Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: usb: asixdevices: add phymask for ax88772 mdio bus Without setting the phymask for the ax88772 mdio bus, the current driver may create at most 32 mdio PHY devices with PHY addresses ranging from 0x00 to 0x1f. The DLink...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Cancel the running BPF timer through kworker for PREEMPTRT During the update process, when overwriting an element in a pre-allocated htab, the freeing of oldelement is protected by the bucket lock. The reason why the bucket...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: cx25821: Fixed the warning when removing the module When removing the module, the following warning will appear: 14.746697 removeprocentry: Removing the non-empty directory ‘irq/21’; data is being leaked at least from...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: A missing return value check bug has been fixed. In the smb2sendinterimresp function, if ksmbdallocworkstruct fails to allocate a node, it returns a NULL pointer to the inwork pointer. This can lead to an illegal memory...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/siw: Fixed a refcounting leak in siwcreateqp. The atomicinc function needs to be paired with an atomicdec function in the error handling path...

Astra Linux – Vulnerability in Gdal

GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in the PCIDSK::CPCIDSKFile::ReadFromFile function invoked from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment...

Astra Linux – Vulnerability in SQLite3

The zipfileUpdate function in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during the update of a ZIP archive...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the net: bridge section, for the mcast function, it was decided to always update the mdbnEntries value for VLAN contexts. The syzbot triggered a warning1 regarding the number of mdb entries in a context. It turns out that ther...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fix memory access flags in helper prototypes After the commit 37cce22dbd51 “bpf: verifier: Refactor helper access type tracking”, the verifier began relying on the access type flags in helper function prototypes to perfor...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fixed a memory leak in the GETDATADIRECTSYSFSPATH handler. The UVERBSHANDLERMLX5IBMETHODGETDATADIRECTSYSFSPATH function allocates memory for the device path using kobjectgetpath. If the length of the device path exceed...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The call to ksmbdvfskernpathendremoving is required on some error paths. There are two places where ksmbdvfskernpathendremoving needs to be called in order to balance what the corresponding successful call to...

Astra Linux – Vulnerability in Apache2

The aprwrite function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large inputs using aprwrite or aprputs. This issue can occur, for example, when using the modluas r:puts function. Modules that are compiled and distribute...

Astra Linux – Vulnerability in cups

OpenPrinting CUPS is an open-source printing system. In versions 2.4.2 and earlier, a heap buffer overflow vulnerability existed, which allowed a remote attacker to launch a Denial-of-Service DoS attack. This vulnerability was present in the formatlogline function. Exploitation of this...

Astra Linux – Vulnerability in imagemagick

In the IntensityCompare function in /magick/quantize.c, there are calls to PixelPacketIntensity, which may return overflowing values to the caller when ImageMagick processes a crafted input file. To address this issue, the patch introduces and utilizes the ConstrainPixelIntensity function. This...

Astra Linux – Vulnerability in libsoup2.4

A flaw was discovered in libsoup, where the soupmessageheadersgetcontentdisposition function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function...

Astra Linux – Vulnerability in libsoup2.4

A flaw was discovered in libsoup, where the soupmultipartnewfrommessage function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read data beyond its intended range...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/vc4: Do not check if plane-state-fb == state-fb Currently, when using non-blocking commits, the following kernel warnings can be observed: 110.908514 ------------ Cut here ------------ 110.908529 refcountt: Underflow; Use...

Astra Linux – Vulnerability in Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: “spufs”: fixed a leak related to the failure of spufsnewfile. This issue is triggered from spufsfilldir, and the caller of that function will call spufsrmdir in case of failure. This action removes everything we’ve managed to...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nilfs2: Do not force clear the buffer if it is referenced. The patch series “nilfs2: Protect busy buffer heads from being forced to be cleared” addresses this issue. This patch fixes the inconsistency in buffer head states report...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: Fixed issues related to data races around sk-skforwardalloc. Syzkaller reported this warning: ------------------ WARNING: CPU: 0 PID: 16 at net/ipv4/afinet.c:156 inetsockdestruct+0x1c5/0x1e0 Modules linked in: CPU: 0 UID:...