Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ubi: ubicreatevolume: Fixed a use-after-free issue when volume creation failed. There is a use-after-free problem related to ‘ebatbl’ in the error handling path of ubicreatevolume. c ubiebareplacetablevol, ebatbl vol-ebatbl = tbl...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Cleaning up a dangling pointer on the bind error path The mtkdrmBind function may fail, in which case drmdevPut is called, destroying the drmdevice object. However, a pointer to that object was still being held by t...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: rpmsg: Fixed a possible refcount leak in rpmsgregisterdeviceoverride. rpmsgregisterdeviceoverride must call putdevice to free the vch when driversetoverride fails. This issue was fixed by adding a call to putdevice in the erro...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fixed a memory leak in mlx5eptpopen. When kvzallocnode or kvzalloc fails in mlx5eptpopen, the memory pointed to by “c” or “cparams” is not freed, which can lead to a memory leak. This issue has been fixed by freeing th...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: EFI: Fixed NULL dereference in the init error path. In cases where runtime services are not supported or have been disabled, the runtime services’ workqueue will never be allocated. Do not attempt to destroy the workqueue...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: IB/rdmavt: added a lock to the call to rvterrorqp to prevent a race condition. The documentation for the rvterrorqp function states that both rlock and slock need to be held when calling that function. It also includes a lockdep...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: The flag SBRDONLY is no longer set during the f2fshandlecriticalerror function. The syzbot reported the following bug: ------------ Cut here ------------ WARNING: CPU: 1, PID: 58, in kernel/rcu/sync.c:177, function...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: fixed a race condition that could lead to a UAF in sndusbmidifree. The previous commit 0718a78f6a9f, “ALSA: usb-audio: Properly terminates the timer upon endpoint deletion,” addressed a UAF issue caused by the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Enhanced sanity check during attribute list generation The nicreateattrlist function uses WARNON to catch error cases during attribute list generation. Currently, it only prints the stack trace, which may not be...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: phy: phy-tahvo: fix memory leak in tahvousbprobe Suggestions: drivers/usb/phy/phy-tahvo.c: tahvousbprobe Warning: Missing unwind goto? After obtaining the IRQ, if ret 0, it will return without error handling, freeing up...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: octeonep: Canceling queued operations in the probe error path If it fails to obtain the device’s MAC address, octepprobe exits while leaving the delayed intrpolltask queued. When the operation runs later, it constitutes a...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: cxl/acpi: Fixed a use-after-free in cxlparsecfmws KASAN and KFENCE detected a use-after-free in the CXL driver. This occurs in the cxldecoderadd function’s failure path. KASAN prints the following error: BUG: KASAN:...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: The BUG function call has been removed after failing to insert a delayed directory index entry. Instead of calling BUG when we fail to insert a delayed directory index entry into the delayed node’s tree, we can simply...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: Net layer: dsa: fixed a crash if -getssetcount fails. If ds-ops-getssetcount fails, then the “count” value is a negative error code, such as -EOPNOTSUPP. Since “i” is a unsigned int, the negative error code is type-promoted to a...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: userfaultfd: The page is released in the error path to avoid BUGON. Consider the following sequence of events: 1. The userspace sends a UFFD ioctl, which ultimately calls shmemmfillatomicpte. We successfully account the blocks, a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fixed an overflow issue with sdiv. Zac Ecob reported a problem where a bpf program might cause a kernel crash due to the following error: Oops: Divide error: 0000 1 PREEMPT SMP KASAN PTI The failure is caused by the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fixed the error handling for regmap init. The devmregmapinitmmio function now returns ERRPTR upon an error, instead of NULL. The error check has also been fixed, and the error message has been corrected...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: avoid dereferencing ERRPTR in tcfidrinfodestroy. The syzbot report indicated that a crash occurred in tcactinHW, during the netns teardown process. In this scenario, tcfidrinfodestroy passed a value of...

Astra Linux – Vulnerability in Zabbix

The cause of the vulnerability is improper validation of the “Name” field in the form input on the Graph page in the Items section...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: don't delete error page from pagecache This change is very similar to the change that was made for shmem 1, and it solves the same problem but for HugeTLBFS instead. Currently, when poison is found in a HugeTLB page, t...