Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Do not override the return value of subprog The verifier test "calls: div by 0 in subprog" triggers a panic at the ld.bu instruction. The ld.bu instruction attempts to load a byte from the memory address returned ...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mptcp: fixed the “scheduling while atomic” issue in mptcppmnl.AppendNewLocalAddr. If multiple connection requests attempt to create an implicit mptcp endpoint simultaneously, more than one caller may end up using...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: core: flush gadget workqueue after device removal The devicedel function can cause new work to be scheduled in the gadget-workqueue. This issue is observed, for example, with the dwc3 driver, as follows: c devicedel...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: dm-bufio: Do not schedule in atomic context A bug was reported as follows when CONFIGDEBUGATOMICSLEEP and tryverifyintasklet are enabled. 129.444685 T934 BUG: Sleeping function called from invalid context at...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: HSI: ssiprotocol: Fixed a use-after-free vulnerability in the ssiProtocol Driver due to race conditions. In the ssiProtocolprobe function, &ssi-work is bound to ssipxmitwork. In ssippnsetup, the ssippnxmit function within the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: Unnecessary driverlock has been removed from the setboost function. setboost is a function call per policy; therefore, a driver-wide lock is unnecessary. Additionally, this mutexacquire operation may conflict...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: bnep: fixed wild-memory-access in protounregister The issues are as follows: KASAN: possible wild-memory-access within the range 0xdead...108-0xdead...10f CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: G W RIP:...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: BPF: Using rawspinlockt in ringbuf. The function bpfringbufreserve is invoked from a tracepoint, which disables preemption. Using spinlockt in this context can lead to a “sleep in atomic” warning in the RT variant. This issue is...

Astra Linux – Vulnerability in gst-plugins-base1.0

GStreamer is a library for constructing graphs of media-handling components. A stack-buffer overflow has been detected in the vorbishandleidentificationpacket function within gstvorbisdec.c. The position array is a stack-allocated buffer of size 64. If vd-vi.channels exceeds 64, the for loop will...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: “landlock”: Fixed the “dparent” walk. The WARNONONCE function in “collectdomainaccesses” can be triggered when trying to link a root mount point. This does not actually work in practice because this directory is already mounted,...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Bridge: mcast: Fixed a use-after-free during router port configuration. The bridge maintains a global list of ports behind which a multicast router resides. This list is consulted during forwarding to ensure that multicast packet...

Astra Linux – Vulnerability in imlib2

A vulnerability exists in the imlibfreeimageanddecache function of imlib2 v1.9.1, allowing attackers to cause a heap buffer overflow by parsing a crafted image...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: NET: caif: Fixed a use-after-free in cfusbldevicenotify. syzbot reported a use-after-free in cfusbldevicenotify 1. This causes a stack trace like below: BUG: KASAN: Use-after-free in cfusbldevicenotify+0x7c9/0x870,...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed the bug in estreesearch caused by an invalid boot loader inode. We have the following issues: kernel BUG at fs/ext4/extentsstatus.c:203! invalid opcode: 0000 1 PREEMPT SMP CPU: 1 PID: 945 Comm: cat Not tainted...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: dmaengine: nbpfaxi: Fixed memory corruption in probe The nbpf-chan array is allocated earlier in the nbpfprobe function, and it contains “numchannels” elements. These three loops iterate one element further than they should,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn’t valid Skip the WRMSR and HLT fastpaths in SVM’s VM-Exit handler if the next RIP isn’t valid, for example, because KVM is running with nrips=false. SVM must decode and...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/handshake: The destructor was restored after a submission failure. The handshakereqsubmit function replaces sk-skdestruct, but never restores it when the submission fails before the request is hashed. As a result,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: block: fixed a memory leak in blkdevissuezeropages. The check for the fatal signal was moved before the bioalloc function, to prevent a memory leak when BLKDEVZEROKILLABLE is set and a fatal signal is pending. Previously, the bio...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: The cleanup of neighbor information has been moved to the profile cleanuptx callback. For IP tunnel encapsulation in ECMP Equal-Cost Multipath mode, since the flow is duplicated to the peer eswitch, the related neighbo...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Prevents handling of any completions after the destruction of a QP Queue Pair. The hardware may generate completions indicating that the QP has been destroyed. The driver should not schedule any completion handlers f...