Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: s390/dasd: fixed error checks in dasdcopypairstore In dasdaddbusid, an error can be returned via ERRPTR if an allocation fails. However, two calls within dasdcopypairstore do not check the result, potentially leading to a NULL...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed a race condition when detecting delalloc ranges during fiemap For fiemap, we recently stopped locking the target extent range for the entire duration of the fiemap call, in order to avoid a deadlock in scenarios wher...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fixed a use-after-free issue on the source server during inter-server copying. The use-after-free occurred when the laundromat attempted to free an expired cpntfstate entry from the s2scpstateids list after inter-server...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/riocm.c: prevented possible heap overwriting. In riocmcdevioctlRIOCMCHANSEND → cmchanmsgsend → riocmchsend, cmchanmsgsend checks that the user space did not send too much data. However, riocmchsend failed to check...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: wifi: rtw88: use a work to update the rate to avoid RCU warnings. The ieee80211ops::starcupdate function must be atomic, because ieee80211chanbwchange holds a rcuread lock while calling drvstarcupdate. Therefore, a work must b...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: x86/iopl: Fixed inconsistencies in TIFIOBITMAP The function iobitmapexit is called from exitthread, when a task exists or when a fork fails. In the latter case, exitthread cleans up resources that were allocated during fork...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - add param check for DH Reject requests with a source buffer that is bigger than the size of the key. This is to prevent a possible integer underflow that might happen when copying the source scatterlist into a linea...

Astra Linux - уязвимость в advancecomp

It was discovered that Advancecomp v2.3 contains a heap buffer overflow issue due to the interceptormemcpy component at /sanitizercommon/sanitizercommoninterceptors.inc...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: KVM: x86: Acquiring kvm-srcu when handling KVMSETVCPUEVENTS Acquire kvm-srcu when processing KVMSETVCPUEVENTS. When KVM sets the SMM mode, it forcibly leaves the nested VMX/SVM state. Leaving such a state also causes nested VM...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: libfs: Fix for getstasheddentry. getstasheddentry attempts to retrieve a stashed dentry from a provided location in an optimistic manner. It needs to ensure that it holds a rcu lock before dereferencing the stashed location, to...

Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: seccomp: Move copyseccomp to a non-failure path. Our syzbot instance reported memory leaks in doseccomp 0, similar to the reports 1. This indicates that we fail to free the struct seccompfilter and some objects included within it...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Added missing lock protection when polling. Added missing lock protection in the poll routine when iterating the xarray. Otherwise, even with the RCU read lock held, only the slot of the radix tree is guaranteed to be...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: Fixed the handling of VMPAT when fork fails in copypagerange. If trackpfncopy fails, we have already added the dst VMA to the maple tree. When fork fails, we will clean up the maple tree, and encounter the dst VMA for...

Astra Linux - уязвимость в firefox

Due to insufficient escaping of special characters in the “copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user’s system. This vulnerability was fixed in Firefox 138 and Thunderbird 138...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: vhost: vringh: Modified the return value check. The return value of copyfromiter and copytoiter cannot be negative; it is necessary to check whether the copied lengths are equal...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: added a missing boundary check in vmaccess A missing bounds check in vmaccess can lead to an out-of-bounds read or write in the adjacent memory area. This occurs because the len attribute is not validated before the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: iommu: Two issues were fixed in iommucopystructfromuser. During the review of the iommucopystructtouser helper function, Matt pointed out that a NULL pointer should be rejected before dereferencing it:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ublk: Clean up user copy references on the ublk server exit If an ublk server process releases an ublk character device file, any requests sent to the ublk server but not yet completed will retain a reference value of...

Astra Linux - уязвимость в libssh

A malicious SCP server can send unexpected commands that may cause the client application to override local files outside of the working directory. This could be exploited to create malicious executable or configuration files, causing the user to execute them with specific consequences. This is t...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ipv4: route: Prevent rtbindexception from rebinding stale fnhe The packet transmission path of the sit driver calls sittunnelxmit - updateorcreatefnhe. This leads to fnheremoveoldest being called to delete entries that exceed...