Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: netlink: Fixed an issue where the kernel could be exposed after free operation in skbdatagramiter. The syzbot reported the following issue with uninitialized value access 1: The netlinktofullskb function creates a new skb and...

Astra Linux – Vulnerability in libxml2

A issue was discovered in libxml2 before versions 2.11.7 and 2.12.x, and even before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to a use-after-free of the xmlValidatePopElement function...

Astra Linux – Vulnerability in net-snmp

The handleipv6IpForwarding function in agent/mibgroup/ip-mib/ipscalars.c in Net-SNMP version 5.4.3 to 5.9.3 has a NULL Pointer Exception bug. This bug can be exploited by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in a Denial of Service attack...

Astra Linux - Vulnerability in Golang-1.19

HTTP and MIME header parsing can allocate large amounts of memory, even when parsing small inputs, potentially leading to a denial of service. Certain unusual patterns of input data can cause the common function used to parse HTTP and MIME headers to allocate significantly more memory than is...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: power: supply: cpcap-charger: Fixed the null check for powersupplygetbyname. In the cpcapusbdetect function, the powersupplygetbyname function may return NULL instead of an error pointer. To prevent potential null pointer...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: HID: core: Do not bypass hidhwrawrequest The hidhwrawrequest function is actually useful for ensuring that the provided buffer and length are valid. Directly calling this function in the low-level transport driver bypassed those...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: In the mpls module, the function mplsrouteinputrcu uses rcudereferencertnl. As reported by syzbot 0, the mplsrouteinputrcu function can be called from mplsgetroute, which operates under RTNL. Additionally, the...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: scsi: aacraid: Fixed a double-free on probe failure. The aacprobeone function calls hardware-specific initialization functions through the aacdriverident::init pointer. All of these functions ultimately call aacinitadapter. If...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fs: sysfs: Fixed a reference leak in sysfsbreakactiveprotection The sysfsbreakactiveprotection routine has a clear reference leak in its error handling path. If the call to kernfsfindandget fails, kn will be NULL. As a result, th...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fixed a null pointer crash in mtkdrmcrtcfinishpageflip. It is possible that mtkcrtc-event is NULL in mtkdrmcrtcfinishpageflip. The pendingneedsvblank value is set by mtkcrtc-event, but in mtkdrmcrtcatomicFlush, it...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix compose-height boundary issue Syzkaller identified a bug: BUG: Unable to handle page faults for address: ffffc9000a3b1000 PF: Supervisor write access in kernel mode PF: Errorcode0x0002 – Not-present page PGD...

Astra Linux – Vulnerability in OpenLDAP

In OpenLDAP versions 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function due to a malicious packet. This leads to a denial of service daemon exits caused by a short timestamp. This issue is related to the schemainit.c file and the...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

A issue was discovered in the Linux kernel through version 6.0.10. In the l2capconfigreq function within net/bluetooth/l2capcore.c, there is an integer wraparound occurring when processing L2CAPCONFREQ packets...

Astra Linux – Vulnerability in libgd2

In the gdImageClone function in gd.c within libgd version 2.1.0-rc2 to 2.2.5, there is a NULL pointer dereferencing issue that allows attackers to crash an application through a specific function call sequence. This issue only affects PHP when it is linked with an external libgd not included as...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: making the apf token non-zero to fix the bug In the current async pagefault logic, when a page is ready, KVM relies on kvmarchcandequeuepagepresent to determine whether to deliver a READY event to the Guest. This...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: x86/amdnb: The function amdgetmmconfigrange uses rdmsrsafe, which should not be used without proper safeguards. Xen does not provide the MSRFAM10HMMIOCONFbase to all guests. This results in the following warning: Unchecked MSR...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fixed the issue where the refcount of the subsystem for the @blockclass class was leaking. The blkcgfillrootiostats function iterates over the devices belonging to the @blockclass class using classdeviterinit|next...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: afcan – Do not leave a dangling sk pointer in cancreate. When the cancreate function fails, it releases the allocated sk object. However, sockinitdata has already attached this object to the provided sock object. This will...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: Fixed an uninitialized value in ocfs2filereaditer. Syzbot has reported the following KMSAN errors: BUG: KMSAN: Uninitialized value in ocfs2filereaditer+0x9a4/0xf80; ocfs2filereaditer+0x9a4/0xf80; ioread+0x8d4/0x20f0;...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: block: Fixed a potential deadlock in blkiarangesysfsshow When reading a sysfs attribute, the attribute is already protected against removal due to the active reference counter of the kobject node. As a result, in...