Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: core: Reject skbcopyexpand for fraglist GSO skbs. The values of SKBGSOFRAGLIST skbs must not be linearized; otherwise, they become invalid. Return NULL if such an skb is passed to skbcopy or skbcopyexpand, in order to preven...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netdevsim: A trailing zero was added to terminate the string in nsimnexthopbucketactivitywrite. This issue was identified by a static analyzer. We should not forget the trailing zero after copyfromuser if we will perform further...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Block layer: Fixed a warning in copyfromiter. Syzkaller reported a warning in copyfromiter because an ioviter was supposedly used in the wrong direction. The reason is that Syzkaller managed to generate a request with a transfer...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: - Fixed bitmap corruption when using CLOSERANGEUNSHARE with closerange. - The function copyfdbitmapsnew, old, count is expected to copy the first count/BITSPERLONG bits from old-fullfdsbits and fill the rest with zeros. It...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Fixed the cleanup flow for mlx5eprivinit. When mlx5eprivinit fails, the cleanup flow calls mlx5eselqcleanup, which in turn calls mlx5eselqapply. This ensures that priv-statelock is held using lockdepisheld. The...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Binder: Fixed a UAF in bindersnetlinkreport. Oneway transactions sent to frozen targets via bindersproctransaction return an BRTRANSACTIONPENDINGFROZEN error, but they are still treated as successful since the target is expected ...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: rcu: Safe dumping of vmalloc memory information Currently, for the double invoke callrcu, the memory information of rcuhead objects will be dumped. If these objects are not allocated using the slab allocator, the vmallocdumpob...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: Fixed a memory leak in XDPDROP for the non-zero-copy mode. Page recycling was removed from the XDPDROP path in emacrunxdp to avoid conflicts with the AFXDP zero-copy mode, which uses xskbufffree instead...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: fixed possible store tearing in neihperiodicwork. While reviewing a related syzbot report involving neihperiodicwork, I found that I forgot to add an annotation when deleting an RCU-protected item from a list. Readers use...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential AB/BA lock with buffermutex and mmaplock syzbot detected a potential deadlock between the runtime-buffermutex and the mm-mmaplock. This issue arose due to the recent fix related to racy read/writes and...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/i915/ttm: fixed handling of CCS Crucible + recent Mesa sometimes causes the following issue: GEMBUGONnumccsblks NUMCCSBLKSPERXFER It seems that this issue can also be triggered with gemlmemswapping, if we modify the tests ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: virtio-net: fixed an overflow issue within virtnetrqalloc. When a fragment receives a single page, it may lead to regressions in the virtual machine. This issue is particularly significant if the sysctl...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu – fixed a buffer overflow issue in the hwdep read function for DSP events. The DSP event handling code in hwdepread could write more bytes into the user buffer than requested, especially when the user provided...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In the ice module, the value of fragsize in the XDP RxQ information has been updated from the DMA write length to xdp.framesz. The only user of the fragsize field in the XDP RxQ information is bpfxdpfragsincreasetail. This functi...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net/hsr: A NULL pointer dereference was fixed in prpgetuntaggedframe. prpgetuntaggedframe calls pskbcopy to create frame-skbstd, but does not check whether the allocation fails. If pskbcopy returns NULL, skbclone is called with a...

Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ovl: Fixed a UAF Use-After-Free issue in ovldentryupdatereval by moving the dput function within ovllinkup. The issue was caused by dputupper being called before ovldentryupdatereval, while upper-dflags was still accessed in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm: Do not attempt to NUMA-migrate COW pages that have other uses. Oded Gabbay reported that enabling NUMA balancing causes corruption in his Gaudi accelerator test. He described the situation as follows: “All the details are in...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdkfd: Fixed the lock dependency warning with srcu ====================================================== WARNING: A circular locking dependency was detected. 6.5.0-kfd-yangp 2289 Not tainted...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fixed potential use of resources after the free operation in otx2tcaddflow. This code calls kfreercunewnode, rcu, then dereferences newnode, and then derefs it again in the next line. After two lines, a mutex is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: raw: Fixed NULL dereference in rawgetnext. Da R. Jeong reported a NULL dereference in rawgetnext. It seems that the repro was running these sequences in parallel, causing one thread to iterate on a socket that was being freed ...