Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: riscv: Flush the current CPU’s ICache before flushing other CPUs. On SiFive Unmatched, I recently encountered the following bug during bootup: 0.000000 ftrace: allocating 36610 entries in 144 pages 0.000000 Oops – illegal...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ubifs: A fix was made to increment the reference count of a page once it is set as private. The MM structure defines a rule 1 very clearly: once a page is marked with the PGprivate flag, the reference count of that page should be...

Astra Linux - уязвимость в samba

A flaw was discovered in Samba. The Samba smbd file server must map Windows group identities SIDs to Unix group IDs gids. The code responsible for this mapping contained a flaw that could allow it to read data beyond the end of the array, in the event that a negative cache entry was added to the...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: btrfs: Do not drop the extentmap for the inode of free space during a write error. While running the CI for an unrelated change, I encountered the following panic: with generic/648 on btrfsholesspacecache. The assertion failed:...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: netfs, fscache: This issue prevents Oops exceptions in fscacheputcache. This function dereferences the “cache” object, and then checks whether it is ISERRORNULL. It checks first, and then derefserences the object...

Astra Linux - уязвимость в webkit2gtk

The issue was resolved through improved handling of caches. This issue has been fixed in Safari 26, iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, and watchOS 26. It is possible for a website to access sensor information without user consent...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cifs: A memory leak was fixed when using fscache. If the condition “index == nextcached” is encountered, a reference count of the struct page is leaked. This issue is resolved by using readaheadfolio, which handles the reference...

Astra Linux - уязвимость в python2.7, python3.11, python3.7

When constructing nested elements using XMLDom.minidom methods like appendChild, which rely on clearidcache, the algorithm has a quadratic complexity. This can affect the availability of documents when they are constructed with excessively nested structures...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: bcache: Fixup btreecachewait list damage We encountered a kernel crash due to “listadd corruption”. next-prev should be prev 0xffff9c801bc01210, but it was actually fff9c77b688237c. The correct value is next=ffffae586d8afe68...

Astra Linux - уязвимость в apache2

A properly crafted method sent via HTTP/2 will bypass validation and be forwarded by modproxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server versions 2.4.17 to 2.4.48...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: regmap: maple: Fixed cache corruption in regcachemaple Drop. When retaining the upper bound of a cache block entry, the entry array must be indexed by the offset from the base register of the block, i.e., max - mas.index. The...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mm/slabcommon: The corruption of the slabcaches list after kmemcacheDestroy has been fixed. After the commit in “Fixes”, if a module that creates a slab cache does not release all of its allocated objects before destroying the...

Astra Linux - уязвимость в glibc

The Name Service Cache Daemon’s nscd netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: removed BUGON functions in addnewfreespace In addnewfreespace, there are BUGON functions that are used to handle any failures in adding free space to the in-memory free space cache. Such failures are mostly due to ENOME...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: The uncached inode fails to enter the group. Syzbot has reported the following BUG: Kernel BUG at fs/ocfs2/uptodate.c:509! … Call Trace: ? diebody+0x5f/0xb0 ? die+0x9e/0xc0 ? dotrap+0x15a/0x3a0 ?...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm, slub: fixed a potential memory leak in kmemcacheopen. In the error path, the randomseq of the slub cache might be leaked. This issue was fixed by using kmemcacherelease to release all relevant resources...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

A transient execution vulnerability in some AMD processors may allow an attacker to extract data from the L1D cache, potentially leading to the leakage of sensitive information across privileged boundaries...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: atm: Fix NULL pointer dereference When MPOAcacheimposrcvd receives the msg, it can trigger the Null Pointer Dereference Vulnerability if both entry and holdingtime are NULL. Because there is only for the situation where entry is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: cifs: A use-after-free bug has been fixed in refreshcacheworker. The UAF bug occurred because we were putting DFS root sessions in cifsumount while the DFS cache refresher was executing. We now ensure that DFS root sessions ha...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In the net, neigh module, do not trigger immediate probes on NUDFAILED from neighmanagedwork. The syzkaller was able to trigger a deadlock for NTFMANAGED entries: - kworker/0:16/14617 is trying to acquire a lock: -...