Astra Linux - уязвимость в linux-5.10

A vulnerability has been discovered in the Linux kernel. It has been rated as problematic. The affected component is the sessfreebuffer function in the fs/cifs/sess.c file of the CIFS Handler module. This vulnerability can lead to double-free operations. It is recommended that patches be applied ...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: cifs: prevent use-after-free by freeing the cfile later In smb2compoundop we have a possible use-after-free which can cause hard to debug problems later on. This was revealed during stress testing with KASAN enabled kernel. Fixin...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed the xid leak in cifscreate If the cifs function has already been shut down, we should release the xid before returning it; otherwise, the xid will be leaked...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Revert "smb: client: fix TCP timers deadlock after rmmod" This reverts commit e9f2517a3e18a54a3943c098d2226b245d488801. Commit e9f2517a3e18 "smb: client: fix TCP timers deadlock after rmmod" is intended to fix a null-ptr-deref in...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: smb3: fix lock ordering potential deadlock in cifssyncmidresult Coverity spotted that the cifssyncmidresult function could deadlock "Thread deadlock ORDERREVERSAL lockorder: Calling spinlock acquires lock TCPServerInfo.srvlock...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: cifs: fixed a potential race condition when creating a tree that connects to IPC. Protected access to TCPServerInfo::hostname when naming the IPC tree; this is because the name might be freed by the cifsd thread, potentially...

Astra Linux - уязвимость в linux-5.15, linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix oops due to uncleared server-smbdconn in reconnect In smbddestroy, clear the server-smbdconn pointer after freeing the smbdconnection struct that it points to so that reconnection doesn't get confused...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: smb: client: fixed a potential Use-after-Allocation error in cifssignalcifsdforreconnect. Skipped sessions that are being terminated status == SESEXITING to avoid UAF errors...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: smb: client: fixed the warning in cifssmb3domount This fixes the following warning reported by the kernel test robot: fs/smb/client/cifsfs.c:982 cifssmb3domount warning: possible memory leak of ‘cifssb’...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The issue of slub overflow in ksmbddecodentlmsspauthblob has been fixed. If authblob-SessionKey.Length is larger than the size of the session key CIFSKEYSIZE, slub overflow can occur in the key exchange process. The functi...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix connections leak when tlink setup failed If the tlink setup failed, lost to put the connections, then the module refcnt leak since the cifsd kthread not exit. Also leak the fscache info, and for next mount with fsc, it...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix warning and UAF when destroy the MR list If the MR allocate failed, the MR recovery work not initialized and list not cleared. Then will be warning and UAF when release the MR: WARNING: CPU: 4 PID: 824 at...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset the binding mark of a reused connection Steve French reported null pointer dereference error from sha256 lib. cifs.ko can send session setup requests on reused connection. If reused connection is used for binding...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak on the deferred close xfstests on smb21 report kmemleak as below: unreferenced object 0xffff8881767d6200 size 64: comm "xfsio", pid 1284, jiffies 4294777434 age 20.789s hex dump first 32 bytes: 80 5a d0 11 8...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: cifs: fix mid leak during reconnection after timeout threshold When the number of responses with status of STATUSIOTIMEOUT exceeds a specified threshold NUMSTATUSIOTIMEOUT, we reconnect the connection. But we do not return the mi...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: fix small mempool leak in SMB2negotiate In some cases of failure dialect mismatches in SMB2negotiate, after the request is sent, the checks would return -EIO when they should be rather setting rc = -EIO and jumping to negex...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: cifs: parsedfsreferrals: prevents out-of-bounds access on malformed inputs A malicious SMB server can send invalid responses to FSCTLDFSGETREFERRALS. - The response may be smaller than sizeofstruct getdfsreferralrsp. - The number...

Astra Linux - уязвимость в linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parseserverinterfaces In this loop, we step through the buffer and after each item we check if the sizeleft is greater than the minimum size we need. However, the problem is that "bytesleft" is type ssizet...

Astra Linux - уязвимость в cifs-utils

cifs-utils from version 6.14 onwards, with verbose logging, can cause an information leak when a file contains equal sign characters but is not a valid credentials file...

Astra Linux - уязвимость в cifs-utils

In cifs-utils up to version 6.14, a stack-based buffer overflow occurs when parsing the mount.cifs ip= command-line argument. This vulnerability could allow local attackers to gain root privileges...