Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: - Block: Fixed integer overflow in BLKSECDISCARD. - I independently rediscovered this issue by making the commit: 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155. - Block: Fixed overflow in blkioctldiscard. However, there’s still a...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: block: fixed an overflow in blkioctldiscard. There is no check for an overflow of ‘start + len’ in blkioctldiscard. A hanging task may occur if a discard ioctl is submitted with the following parameters: start = 0x80000000000ff00...

Incorrect Output of Incremental Portable SHAKE API

The incremental squeeze functions in the portable SHAKE XOF API, when attempting to squeeze more than RATE 168 for SHAKE128, 136 for SHAKE256 bytes, performed an additional permutation of the state before producing the first output block, thus discarding the first block of RATE bytes of valid XOF...

EUVD-2022-55699

In the Linux kernel, the following vulnerability has been resolved: md/raid0, raid10: Don't set discard sectors for request queue It should use diskstacklimits to get a proper maxdiscardsectors rather than setting a value by stack drivers. And there is a bug. If all member disks are rotational...

block: fix integer overflow in BLKSECDISCARD

...

DEBIAN-CVE-2024-49994

In the Linux kernel, the following vulnerability has been resolved: block: fix integer overflow in BLKSECDISCARD I independently rediscovered commit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155 block: fix overflow in blkioctldiscard but for secure erase. Same problem: uint64t r2 = 512,...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the f2fs file system not properly handling the checking of legacy regions for discard support, which could...

kernel: block: fix overflow in blk_ioctl_discard()

In the Linux kernel, the following vulnerability has been resolved: block: fix overflow in blkioctldiscard There is no check for overflow of 'start + len' in blkioctldiscard. Hung task occurs if submit an discard ioctl with the following param: start = 0x80000000000ff000, len = 0x8000000000fff000...

SUSE CVE-2024-36917

In the Linux kernel, the following vulnerability has been resolved: block: fix overflow in blkioctldiscard There is no check for overflow of 'start + len' in blkioctldiscard. Hung task occurs if submit an discard ioctl with the following param: start = 0x80000000000ff000, len = 0x8000000000fff000...

DEBIAN-CVE-2024-36917

In the Linux kernel, the following vulnerability has been resolved: block: fix overflow in blkioctldiscard There is no check for overflow of 'start + len' in blkioctldiscard. Hung task occurs if submit an discard ioctl with the following param: start = 0x80000000000ff000, len = 0x8000000000fff000...

kernel security and bug fix update

2.6.32-358.2.1 - kernel utrace: ensure archptrace/ptracerequest can never race with SIGKILL Oleg Nesterov 912073 912074 CVE-2013-0871 2.6.32-358.1.1 - netdrv mlx4: Set number of msix vectors under SRIOV mode to firmware defaults Michal Schmidt 911663 904726 - netdrv mlx4: Fix bridged vSwitch...