Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: tls: The functions skdstget and dstdevrcu should be used in getnetdevforsock. getnetdevforsock is called during setsockopt, so it’s not under RCU control. Using skdstgetsk-dev could lead to a Use-After-Free UAF error. Instead,...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bna: Ensure that the copied buffer is terminated with NUL characters. Currently, we allocate a kernel buffer of size nbytes and copy nbytes from user space to that buffer. Later, we use sscanf on this buffer, but we do not ensure...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fixed the buffer overflow in showrcu TasksTracegpkthread. There is a possibility of buffer overflow in showrcuTasksTracegpkthread if the counters passed to sprintf are very large. The counter values used for this...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: net/xen-netback: This issue prevents a Use-after-Free UAF condition in xenvifflushhash. During the listforeachentryrcu iteration, when calling xenvifFlushHash, kfreercu does not exist within the rcu read critical section...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: perf/dwcpcie: fixed duplicate PCIDEV devices. During the platformdeviceregister function, the incorrect use of structdevice as platformdata resulted in a kmemdup operation on the PCIDEV device. Even worse, accessing the...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fixed the crash issue for the zero copy XDPTX action. There is a crash issue when running the zero copy XDPTX action. The crash log is as follows: 216.122464 Unable to handle the kernel paging request at the virtual...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iouring/msgring: Ensure that the freeing of iokiocb is deferred to a later time, specifically to the RCU context. The syzbot report indicates that deferring or localizing the taskwork addition via msgring can potentially affect...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ppp: Fixed race conditions in pppfillforwardpath. pppfillforwardpath has two race conditions: 1. The ppp-channels list can change between listempty and listfirstentry, as ppplock is not held. If the only channel is deleted in...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: PCI/MSI: Fixed UAF in msicapabilityinit. KFENCE reported the following UAF: Bug: KFENCE: use-after-free read in pcienablemsirange+0x2c0/0x488. Use-after-free read at 0x0000000024629571 in kfence-12: pcienablemsirange+0x2c0/0x4...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: Fixed overlapping copies within dmlcoremodeprogramming REASON &modelib-mp.Watermark and &locals-Watermark are the same address. memcpy may lead to unexpected behavior. SOLUTION memmove should be used instead...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Net: Bridge: MST: Fix for vlan use-after-free The syzbot reported a suspicious RCU usage1 in the MST code of the bridge. While fixing this issue, I noticed that nothing prevents vlan data from being freed while walking the list...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: TCP: Handle the mixed use of splice/sendmsgMSGZEROCOPY cases syzbot has found that mixing calls to sendpage and sendmsgMSGZEROCOPY using the same TCP socket will once again trigger the infamous warning in inetsockdestruct. c...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ftrace: The function that reads filter files now allocates and copies the hash value required for this purpose. Currently, the functions setftracefilter and setftracenotrace simply add a pointer to the global tracer hash value in...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy for BIOS version The strlcat function with FORTIFY support triggers a panic because it assumes that the target buffer will overflow, even though the correct target buffer size is properly passed. Instead of...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed string copying in parseapplysbmountoptions. The strnlen function cannot be used to copy a non-NUL-terminated string into a NUL-terminated string of possibly larger size. Commit 0efc5990bca5 “string.h: Introduce memtos...

Astra Linux - уязвимость в linux

Shiftfs is a tree-based stacking file system included in Ubuntu Linux kernels. It did not handle faults that occurred during the copyfromuser function properly. This could lead to situations where resources were freed twice, or where no memory was actually freed at all. An attacker could exploit...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fixed the issue with rcudereferenceprotected. When destroying all sets, we are either in the pernetexit phase or executing a “destroy all sets” command from user space. The latter was taken into account in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: use rcu-safe version of ipv6getlladdr Some time ago 8965779d2c0e "ipv6,mcast: always hold idev-lock before mcalock" switched ipv6getlladdr to ipv6getlladdr, which is rcu-unsafe version. That was OK, because idev-lock...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfs: Fixed a race condition between cache write completion and the setting of ALLQUEUED. When netfslib issues subrequests, these subrequests start processing immediately and may complete before we reach the end of the issuing...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix for crashes that occur when the regular task queue is reactivated. When the regular task queue is reactivated after the XSK socket is closed, it may read stale cancellation requests cqe, which can eventually...