Astra Linux – Vulnerability in cifs-utils

It was discovered that cifs-utils’ mount.cifs function invoked a shell when requesting the Samba password, which could be exploited to inject arbitrary commands. An attacker who had special permissions, such as those through sudo rules, could use this vulnerability to escalate their privileges...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Block: Fixed the issue where queues could freeze during storage operations in sysfs. The queueattrstore function always freezes the device queue before performing the attribute storage operation. For attributes that control...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: s390/bpf: Fixed pointer arithmetic in bpfplt. Kui-Feng Lee reported a crash on the s390x architecture, triggered by the dummystops/dummyinitptrarg test 1: 0x2 bpfstructopstestrun+0x156/0x250 sysbpf+0xa1a/0xd00...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mlxbfgige: Call requestirq after NAPI initialization The mlxbfgige driver encounters a NULL pointer exception in mlxbfgigeopen when kdump is enabled. The sequence to reproduce this exception is as follows: a Enable kdump. b Trigg...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: dpll: Fixed the dpllxarefdel function for multiple registrations. Currently, if there are multiple registrations of the same pin on the same dpll device, the following warnings are observed: WARNING: CPU: 5 PID: 2212 at...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: Add a check for reserved GDT blocks We have identified a NULL pointer issue when resizing a corrupted ext4 image that has recently had the resize inode feature disabled without running e2fsck. This issue can be reproduced b...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Input: gpio-keys – fix a sleep while atomic with PREEMPTRT. When PREEMPTRT is enabled, the gpiokeysirqtimer callback runs in the hardirq context. However, the inputevent function takes a spinlock, which is not allowed in that...

Astra Linux – Vulnerability in libfastjson

JSON-C version 0.14 has an integer overflow issue, and there is a risk of out-of-bounds write operations through a large JSON file, as demonstrated by the printbufmemappend function...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nfc: pn533: Wait for outurb’s completion in pn533usbsendframe A use-after-free issue occurred in hcd when the inurb sent from pn533usbsendframe was completed earlier than outurb. The callback in pn533sendComplete frees the skb...

Astra Linux – Vulnerability in Node.js

A vulnerability in Node.js has been identified, allowing for a Denial of Service DoS attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability arises from the fact that the fetch function in Node.js always decodes Brotli, making ...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: padata: The handling of refcnts in padatafreeshell has been fixed. In a high-load Arm64 environment, the pcryptaead01 test in LTP can lead to system UAF Use-After-Free issues. Due to the lengthy analysis of the pcryptaead01...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: powerpc/lib: Validate size for vector operations Some parts of the fp/vmx code in sstep.c assume a certain maximum size for the instructions being emulated. However, the size of these operations is determined separately in the...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: dmaengine: Fixed a NULL pointer issue in the channel unregistration function. The dmaasyncdevicechannelregister function may fail. In the event of a failure, chan-local is freed with freepercpu, and chan-local becomes null. When...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed to avoid dirent corruption As Al reported in link 1: f2fsrename … if olddir != newdir && !whiteout f2fssetlinkoldinode, olddirentry, olddirpage, newdir; else f2fsputpageolddirpage, 0; You need the correct inumber i...

Astra Linux – Vulnerability in Paramiko

In Paramiko before 2.10.1, a race condition between creation and chmod in the writeprivatekeyfile function could allow unauthorized information disclosure...

Astra Linux – Vulnerability in binutils

There is a flaw in the bfdpefscanstartaddress function of bfd/pef.c in binutils, which could allow an attacker who can submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: RISCV: Use READONCENOCHECK in the imprecise unwinding stack mode. When CONFIGFRAMEPOINTER is not set, the stack unwinding function walkstackframe randomly reads from the stack. When KASAN is enabled, this can lead to the followin...

Astra Linux – Vulnerability in libx11, libxpm

A vulnerability was discovered in libX11 due to an infinite loop within the PutSubImage function. This flaw allows a local user to consume all available system resources and cause a denial of service condition...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the ice module, the issue of using an untrusted value of pktlen in the icevcfdirparseRaw function has been fixed. This issue was addressed by checking that the value of pktlen does not exceed the VIRTCHNLMAXSIZERAWPACKET value...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: added a missing cputonode call to kvzallocnode in mlx5eopenxdpredirectsq The kvzallocnode function does not perform a runtime check on the node argument allocpagesnodenoprof does have a VMBUGON, but it becomes useless ...