Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: binfmtflat: Corruption occurred when data start offsets were not applied. The commit 04d82a6d0881 “binfmtflat: Allow not offsetting data start” introduced a RISC-V-specific variant of the FLAT format. This variant does not alloca...

Astra Linux – Vulnerability in htmldoc

A flaw was discovered in htmldoc commit 31f7804. A heap buffer overflow in the pdfwritenames function in ps-pdf.cxx may lead to arbitrary code execution and a Denial of Service DoS attack...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/cma: Fixed a listener leak in the rdmacmalistenonall function when it fails. If the cmalistenonall function fails, the per-device ID remains in the listenlist, but the state is not set to RDMACMADDRBOUND. When the CMID is...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: wwan: mhi: A memory leak has been fixed in the mhimbimdellink function. The MHI driver registers the network device without setting the needsfreenetdev flag. Additionally, it does not call freenetdev when unregistering the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The reference count leak in smbcheckpermdacl has been fixed. The issue occurs in a specific part of smbcheckpermdacl. When “id” and “uid” have the same value, the function simply jumps out of the loop without decrementing...

Astra Linux – Vulnerability in rpm

A flaw was discovered in RPM’s hdrblobInit function in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The greatest threat from this vulnerability is to system availability...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: clk: mmp: pxa1908-apbcp: Fixed the issue where NULL was compared with ISERR. The devmkzalloc function does not return error pointers; it returns NULL in case of an error. Update the check to match this behavior...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: The regulator: scmi – a fix was made to the refcount leak in scmiregulatorprobe. The offindnodebyname function returns a node pointer with the refcount incremented; we should use ofnodeput on it after processing. Add the missing...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy-enablecompletion only when we wait for it. The pm8001phycontrol function populates the enablecompletion pointer with a stack address, sends a PHYLINKRESET/PHYHARDRESET, waits for 300 milliseconds, and then...

Astra Linux – Vulnerability in xorg-server

A use-after-free vulnerability was discovered in the ProcRenderAddGlyphs function of Xorg servers. This issue arises when the AllocateGlyph function is called to store new glyphs sent by the client to the X server. As a result, multiple entries may point to the same non-refcounted glyphs...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: KVM: PPC: Fixed the issue with the vcpuload leak in kvmarchvcpuioctl. The vcpuput function is not called if the user copy fails. This can lead to problems such as corruption of the preempt notifier and system crashes...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg – Check for array overflow when selecting high-resolution values. When selecting high-resolution values from an array, the FIELDGET function is used to retrieve data from a 3-bit register. However, the array being...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before the interface was enabled. This issue is similar to the vulnerability in the mcp251x driver, which was fixed in commit 03c427147b2d “can: mcp251x: fix resu...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Fixed NULL pointer dereferencing in nilfspalloccommitfreeentry. Syzbot reported a NULL pointer dereferencing bug: NILFS loop0: segctord started. Construction interval = 5 seconds, CP frequency 3c 02 00 0f 85 26 05 00 0...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105tabledeleteentry There are actually 2 problems: 1. Deleting the last element does not require moving elements. In fact, the element at position i+1 is out of bounds. 2...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ice: Do not process exts if PTP is disabled. The iceptpexttsevent function can race with iceptprelease, resulting in a NULL pointer dereferencing, which can lead to a kernel panic. A panic occurs because the iceptpexttsevent...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: atm: nicstar: Fixed a possible use-after-free in nicstarcleanup The remove path of this module calls deltimer. However, that function does not wait until the timer handler finishes. This means that the timer handler may still be...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/hisi: The second sensor, hi3660, was removed. The commit 74c8e6bffbe1 “driver core: Add allocsize hint to devm allocators” exposes a panic “BRK handler: Fatal exception” during the hi3660thermalprobe function. Thi...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rcv: fixed the runtime constant support for nommu kernels The runtimefixup32 function does not handle the case where val is zero correctly as may occur when patching a nommu kernel and referring to a physical address below the 4G...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fanotify: Validate the return value of mntnsfromdentry before dereferencing it. The function dofanotifymark does not validate whether mntnsfromdentry returns NULL before dereferencing mntns-userns. This causes a NULL pointer...