Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prpcreatetaggedframe The prpfillrct function may fail. In that case, it frees the skb and returns NULL. On the successful path, however, it returns the original skb. Therefore, it is straightforward...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: A memory leak was fixed in lpfccreateport. The commit 5e633302ace1 “scsi: lpfc: vmid: Added support for VMID in the mailbox command” introduced allocations for the VMID resources in lpfccreateport after the call to...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ceph: The reference to cephstring should be placed correctly after the asynccreate attempt. The reference obtained by tryprepasynccreate is currently being leaked. Ensure that we place this reference correctly...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fixed a memory leak in vkmsinit. A memory leak was reported after the vkms module installation failed. Unreferenced object 0xffff88810bc28520 size 16: Command: modprobe, PID 9662, Jiffies: 4298009455 Age: 42.590 seconds...

Astra Linux – Vulnerability in PostgresSQL 11

In the extension script, a SQL injection vulnerability was detected in PostgreSQL when the symbols @extowner@, @extschema@, or @extschema:...@ were used within quotation marks either dollar quotes, '', or other forms of quotation marks. If an administrator has installed files from a vulnerable,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/siw: Fixed a refcounting leak in siwcreateqp. The atomicinc function needs to be paired with an atomicdec function in the error handling path...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fixed memregion leaks in devmcxladdregion. The mode verification was moved to createregion, before allocating the memregion, to avoid memregion leaks...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fixed a double-free in arfscreategroups. When the memory allocated by kvzalloc fails, arfscreategroups will free ft-g and return an error. However, arfscreatetable, the only function calling arfscreategroups, will hold...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: virtiovdpa: build affinity masks conditionally We try to build affinity mask via createaffinitymasks unconditionally which may lead several issues: - the affinity mask is not used for parent without affinity support only VDUSE...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mlx5: Fixed the default values in the create CQ process. Currently, CQs without a completion function are assigned the mlx5addcqtotasklet function by default. This is problematic because only user CQs created through the mlx5i...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: NFSD: Fixed the handling of large file sizes in NFSv3 SETATTR/CREATE procedures. iattr::iasize is a lofft type; therefore, these NFSv3 procedures must be careful to handle incoming client size values that are larger than s64ma...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the drivers/md/dm-table.c file, the dmtablecreate function in the Linux kernel from version 6.7.4 onwards may attempt to allocate more than INTMAX bytes using alloctargets. This can lead to a crash due to a missing check for the struct dmioctl.targetcount structure...

Astra Linux – Vulnerability in edk2

EDK2 is vulnerable to a vulnerability in the CreateHob function, which allows a user to trigger an integer overflow that leads to a buffer overflow through a local network. Successful exploitation of this vulnerability may result in compromises of confidentiality, integrity, and/or availability...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Suppressed a kernel complaint in qlacreateqpair 12.323788 BUG: Using smpprocessorid in preemptible 00000000 code: systemd-udevd/1020 12.332297 Caller is qla2xxxcreateqpair+0x32a/0x5d0 qla2xxx 12.338417 CPU: 7 PI...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: hsr: Avoid possible NULL dereference in skbclone. syzbot encountered a crash 1 in skbclone, caused by a bug in hsrgetuntaggedframe. When createstrippedskbhsr returns NULL, we must not attempt to call skbclone. Additionall...

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The affected versions are subject to an IntegerOverflow issue, which leads to an Out-of-Bound Write Vulnerability in the gdiCreateSurface function. This issue only affects FreeRDP-based clients...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: rbd: Avoid use-after-free in dorbdadd, when rbddevcreate fails. If obtaining an ID or setting up a work queue in rbddevcreate fails, a use-after-free occurs on rbddev-rbdclient, rbddev-spec, and rbddev-opts. This issue is trigger...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Added functions to register and unregister callback functions for the vblank register. We encountered a kernel panic issue where callback data would become NULL when used in the ovl irq handler. There is a timing...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ubi: ubicreatevolume: Fixed a use-after-free issue when volume creation failed. There is a use-after-free problem related to ‘ebatbl’ in the error handling path of ubicreatevolume. c ubiebareplacetablevol, ebatbl vol-ebatbl = tbl...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Fixed a memory leak when thresholdcreatebank fails. In mcethresholdcreatedevice, if thresholdcreatebank fails, the previously allocated thresholdbanks array @bp will be leaked, because the call to...