Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: media: vidtv: Terminating the subsequent process due to initialization failure. syzbot reported a slab-use-after-free error in vidtvmuxinit. After PSI initialization fails, the si member is accessed again, resulting in this...

Astra Linux - уязвимость в grub2

A flaw was discovered in grub2. When performing a symlink lookup from a romfs filesystem, grub’s romfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size. However, it improperly checks for integer overflows. A maliciously crafted...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: btrfs: Do not allow relocation of partially dropped subvolumes BUG There is an internal report that a balance-related transaction abort occurred, with the following call trace: item 85 key 594509824 169 0 itemoff 12599 itemsize 3...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfrejectipv6: fix nfrejectip6tcphdrput syzbot reported that nfrejectip6tcphdrput was possibly sending garbage on the four reserved tcp bits th-res1 Use skbputzero to clear the whole TCP header, as done in...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: usb: smsc75xx: Fixed access to uninitvalue in smsc75xxreadreg syzbot reported the following issues with access to uninitvalue: ===================================================== BUG: KMSAN: uninitvalue in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: riscv: The issue with the handling of SRSPIE set/clear operations during uprobe has been fixed. In riscv, the process of uprobe involves clearing the SPIE before executing the original instruction, and setting the SPIE after...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: skbuff: skbSegment, Call zero-copy functions before using skbuff fragments The commit bf5c25d60861 added the call to zero-copy functions in skbSegment. This change introduced a bug in skbSegment, as skborphanfrags may potentially...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: “fs/ntfs3: Replace inodetrylock with inodelock” This change is reflected in commit 69505fe98f198ee813898cbcaf6770949636430b. Initially, the conditional lock acquisition was removed to fix a bug in xfstest that was observed during...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imondisconnect Syzbot reports a KASAN issue as follows: BUG: KASAN: use-after-free in createpipe, include/linux/usb.h:1945 inline BUG: KASAN: use-after-free in sendpacket+0xa2d/0xbc0,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: soundwire: Reverted “soundwire: qcom: Add setchannelmap API support”. This reversion is associated with commit 7796c97df6b1b2206681a07f3c80f6023a6593d5. This patch caused issues with Dragonboard 845c sdm845. The issues include...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed scheduling issues during atomic decompression operations 16.945668 C0 Call trace: 16.945678 C0 dumpbacktrace+0x110/0x204 16.945706 C0 dumpstacklvl+0x84/0xbc 16.945735 C0 schedulebug+0xb8/0x1ac 16.945756 C0...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nvkm: correctly calculate the available space of the GSP cmdq buffer r535gspcmdqpush waits for the available page in the GSP cmdq buffer when handling a large RPC request. When it sees at least one available page in the cmdq, it...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Exits after a state insertion failure at btrfsconvertextentbit If the insertstate function fails, it returns an error pointer. We then call extentiotreepanic, which will trigger a BUG call. However, if CONFIGBUG is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: An error occurred in usbsubmiturb, causing the URB to be unanchored before it is processed by gsusbreceivebulkcallback. In commit 7352e1d5932a “can: gsusb: gsusbreceivebulkcallback: fix URB...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: pinctrl: qcom: msm: Certain pins are marked as invalid for interrupts. On some platforms, the UFS-reset pin has no interrupt logic in TLMM, but it is still registered as a GPIO in the kernel. This allows the user space to trigger...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Ring Buffer: Do not swap the cpubuffer during the resize process When the ringbufferswapcpu function is called during the resize process, the cpubuffer is swapped in the middle, resulting in an incorrect state. Continuing to run ...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ALSA: hda: Fixed an error related to surround channel names in version 9.1. The getlineoutpfx function may trigger an error due to overflowing a static array with more than 8 channels. This issue was reported on MacBookPro 12....

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Protection against accessing NULL pt regs in bpfgettaskstack The taskptregs function can return NULL on the powerpc architecture for kernel threads. This NULL value is then used in bpfgetstack to check for the user mode...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a bug in extent parsing when ehentries == 0 and ehdepth 0. When traversing inode extents, the ext4extbinsearchidx function assumes that the extent header has been validated previously. However, there are no checks ...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: cifs: fixed an oops during encryption When running xfstests against Azure, the following oops occurred on an arm64 system: Unable to handle kernel writes to read-only memory at virtual address ffff0001221cf000 Mem abort info:...