Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: The function neighnotify can be called without RTNL or RCU protection. Using RCU protection is recommended to avoid potential Universal Atomic Faults UAF...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: hrtimers: Timers queued after CPUHPAPHRTIMERSDYING must be migrated away from the dying CPU to any online target. This is done to avoid delaying bandwidth timer handling tasks related to CPU hotplug progress. However, wakesup...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The use-of-memory issue was fixed by using callrcu for oplockinfo. Currently, ksmbd frees oplockinfo immediately using kfree. However, oplockinfo is still accessible during critical sections of the RCU read-side, such as i...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe sensitive data in case of failure. Also, wipe sensitive data from the stack if the copytouser function fails...

Astra Linux - уязвимость в ntp

In the file libntp/mstolfp.c, within the NTP version 4.2.8p15, there is a buffer overflow vulnerability when copying the trailing number. An attacker may be able to exploit this vulnerability against a client’s NTPQ process, but they cannot exploit it against ntpd...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: drm: Prevent drmcopyfield from attempting to copy a NULL pointer. There are some fields in the struct drmdriver structure that are required by drivers. Since drmcopyfield attempts to copy these fields to user-space via...

Astra Linux - уязвимость в libsdl2

SDL Simple DirectMediaLayer from version 2.0.12 has an integer overflow issue, which leads to heap corruption when using SDLBlitCopy in the video/SDLblitcopy.c file, due to a specially crafted .BMP file...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: fixed reference count leaks in nfs42proccopynotify. You rarely receive emails from [email protected]. Learn why this is important at http://aka.ms/LearnAboutSenderIdentification. The reference counting issue occurs i...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fsdax: Force the dirty mark to be cleared if CoW is used XFS allows CoW on non-shared extents to combat fragmentation1. The old non-shared extent can be rewritten before use; its dax entry is marked as “dirty”. This results in a...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: avoided possible crashes when edev-pdev changes. If a PCI device is removed during eehpereportedev, edev-pdev will change, which may cause a crash. It is recommended to hold the PCI rescan/remove lock while taking a...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: wl1251: A potential buffer overflow issue in wl1251cmdscan has been fixed. The function wl1251cmdscan calls memcpy without checking the length of the destination buffer. This vulnerability has been addressed by ensuring that the...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Fixed the BUGON in mmapPROTWRITE, MAPPRIVATE. A lack of check for copy-on-write COW mapping in drmgemshmemmmap allows users to call mmap with PROTWRITE and MAPPRIVATE flags, causing a kernel panic due to BUGON i...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Fixed the possibility of accessing a freed kirqfd instance. Nothing prevents simultaneous ioctl calls to privcmdirqfdassign and privcmdirqfddeassign. If this occurs, it is possible that a kirqfd created and added to...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: ti: icssg-prueth: Fix missing data copying and incorrect recycling in ZC RX dispatch. emacdispatchskbzc allocates a new skb using napiallocskb, but never copies the packet data from the XDP buffer into it. The skb is pass...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: net/packet: fixed a slab-out-of-bounds access in packetrecvmsg syzbot found that when an AFPACKET socket uses PACKETCOPYTHRESH and mmap operations, tpacketrcv queues skbs with garbage in skb-cb, causing an excessive copy...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: virt/coco/sev-guest: Double-buffer messages The encryption algorithms read from and write to shared, unencrypted memory directly. This may lead to the leakage of information, as well as allowing the host to tamper with the...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: Timer – Setting a lower limit for the start tick time Currently, the ALSA timer does not have a lower limit for the start tick time. It allows a very small size, for example, 1 tick with a resolution of 1 nanosecond for the...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: nfc: llcp: fixed unsafe copies in nfcllcpsetsockopt syzbot reported unsafe calls to copyfromsockptr 1 Use copysafefromsockptr instead. 1 BUG: KASAN: out-of-bounds access in copyfromsockptroffset include/linux/sockptr.h:49 inli...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: x86/mm: Fixed the alignment assumption in pticlonepgtable. Guenter reported problematic crashes in an i386-nosmp build using GCC-11. These crashes occurred as endless traps until the entry stack was exhausted, followed by a DF...

Astra Linux - уязвимость в ffmpeg5

The Ffmpeg v.N113007-g8d24a28d06 contains a buffer overflow vulnerability that allows a local attacker to execute arbitrary code through libavutil/imgutils.c:353:9 in the imagecopyplane function...