Astra Linux - уязвимость в python2.7, python3.11, python3.7

When constructing nested elements using XMLDom.minidom methods like appendChild, which rely on clearidcache, the algorithm has a quadratic complexity. This can affect the availability of documents when they are constructed with excessively nested structures...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: bcache: Fixup btreecachewait list damage We encountered a kernel crash due to “listadd corruption”. next-prev should be prev 0xffff9c801bc01210, but it was actually fff9c77b688237c. The correct value is next=ffffae586d8afe68...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: regmap: maple: Fixed cache corruption in regcachemaple Drop. When retaining the upper bound of a cache block entry, the entry array must be indexed by the offset from the base register of the block, i.e., max - mas.index. The...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: cifs: A use-after-free bug has been fixed in refreshcacheworker. The UAF bug occurred because we were putting DFS root sessions in cifsumount while the DFS cache refresher was executing. We now ensure that DFS root sessions ha...

Astra Linux - уязвимость в apache2

A properly crafted method sent via HTTP/2 will bypass validation and be forwarded by modproxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server versions 2.4.17 to 2.4.48...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iouring/rw: Potential allocated iovec in the cache may be freed after a failure. If a read/write request passes through ioreqrwcleanup, and an allocated iovec is attached to the request but fails to be placed into the rwcache, it...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: clk: rs9: Fix for suspend/resume behavior. Disabling the cache in commit 2ff4ba9e3702 “clk: rs9: Fix for I2C accessors” without removing cache synchronization in the resume path results in a kernel panic, as map-cacheops is unset...

Astra Linux - уязвимость в pgpool2

In Pgpool-II, there is a risk of exposing sensitive information due to incompatible policy issues. If a database user accesses the query cache, unauthorized table data may be retrieved for that user...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix missing folio cleanup in writeback race path In zswapwritebackentry, after obtaining a folio from readswapcacheasync, we reacquire the tree lock to ensure that the swap entry was not invalidated or recycled. If it...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: KVM: Reject attempts to consume or refresh inactive gfntopfncache. Reject calls to kvmgpccheck and kvmgpcrefresh if the cache is inactive. Not checking the active flag during refresh is particularly problematic, as KVM may end...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Fixed the incorrect assignment of a signed error value to unsigned fwlevel. Although the acpifindlastcachelevel function always returns a signed value, and the documentation states that it will return any errors...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ubi: fastmap: Fix duplicate slab cache names during attachment Since commit 4c39529663b9 “slab: Warns about duplicate cache names when DEBUGVM=y”, duplicate slab cache names can be detected, and a kernel warning is issued. In the...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ACPICA: fixed the ACPI operand cache leak in dswstate.c ACPICA commit: 987a3b5cf7175916e2a4b6ea5b8e70f830dfe732 I discovered a ACPI cache leak in cases where ACPI early termination occurs and the boot process continues. When...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: fixed the erefcnt leak in mbcacheentry in ext4xattrblockcachefind Syzbot reports a warning as follows: ============================================ WARNING: CPU: 0 PID: 5075 at fs/mbcache.c:419 mbcachedestroy+0x224/0x290...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Clearing the extent cache after moving/defragmenting extents The extent map cache can become stale when extents are moved or defragmented, causing subsequent operations to see outdated extent flags. This triggers a BUGON i...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ARM: fixed the cacheflush issue with PAN. It appears that the cacheflush syscall became corrupted when the LPAE PAN mechanism was implemented. User access was not enabled during the cache maintenance process, which caused the iss...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: msm8998: Fixed the latency and residency issues during CPU/L2 idle states. The entry/exit latency and minimum residency in the idle states of the MSM8998 device were problematic. Firstly, the timings were set fo...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: dm cache: Prevent a BUG by blocking retries on devices where a failed resume operation occurred. A cache device that fails to resume due to mapping errors should not be retried, as the failure leaves a partially initialized polic...

Astra Linux - уязвимость в squid

Squid is a caching proxy for the Web. Due to a bug related to expired pointer references, Squid versions prior to 6.6 were vulnerable to a Denial of Service attack targeting error responses from the Cache Manager. This vulnerability allowed a trusted client to cause a Denial of Service attack by...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: dm cache: fix potential out-of-bounds access on the first resume Out-of-bounds access occurs if the fast device is expanded unexpectedly before the first-time resume of the cache table. This happens because expanding the fast...