Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Fix scheduling while atomic The driver makes a call to the midlayer function fcremoteportdelete, which can put the thread in a sleep state. The thread that originates the call is in an interrupt context. The...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ICE: Fixed ‘scheduling while atomic’ in aux critical error interrupts There is a kernel bug related to processing aux critical error interrupts in icemiscintr: 2100.917085 BUG: Scheduling while atomic: swapper/15/0/0x00010000… …...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: tcp: tcprtxsynack can be called from process context Laurent reported the enclosed report 1 This bug triggers under the following conditions: 0 The kernel is built with CONFIGDEBUGPREEMPT=y 1 A new passive FastOpen TCP socket is...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: watchdog: rzg2lwdt: Fixed ‘BUG: Invalid wait context’ This patch fixes the issue “BUG: Invalid wait context” that occurred during restart. The issue was addressed by using clkprepareenable instead of pmruntimegetsync to enable th...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: perf/x86/amd/uncore: Fixed a memory leak related to the events array. When a CPU comes online, the per-CPU NB and LLC uncore contexts are freed, but the events array within the context structure is not freed. This causes a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fixed a deadlock in contextxa. The variable ivpudevice-contextxa is locked both in the kernel thread and in the IRQ context. This requires the XAFLAGSLOCKIRQ flag to be passed during initialization. Otherwise, the loc...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Use the correct type in nvidiasmmucontextfault This issue was overlooked due to the use of function pointers for indirection. nvidiasmmucontextfault is also defined as an irq function, and the type ‘void ’ was...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Only use reserved BCS instances for the usmmigrateexecqueue. The GuC context scheduling queue contains 2 entries. Therefore, it is possible for a migration job to get stuck behind a fault if the migrateexecqueue shares...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fixed a possible memory leak. This issue occurs in bnxtresetupchipctx, when bnxtqplibmapdbbar fails; the driver does not free the memory allocated for “rdev-chipctx”...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fixed the issue of accessing an invalid dipctx during the destruction of QP. If the system fails to modify QP to RTR, the dipctx will not be attached. Moreover, during the destruction of QP, the invalid dipctx pointer...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: corsair-void: Update power supply values using a unified work handler. The function corsairvoidprocessreceiver can be called from an interrupt context. However, locking the batterymutex in this function caused a kernel panic...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: btrfs: qgroup: Fixed a bug where sleep was performed from an invalid context in btrfsqgroupinherit. Syzkaller reported the bug as follows: Bug: A sleep function is called from an invalid context at include/linux/sched/mm.h:274 Ca...

Astra Linux – Vulnerability in libde265

It was discovered that Libde265 v1.0.11 contains a segmentation violation through the function decodercontext::processSliceSegmentHeader in decctx.cc...

Astra Linux – Vulnerability in Linux 5.15

A issue was discovered in the Linux kernel before version 6.3.4. ksmbd has a buffer overflow vulnerability in the smb2findcontextvals function, when the namelen of createcontext is larger than the length of the tag...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211: Fixed a use-after-free in the chanctx code. In ieee80211vifusereservedcontext, when there’s an old context and the replacestate of the new context is set to IEEE80211CHANCTXREPLACENONE, the old context is freed in...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: fixed a use-after-free in stateshow stateshow reads kdamond-damonctx without holding damonsysfslock. This allows for a use-after-free race condition: CPU 0 CPU 1 ----- ----- stateshow damonsysfsturndamonon ctx =...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nfsd: ensure that nfsd4fattrargs.context is zeroed out If nfsd4encodefattr4 performs a “goto out” operation before checking the security label, then args.context will be set to uninitialized garbage on the stack. We will then...

Astra Linux – Vulnerability in libxslt

In numbers.c in libxslt before version 1.1.43, there is a use-after-free issue. This occurs because, in nested XPath evaluations, an XPath context node can be modified but cannot be restored. This issue is related to the functions xsltNumberFormatGetValue, xsltEvalXPathPredicate,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: fixed a memory leak in parseapplysbmountoptions If processing the disk-mounted options fails after any memory has been allocated in the ext4FS context, such as for sqfnames, then this memory is leaked. This issue was...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: dm-bufio: fix sched in atomic context If "tryverifyintasklet" is set for dm-verity, DMBUFIOCLIENTNOSLEEP is enabled for dm-bufio. However, when bufio tries to evict buffers, there is a chance to trigger scheduling in spinlockbh,...