component. As a result, when the driv...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: fixed a stack-out-of-bounds read in usbcheckintendpoints Syzbot1 identified a stack-out-of-bounds read of the epaddr array from the hid-thrustmaster driver. This array is passed to the usbcheckintendpoints...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Fixed the check for NULL values in the SCCB field. The tracing code called by the SCLP interrupt handler contains early exits if the SCCB address associated with an interrupt is NULL. This check is performed after the...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: fixed potential NULL pointer dereferencing in ncmbitrate In Google’s internal bug report 265639009, we received a crash report from a aarch64 GKI 5.10.149-android13 running device. This report is currently...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: ath9k: Fixed a potential array-index-out-of-bounds read in ath9khtctxstatus. The bug occurs when txs-cnt—data from a URB provided by a USB device—is larger than the size of the array txs-txstatus, which is HTCMAXTXSTATUS...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: brnetfilter: do not check the confirmed bit in brnflocalin after confirmation. When sending a broadcast packet to a tap device, which is added to a bridge, the brnflocalin function is called to confirm the conntrack. I...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: Fixed an issue where an index out of bounds could occur in the degamma hardware format translation. This issue was addressed by fixing the index out of bounds situation in the...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Fixing inode number range checks The patch series “nilfs2: Fixing potential issues related to reserved inodes” addresses these issues. This series fixes a use-after-free issue reported by syzbot, which was caused by th...

Astra Linux – Vulnerability in espeak-ng

It was discovered that Espeak-ng 1.52-dev contains a Floating Point Exception due to the use of the PeaksToHarmspect function in wavegen.c...

Astra Linux – Vulnerability in netcdf

A issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmldecode, when parsing a crafted XML file, performs incorrect memory handling. This results in an overflow of the heap-based buffer when strchr is called, starting with a pointer after a '\0' character where the processing of th...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: KVM: s390 – Fixed an issue with validity checks when gisa is disabled. This issue occurs when gisa is disabled either by using the kernel parameter “kvm.usegisa=0” or by setting the related sysfs attribute to N e.g., echo N...

Astra Linux – Vulnerability in exiv2

In Exiv2 0.26, there is a null pointer dereference in the Exiv2::DataValue::toLong function located in value.cpp. This issue is related to crafted metadata in a TIFF file...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Fixed a race condition in the DMA ring dequeue process The HCI DMA dequeue path hcidmadequeuexfer may be invoked for multiple transfers that time out at approximately the same time. However, this function is no...

Astra Linux – Vulnerability in Linux 5.15

The function rpmsgvirtioaddctrldev in the file drivers/rpmsg/virtiorpmsgbus.c in the Linux kernel, prior to version 5.18.4, contains a double-free...

Astra Linux – Vulnerability in Poppler

A issue was discovered in Poppler through version 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill in SplashOutputDev.cc...

Astra Linux – Vulnerability in libass

A stack overflow occurred in the parsetag function in libass/assparse.c in libass before version 0.15.0. This vulnerability allows remote attackers to cause a denial of service or remote code execution through a crafted file...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fixed a mismatch in the function prototype in sndseqexpandvarevent. With Clang’s Kernel Control Flow Integrity kCFI; CONFIGCFICLANG feature, indirect call targets are validated against the expected function pointer...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a data race around sysctltcpearlyretrans. When reading sysctltcpearlyretrans, it can be changed concurrently. Therefore, we need to add READONCE to its reader function...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211: Purge vif txq in ieee80211dostop After ieee80211dostop, the packets from vif’s txq could still be processed. Indeed, another concurrent call to scheduleandwaketxq from vif could cause those packets to be dequeued...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: at86rf230: Stop leaking the skb structures. Upon an error, the ieee802154xmitcomplete helper function is not called. Only ieee802154wakequeue is called manually. In the Tx phase, the skb structure is leaked. Leas...