Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Abrupt exit when failing to load firmware in pspinitcapmicrocode. In the function pspinitcapmicrocode, an abrupt exit should occur when attempting to load firmware fails; otherwise, it may lead to invalid memory acces...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: arm64: ptrace: Fixed an issue with partial SETREGSET for the NTARMTAGGEDADDRCTRL register. Currently, the taggedaddrctrlset function does not initialize the temporary “ctrl” variable. A SETREGSET call with a length of zero will...

Astra Linux – Vulnerability in Linux

A vulnerability was discovered in the Linux kernel. In the function printerioctl, there is an attempt to access a printerdev instance that has been deallocated. However, a use-after-free issue arises because the memory was previously freed by the gprinterfree function...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Firmware: qcom: SCM: Fixed the missing read barrier in qcomscmgettzmempool. The commit 2e4955167ec5 “Firmware: qcom: SCM: Fixed scm and waitq completion variable initialization” introduced a write barrier in the probe function to...

Astra Linux - Vulnerability in Golang-1.19

The ParseAddressList function improperly handles comments text within parentheses within display names. Since this contradicts conforming address parsers, it can lead to different trust decisions being made by programs that use different parsers...

Astra Linux – Vulnerability in yaml-cpp

The SingleDocParser::HandleFlowMap function in yaml-cpp also known as LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service resource consumption and application crash through a crafted YAML file...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fixed an out-of-bounds access in parseintegerlimit. When configuring osnoisecpus using the write system call, the following KASAN issue may occur: BUG: KASAN: Out-of-bounds access in parseintegerlimit+0x103/0x130...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rvdso: In the vdsojointimens function, a NULL pointer was encountered when handling the vfork operation. The testing results are as follows in the kernel log: 6.838454 Unable to handle kernel access to user memory without uaccess...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: libceph: Potential out-of-bounds writes have been prevented in the handleauthsessionkey function. The len field originates from untrusted network packets. Boundary checks have been added to prevent potential out-of-bounds writes...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: xfs: fixed a UAF Use-After-Value issue in xattr repair. The xchksetupxattrbuf function can allocate a new value buffer; therefore, any reference to ab-value before the call could become a dangling pointer. This issue was fixed...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/pxp: The “clear restart flag” is cleared after returning to the previous state via a jump. If we do not clear this flag, we will continue to jump back at the beginning of the function once we reach the end. Identified from...

Astra Linux – Vulnerability in binutils

Heap-based Buffer Overflow in the bfdgetl32 function in Binutils objdump 3.37...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: tipc: Returning a non-zero value from tipcudpaddr2str on error The tipcudpaddr2str function should return a non-zero value if the UDP media address is invalid. Otherwise, a buffer overflow attack may occur in tipcmediaaddrprintf...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: s390/pci: Fixed the missing check for the error return from zpcicreatedevice. The zpcicreatedevice function returns an error pointer that must be checked before dereferencing it as a struct zpcidev pointer. This check was added t...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: return fail if interface is down in bnxtqueuememalloc The bnxtqueuememalloc function is called to allocate new queue memory when a queue is restarted. It internally accesses the rx buffer descriptor corresponding to th...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: vfio: Fixed NULL pointer dereferencing caused by uninitialized group-iommufd. group-iommufd is not initialized for the iommufdctxput function. 20018.331541 BUG: NULL pointer dereferencing in the kernel, address: 00000000000000...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssgprueth: Fixed NULL pointer dereferencing in pruethprobe. In the pruethprobe function, if one of the calls to emacPhyConnect fails because of ofPhyConnect returning NULL, then the subsequent call to phyattachedinfo...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Block layer: Fixed corruption of q-blkglist during disk rebinding. Multiple instances of the gendisk function can be allocated/added for a single request queue during disk rebinding. As a result, blkg may still remain in q-blkgli...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: iio: adc: aspeed: Fixed the refcount leak in aspeedadcsettrimdata. The function offindnodebyname returns a node pointer with a refcount incremented; we should use ofnodeput on it after processing. Added the missing ofnodeput...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: dm raid: fixed access issues beyond the end of the raid member array. When the dm-raid table is loaded using raidctr, dm-raid allocates an array rs-devsrs-raiddisks for the raid device members. rs-raiddisks is determined by the...