Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Zoned: Do not flag “ZEROOUT” on non-dirty extent buffers. Btrfs clears the content of an extent buffer marked as EXTENTBUFFERZONEDZEROOUT before the bio submission. This mechanism is introduced to prevent a write hole i...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: irqchip/apple-aic: The refcount leak in buildfiqaffinity has been fixed. The offindnodebyphandle function returns a node pointer with a refcount incremented. We should use ofnodeput on it when there is no longer a need for it. Ad...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: tipc: Fixed a use-after-free issue in tipcnamedreinit. syzbot identified the following issue: BUG: KASAN: Use-after-free in tipcnamedreinit+0x94f/0x9b0 net/tipc/namedistr.c:413 A 8-byte read at address ffff88805299a000 was...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: opentreeattr: Do not allow id-mapping changes without OPENTREECLONE. As described in commit 7a54947e727b Merge patch series “fs: allow changing idmappings”, opentreeattr2 was necessary to allow for a detached mount to be created...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: vfio/fsl-mc: Blocking calls to interrupt handlers without triggering them The eventfdctx trigger pointer of the vfiofslmcirq object is initially NULL, and it may become NULL if the user sets the trigger parameter of eventfd to -1...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arpreqget. Syzkaller reported an overflow during the write operation in arpreqget. 0 When the ioctlSIOCGARP function is called, arpreqget retrieves a neighbor entry and copies neigh-ha to struct...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netfs, fscache: This issue prevents Oops exceptions in fscacheputcache. This function dereferences the “cache” object, and then checks whether it is ISERRORNULL. It checks first, and then derefserences the object...

Astra Linux – Vulnerability in libuv1

libuv is a multi-platform support library that focuses on asynchronous I/O operations. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its Windows counterpart src/win/getaddrinfo.c truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be exploited to generat...

Astra Linux – Vulnerability in Squid

Squid is a caching proxy for the web that supports HTTP, HTTPS, FTP, and other protocols. A bug related to incorrect checking of function return values makes Squid vulnerable to Denial of Service attacks targeting its helper process management. This bug has been fixed in Squid version 6.5. Users...

Astra Linux – Vulnerability in c-ares

Buffer overflow vulnerability in c-ares before 1161 through 1170, due to the aresparsesoareply function in aresparsesoareply.c...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: hwmon: ftsteutates Fixed the TOCTOU race condition in ftsread In the ftsread function, when handling hwmonpwmautochannelstemp, the code accesses the shared variable data-fansourcechannel twice without holding any locks. This chec...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: The block operation involving GFPNOIO around the sysfs-store function. The sysfs-store function is called with the queue frozen. Meanwhile, there are several -store callbacks such as updatenrrequests, wbt, scheduler that use...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fuse: The fuserelease function contains a race condition between the write2 and close2 calls. This allows pages to become dirty after the fuseFlush - writeinodenow operation. If these pages are not flushed from fuseRelease, there...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fixed an error in the unwind operation of rxecreateqp. In the function rxecreateqp, the rxeqpfrominit function is called to initialize the qp. Internally, things like the spin locks are not set up until rxeqpinitreq is...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: udc: remove warning when queue disabled ep It is possible for this issue to occur when the mass storage function tries to queue requests from the main thread. However, other threads may already disable the endpoint when the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nfp: flower: handling of actinetdevs allocation failures The kmallocarray function in nfpfllagdowork will return null if physical memory runs out. As a result, if we dereference actinetdevs, null pointer dereferencing bugs may...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/tls: Fixed the reversed sign in calls to tlserrabort. sk-skerr seems to expect a positive value. This convention is not always followed by ktls, which can lead to memory corruption in other code. For example: c kworker...

Astra Linux – Vulnerability in Qemu

The ethgetgsotype function in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process by sending packet data that lacks a valid Layer 3 protocol...

Astra Linux – Vulnerability found in libsdl1.2, libsdl2, and sdl-image1.2

In SDL Simple DirectMediaLayer, versions from 1.2.15 up to 2.x, and then from 2.0.9 onwards, there is a heap-based buffer over-read issue in the BlitNtoN function within the video/SDLblitN.c file, when it is called from the SDLSoftBlit function in the video/SDLblit.c file...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek – Fixed the omission of ofnodeput in mt2701wm8960machineprobe. This node pointer is returned by ofparsephandle, and the reference count is incremented in this function. Calling ofnodeput was performed to avoid the...