Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: prefer nftchainvalidate nftchainvalidate already performs loop detection, as a cycle in the process could lead to a call stack overflow ctx-level = NFTJUMPSTACKSIZE. It also iterates through the maps via t...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fixed the issue of duplicate endpoints by clearing the reserved bits in the descriptor. Syzbot has identified a bug in usbcore see the Closes tag below. The bug is caused by our assumption that the reserved bits in the...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: cifs: Fixed a buffer overflow issue when parsing NFS reparse points. ReparseDataLength is the sum of the InodeType size and the DataBuffer size. To obtain the DataBuffer size, it is necessary to subtract the InodeType size fro...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/stm: Avoid use-after-free issues with crtc and plane The function ltdcload calls the functions drmcrtcinitwithplanes, drmuniversalplaneinit, and drmencoderinit. These functions should not be called with parameters allocate...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Cancel dqisyncwork before freeing oinfo. The ocfs2globalreadinfo function will initialize and schedule dqisyncwork at the end. If an error occurs after successfully reading the global quota, the following warning will be...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Null pointers are checked before using dc-clkmgr. WHY & HOW dc-clkmgr is already checked for null values in the same function; this indicates that it may be null. The value “dc” is passed to...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed an issue where the index out of bounds occurred in the DCN30 degamma hardware format translation. This commit addresses a potential index out of bounds issue in the cm3helpertranslatecurvetodegammahwformat...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-clt: Resets cid to connum – 1 to remain within bounds. In the function initconns, after the createcon and createcm calls for the loop, if something fails. During the cleanup phase of the loop, after the destroy tag, we...

Astra Linux – Vulnerability in gst-plugins-base1.0

GStreamer is a library for constructing graphs of media-handling components. A stack-buffer overflow has been detected in the gstopusdecparseheader function within gstopusdec.c. The pos array is a stack-allocated buffer of size 64. If nchannels exceeds 64, the for loop will write beyond the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: – The faulty behavior of the mm:resolvefaultymmapregion function has been fixed. The mmapregion function is quite problematic, with a confusing control flow and numerous ways in which issues can arise. This leads to incomplete...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iouring/rw: fixed the omission of the NOWAIT check for ODIRECT write operations. When iouring initiates a write operation, it calls kiocbstartwrite, which triggers the super block rwsem. This prevents any freezes from occurring...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: igb: A potential invalid memory access issue has been fixed in igbinitmodule. The pciregisterdriver function may fail. When this occurs, the dcanotifier needs to be unregistered. Otherwise, the dcanotifier can be called when igb...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: hns3: fixed a kernel crash that occurred when uninstalling the driver. When the driver is uninstalled and the VFs are disabled concurrently, a kernel crash occurs. The reason is that both actions call the function...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: btrfs: Reinitialize the delayed ref list after deleting it from the list. In the insertdelayedref function, if we need to update the action of an existing ref to BTRFSDROPDELAYEDREF, we delete the ref from its refhead’s refaddlis...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed an out-of-bounds write in triegetnextkey The triegetnextkey function allocates a node stack with a size of trie-maxprefixlen. However, it writes trie-maxprefixlen + 1 nodes to the stack when the stack is full. For...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: SHAMPO, Fix incorrect page release Under the following conditions: 1 No skb has been created yet. 2 headersize == 0 no SHAMPO header. 3 headerindex + 1 % MLX5ESHAMPOWQHEADERPERPAGE == 0 this is the last page fragment o...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: x86/entry32: CPU buffers are cleared after register restoration in NMI return. Currently, CPU buffers are cleared after a call to excnmi, but before the register state is restored. This may be acceptable for MDS mitigation, but n...

Astra Linux – Vulnerability in ffmpeg

There is a heap-based Buffer Overflow vulnerability in FFmpeg 4.2, located in the getblockrow function in libavfilter/vfbm3d.c. This vulnerability may lead to memory corruption and other potential issues...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: md/raid10: check slab-out-of-bounds in mdbitmapgetcounter If we write a large number to md/bitmapsetbits, mdbitmapcheckpage will return -EINVAL because ‘page = bitmap-pages’. However, the returned value was not checked immediatel...

Astra Linux – Vulnerability in libavif

In libavif before version 1.3.0, the makeRoom function in stream.c has an integer overflow, resulting in a buffer overflow at stream-offset+size...