Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: dm-bufio: Do not schedule in atomic context A bug was reported as follows when CONFIGDEBUGATOMICSLEEP and tryverifyintasklet are enabled. 129.444685 T934 Bug: Sleeping function called from invalid context at...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mm: slub: fix flushcpuslab/freeslab invocations in task context. Commit 5a836bf6b09f "mm: slub: move flushcpuslab invocations freeslab invocations out of IRQ context" moved all flushcpuslab invocations to the global workqueue to...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: lib/buildid: Use kernelread for the sleepable context. A bug has been prevented: “BUG: Unable to handle a NULL pointer dereferencing in filemapreadfolio.” For the sleepable context, change freader to use kernelread instead of...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: removed the callcontrol in inactive contexts. If the damoncall function is executed against a DAMON context that is not running, the function returns an error while keeping the damoncallcontrol object linked to the...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Networks: Fixed a stack overflow issue when LRO is disabled for virtual interfaces. When the features of a virtual interface are updated, the updated features are synchronized with its underlying interfaces. This synchronization...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: - Misc: ocxl: fixed a possible refcount leak in afuioctl. - eventfdctxput needs to be called to update the refcount obtained through eventfdctxfdget when ocxlirqsethandler fails...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Added a call to putpid. Added a call to putpid corresponding to gettaskpid. host1xmemorycontextalloc does not take ownership of the PID; therefore, we need to free it here to avoid leaks. [email protected]: reword...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: schedext: A potential deadlock has been fixed in deferredirqworkfn. For PREEMPTRT=y kernels, deferredirqworkfn is executed in the per-cpu irqwork/ task context, and not in disable-irq. If the rq returned by containerof is the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm: Don’t spin in addstackrecord when gfp flags don’t allow. The syzbot tool was able to identify the following functions: addstackrecordtolist in mm/pageowner.c:182 inline incstackrecordcount in mm/pageowner.c:214 inline...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: smb/server: Fixed the refcount leak in parsedurablehandlecontext. When the command is a replay operation and -ENOEXEC is returned, the refcount of ksmbdfile must be released...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Ensure that lastfence is always updated. Update lastfence in the vm-bind path, rather than the kernel-managed path. lastfence is used to wait for work to complete in vmbind contexts, but not in kernel-managed contexts...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: vfio: Fixed NULL pointer dereferencing caused by uninitialized group-iommufd. group-iommufd is not initialized for the iommufdctxput function. 20018.331541 BUG: NULL pointer dereferencing in the kernel, address: 00000000000000...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: iouring/rw: Defer fsnotify calls to task context. We cannot defer these calls outside of the kiocb completion, as that might be off-soft/hard IRQ context. We should defer the calls until we process the taskwork for this reques...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: skmsg: The allocskmsg function can be called from a non-sleepable context. The skpsockverdictrecv function uses rcureadlock protection. We need the callers to pass a gfpt argument to avoid issues. The report from syzbot stated:...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Input: gpio-keys – fix a sleep while atomic with PREEMPTRT. When PREEMPTRT is enabled, the gpiokeysirqtimer callback runs in the hardirq context. However, the inputevent function takes a spinlock, which is not allowed in that...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: optee: ffa: fix sleep in atomic context The OP-TEE driver registers the function notifcallback for FF-A notifications. However, this function is called in an atomic context, leading to errors when processing asynchronous...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RISCV: Vector: Fixed the context saving/restoring with xtheadvector. Previously, only v0-v7 were correctly saved/restored, and the context of v8-v31 was corrupted. Now, v8-v31 are correctly saved/restored to avoid breaking the us...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: tegra: fix sleep in atomic call When we set the dual-role port to Host mode, we observed the following issues: - Splat: 167.057718 BUG: Sleeping function called from invalid context at include/linux/sched/mm.h:229...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm/i915: Fixed potential context UAFs. The gemcontextregister function makes the context visible to user space, and a separate thread can trigger the I915GEMCONTEXTDESTROY ioctl command. Therefore, we need to ensure that...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iouring: The incorrect reference to iokiocb in iolinkskb has been fixed. In the iolinkskb function, there is a bug where the value of prevnotif is incorrectly assigned using ‘nd’ instead of ‘prevnd’. This causes the context...