Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ubifswbufwritenolock: A read out-of-bounds issue exists in this function. This issue occurs when ubifswbufwritenolock attempts to access memory beyond the allocated bounds of the buffer buf. Here’s an example of how this issue...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: ymfpci: Fixed the BUGON in the probe function. The snddmabuffer.bytes field now contains the aligned size, which this sndBUGON did not account for, resulting in the following issue: 9.625915 ------------ Cut here ----------...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: “hungtask”: fixed warnings caused by unaligned lock pointers. The blocker tracking mechanism assumes that lock pointers are at least 4-byte aligned so that their lower bits can be used for type encoding. However, as reported by...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In the bpf and arm64 architectures, there is a vulnerability where forced 8-byte alignment of the JIT buffer is required to prevent atomic tearing. The struct bpfplt structure contains a u64 target field. Currently, the BPF JIT...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Added validation for the ringlen parameter. The ringlen parameter provided by the virtual function VF is assigned directly to the hardware memory context HMC without any validation. To address this issue, a upper boundar...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix helper functions that write to read-only maps Lonial identified an issue where, even when the BPF map on both the user and BPF sides is frozen like in the case of .rodata, it was still possible to write into it from the...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: riscv/purgatory – align riscvkernelentry. When alignment handling is delegated to the kernel, everything must be word-aligned in purgatory, since the trap handler is then set to the kexec one. Without proper alignment, encounteri...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: Block: A check was added to ensure that the partition size must be aligned with the block size. Before calling the add partition or resize partition functions, there was no check to verify whether the partition size was aligned...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Netwerk: wwan: t7xx: Split 64-bit accesses to fix alignment issues Some registers are aligned at a 32-bit boundary, causing alignment errors on 64-bit platforms. It is not possible to handle kernel paging requests at the virtu...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Fixed a crash that occurred when setting the number of CPU cores to an odd number. When the number of CPU cores is adjusted to 7 or other odd numbers, the size of the zones becomes an odd number. The addresses of the...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: kmsan: fixed an issue where out-of-bounds access to shadow memory occurred. Running sha224kunit on a KMSAN-enabled kernel results in a crash in kmsaninternalsetshadoworigin: BUG: Unable to handle a page fault for the address:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/xe: Fixed a potential integer overflow in the page size calculation. Explicitly cast tbo-pagealignment to u64 before shifting bits to prevent overflow when assigning to minpagesize...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host – Added an alignment check for the event ring read pointer. Although we check the event ring read pointer using “isvalidringptr” to ensure it is within the buffer range, there is another risk that the pointer might...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Fixed an out-of-bounds write issue in smb2getea when performing EA alignment. smb2getea applies a 4-byte alignment padding using memset after writing each EA entry. The bounds check on buffreelen is performed before the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iommufd: Prevents ALIGN overflow. When allocating IOVA, the candidate range is aligned to the target alignment. If the range is close to ULONGMAX, the ALIGN function may cause a wrap, resulting in a corrupted iova structure...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: kvaserusb: leaf: Fix potential infinite loop in command parsers The functions kvaserusbleafwaitcmd and kvaserusbleafreadbulkcallback contain logic for handling zero-length commands. These commands are used to align data with the...

Astra Linux - уязвимость в openimageio

There are multiple memory corruption vulnerabilities in the IFFOutput alignment padding functionality of the OpenImageIO Project, specifically in OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger...

Astra Linux - уязвимость в rustc

crossbeam-utils provides atomic operations, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. Prior to version 0.8.7, crossbeam-utils incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: compress: does not allow unaligned truncation on released compress inode An F2FS image may become corrupted after performing the following test cases: - mkfs.f2fs -O extraattr,compression -f /dev/vdb - mount /dev/vdb...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Buffer size aligned upwards. The hardware can support any image size WxH, with arbitrary W image width and H image height dimensions. The buffer size is aligned upwards for both the encoder and the decoder. This...