Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: Reverted “scsi: qla2xxx: Perform lockless command completion in abort path”. This revertment is associated with the commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The committed code added code to qla2x00abortallcmds to ca...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: dm: fixed a NULL pointer race issue when completing IO operations. The dmiodecpending function calls endioacct first, and then decreases the number of pending DMA operations. However, if a task swaps the DM table at the same...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: A use-after-free issue was addressed for aborted SSP/STP SAS tasks. Currently, a use-after-free may occur if a SAS task is aborted by the upper layer before we handle the I/O completion in mpisspcompletion or...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/manaib: A boundary check was added before installing cq callbacks. A boundary check has been added inside manaibinstallcqcb to prevent index overflow...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock During stress I/O tests with 500+ vports, hard LOCKUP call traces are observed. CPU A: nativequeuedspinlockslowpath+0x192 rawspinlockirqsave+0x32 lpfchandlefcperr+0x4...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Complete command early within lock A crash was observed while performing NPIV and FW reset. BUG: Kernel NULL pointer dereference, address: 000000000000001c PF: Supervisor read access in kernel mode PF:...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Ensure that the job pointer is set to NULL after the job completes. After a job is completed, the corresponding pointer in the device must be set to NULL. Failure to do this will trigger a warning when unloading the...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: Fixed race conditions related to access to midibuf. There can be concurrent accesses to line6’s midibuf from both the URB completion callback and the rawmidi API. This could trigger a KMSAN warning triggered by...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy-enablecompletion only when we wait for it. The pm8001phycontrol function populates the enablecompletion pointer with a stack address, sends a PHYLINKRESET/PHYHARDRESET, waits for 300 milliseconds, and then...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: The WARNONONCE call has been removed from ufshcduiccmdcompl. The UIC completion interrupt may be disabled while a UIC command is being processed. When the UIC completion interrupt is re-enabled, a UIC interrupt i...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Fixed race between aiocancel and AIO request complete FFS-based applications can utilize the aiocancel callback to dequeue pending USB requests submitted to the UDC. There is a scenario where the FFS application...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: erofs: Add GFPNOIO to the bio completion if necessary. The bio completion path in the process context e.g., dm-verity will directly call into decompression instead of triggering another workqueue context for minimal scheduling...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nvmet: pci-epf: Do not complete commands twice if nvmetreqinit fails The issue arises when nvmetreqinit calls nvmetreqcomplete internally in case of failures, such as when an unsupported opcode is encountered. This triggers the...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Soundwire: Fixing enumeration completion The Soundwire subsystem uses two completion structures that allow drivers to wait for the Soundwire device to be enumerated on the bus and initialized by their respective drivers. The code...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ath11k: Fixed the issue where the skb was not dropped when an htctxcompletion error occurred. When an htctxcompletion error occurs, the skb is not discarded. This is incorrect because the completionhandler logic expects the sk...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Do not double-complete the bio on errors during compressed reads. I encountered some strange panics while fixing the error handling in btrfslookupbiosums. It turns out that the compression process will complete the bio we...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: iouring/zctx: Check chained notification contexts. Send zc only when there are links available for requests coming from the same context. There are some ambiguous reports related to syz, so let’s examine the assumption regardi...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Input: iforce – wait to complete the command after clearing the IFORCEXMITRUNNING flag. syzbot reports a hung task at inputunregisterdevice, with iforceclose waiting in waiteventinterruptible, while dev-mutex is held. This is...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix NULL pointer access Resources should only be released after all threads that utilize them have been destroyed. This commit ensures that resources are not released prematurely by waiting for the associated...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: nfs: fixed UAF in direct writes In production, we have been encountering the following warnings consistently: ------------ cut here ------------ refcountt: underflow; use-after-free. WARNING: CPU: 17 PID: 1800359 at...