Astra Linux – Vulnerability in python-webob

WebOb provides objects for HTTP requests and responses. When WebOb normalizes the HTTP Location header to include the request hostname, it does so by parsing the URL that the user will be redirected to using Python’s urlparse function, and joining that parsed URL to the base URL. However, the...

Astra Linux – Vulnerabilities in Linux-6.1, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: Un-sharing of page tables occurs during VMA splitting, not before. Currently, splitvma triggers the un-sharing of hugetlb page tables through vmops-maysplit. This occurs before the VMA lock and rmap locks are taken –...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: In the ftrace function, a potential warning was fixed in traceprintkseq during ftracedump. When ftracedumpone is called concurrently with reading from tracepipe, a WARNONONCE message can be triggered due to a race condition. The...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy for BIOS version The strlcat function with FORTIFY support triggers a panic because it assumes that the target buffer will overflow, even though the correct target buffer size is provided. In any case,...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: In the mpls module, the function mplsrouteinputrcu uses rcudereferencertnl. As reported by syzbot 0, the mplsrouteinputrcu function can be called from mplsgetroute, which operates under RTNL. Additionally, the...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fixed the issue where the link state was exited during the removal of an upstream function. Before version 456d8aa37d0f “PCI/ASPM: Disabled ASPM during the removal of an MFD function to avoid use-after-free”, we only...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: mm/khugepaged: fixed -anonvma race condition If an -anonvma is attached to the VMA, the collapseandfreepmd function requires it to be locked. Page table traversal is allowed under either the mmap lock, the anonvma lock if the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: i40e: added validation for the ringlen parameter. The ringlen parameter provided by the virtual function VF is assigned directly to the hardware memory context HMC without any validation. To address this issue, a upper boundar...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fslupm: A bug in the funexecop function was fixed; a “off-by-one” test was corrected. The “op-cs” values are copied into “fun-mchipnumber”, which is used to access the “mchipoffsets” and “rnbgpio” arrays. These arra...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: gpio: davinci: Validate the obtained number of IRQs. The value of pdata-gpiounbanked is retrieved from the Device Tree. If the Device Tree is corrupted due to any error, this value can be arbitrary. Without this value validation,...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: scsi: aacraid: Fixed a double-free on probe failure. The aacprobeone function calls hardware-specific initialization functions through the aacdriverident::init pointer. All of these functions ultimately call aacinitadapter. If...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: checks dot and dotdot of dxroot before making dir indexed Syzbot reports the following issue: ============================================ BUG: Unable to handle page fault for address: ffffed11022e24fe PGD 23ffee067 P4D...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fs: sysfs: Fixed a reference leak in sysfsbreakactiveprotection The sysfsbreakactiveprotection routine has a clear reference leak in its error handling path. If the call to kernfsfindandget fails, kn will be NULL. As a result, th...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fixed a null pointer crash in mtkdrmcrtcfinishpageflip. It is possible that mtkcrtc-event is NULL in mtkdrmcrtcfinishpageflip. The pendingneedsvblank value is set by mtkcrtc-event, but in mtkdrmcrtcatomicFlush, it...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: ice: Fixed a potential NULL pointer dereference in the icebridgesetlink function. The icebridgesetlink function may encounter a NULL pointer dereference if nlmsgfindattr returns NULL, and brspec is dereferenced subsequently ...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: RISCV: Use READONCENOCHECK in the imprecise unwinding stack mode. When CONFIGFRAMEPOINTER is not set, the stack unwinding function walkstackframe randomly reads from the stack. When KASAN is enabled, this can lead to the followin...

Astra Linux – Vulnerability in libjpeg-turbo

LibJPEG 9c has a major issue with a large loop, as the readPixel function in rdtarga.c improperly handles EOF situations...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix compose-height boundary issue Syzkaller identified a bug: BUG: Unable to handle page faults for address: ffffc9000a3b1000 PF: Supervisor write access in kernel mode PF: Errorcode0x0002 – Not-present page PGD...

Astra Linux – Vulnerability in TIF format

Libtiff 4.5.0 is vulnerable to a Buffer Overflow issue through the use of the extractContigSamplesShifted8bits function, located at /libtiff/tools/tiffcrop.c:3753...

Astra Linux – Vulnerability in OpenLDAP

In OpenLDAP versions 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function due to a malicious packet. This leads to a denial of service daemon exits caused by a short timestamp. This issue is related to the schemainit.c file and the...