GeoVision GV-VMS 缓冲区错误漏洞

GeoVision GV-VMS is a video management system software developed by GeoVision Corporation in China. The GeoVision GV-VMS V20 20.0.2 version contains a buffer error vulnerability. This vulnerability arises from the unbounded copying of base64-encoded strings in the WebCam Server function, leading ...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: rcu-tasks: Fixed a race condition in the schedule function and the flush work operation. When booting secondary CPUs, cpusreadlock/unlock does not keep the online cpumask stable. This temporary online mask results in the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: netfs: Fixed missing xasretry calls during xarray iteration. netfslib has several places where it performs iteration of an xarray while being under the RCU read lock. It should call xasretry as the first step inside the loop,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: md: making rdevaddable usable for rcu mode Our testcase triggered a panic: BUG: Kernel NULL pointer dereferencing, address: 00000000000000e0 … Oops: 0000 1 SMP NOPTI CPU: 2 UID: 0 PID: 85 Comm: kworker/2:1 Not tainted 6.16.0+ 94...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Fixed a potential data race in nftexprtypeget. The function nftunregisterexpr can occur concurrently with nftexprtypeget. There is no protection when iterating over the nftablesexpressions list in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: Do not overflow the maximum copy size. With non-page-aligned copies, we need to use a pitch that is 4 bytes in size. However, the size of the copied data may still be close to our maximum of approximately 8M. As a...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In 64-bit versions of the Linux kernel, Copyfromuser does not implement uaccessbeginnospec, which allows a user to bypass the “accessok” check and pass a kernel pointer to copyfromuser. This would enable an attacker to leak sensitive information. We recommend upgrading beyond commit...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: NFSD: Initialize struct nfsd4copy earlier. Ensure that the refcount and asynccopies fields are initialized early. The cleanupasynccopy function will reference these fields if an error occurs in nfsd4copy. If these fields are not...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ovl: Fixed a NULL pointer dereferencing issue in the copy-up warning message. This patch addresses a NULL pointer dereferencing issue that caused a recently introduced warning message to not function properly...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ubifs: Fixed a memory leak when insertoldidx failed. The following process may cause a memory leak for the copied znode: dirtycowznode zn = copyznodec, znode; err = insertoldidxc, zbr-lnum, zbr-offs; if unlikelyerr return...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Fixed a deadlock in the tc route query code. The cited commit caused a ABBA deadlock0 when peer flows were created while holding the devcom rw semaphore. Due to the peer flow offload implementation, the lock is take...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Avoid memcpy field-spanning write warnings When the “storcli2 show” command is executed for eHBA-9600, the mpi3mr driver prints this warning message: memcpy: A field-spanning write size 128 was detected in the singl...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: dev/parport: Fixed the array out-of-bounds issue caused by sprintf. The issue was addressed by replacing sprintf with snprintf, resulting in safer data copying and ensuring that the destination buffer is not overflowed. Below ...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Networks: Bridge: MST: Fixed suspicious RCU usage in brmstsetstate. I converted brmstsetstate to RCU to avoid a vlan use-after-free, but I forgot to change the vlangroupdereferencehelper. I switched to using the...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Clear prog-jitedlen along with prog-jited syzbot reported an illegal copytouser attempt from bpfproggetinfobyfd. There has been no further reports of this bug yet, but I think that the commit 0aef499f3172 “mm/usercopy...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: habanalabs: fix possible memory leak in MMU DR fini This patch fixes what seems to be copy paste error. We will have a memory leak if the host-resident shadow is NULL which will likely happen as the DR and HR are not dependent...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Fuse: A missing copyfinish function in fuse-over-io-uring argument copies. A possible reference count leak of payload pages occurs during fuse argument copies. Joanne: Simplified error cleanup...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: copyverifierstate should copy the ‘loopentry’ field. The bpfverifierstate.loopentry field should be copied by copyverifierstate. Otherwise, the values of .loopentry from unrelated states could corrupt env-curstate...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ndisc: Extended RCU protection has been added to ndiscsendskb. The ndiscsendskb function can be called without holding RTNL or RCU. Acquire rcureadlock should be performed earlier, so that we can use devnetrcu, and potential U...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: fixed the race condition in dstnegativeadvice The dstnegativeadvice function does not enforce proper RCU rules when sk-dstcache must be cleared, which could lead to a Use-After-Free UAF exception. The proper RCU rules state...