Astra Linux - уязвимость в tomcat9

The issue involves a vulnerability in the generation of error messages containing sensitive information in Apache Tomcat. This issue affects Apache Tomcat versions starting from 8.5.7 through 8.5.63, and from 9.0.0-M11 through 9.0.43. Other, end-of-life versions may also be affected. It is...

Astra Linux - уязвимость в opensc

A vulnerability was discovered in the pkcs15-init tool in OpenSC. An attacker could use a specially crafted USB Device or Smart Card, which would send a specially crafted response to APDUs to the system. When buffers are partially filled with data, the initialized parts of the buffer can be...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: Fixed a nullptrderef issue in rfcommchecksecurity. During our fuzz testing of the connection and disconnection processes at the RFCOMM layer, we discovered this bug. By comparing the packets generated during a...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Errors are now handled in mlx5chainscreatetable. In mlx5chainscreatetable, the return values of mlx5getfdbsubns and mlx5getflownamespace must be checked to prevent NULL pointer dereferences. If either function fails, th...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: tools/nolibc/stdlib: fixed a memory error in realloc Pass userplen to memcpy, instead of heap-len, to prevent realloc from copying an extra sizeofheap bytes beyond the allocated region...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: added retry logic in net6rtnotify inet6rtnotify can only be called under RCU protection. This means that the route may be changed concurrently, and rt6fillnode may return -EMSGSIZE. Resize the skb when this occurs and...

Astra Linux - уязвимость в linux, linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: rtnetlink: corrected the error logic for writing back the IFLABRIDGEFLAGS flags. In the commit d73ef2d69c0d “rtnetlink: added support for rtnlbridgesetlink checks of IFLABRIDGEMODE length”, an adjustment was made to the old loop...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: NFC: port100: fixed a use-after-free in port100sendcomplete. Syzbot reported a UAF in port100sendcomplete. The root cause is the missing calls to usbkillurb in the error handling path of the -probe function. port100sendcomplet...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: nftables: nftdynset: fixed a possible stateful expression memory leak in the error path. If cloning the second stateful expression in the element via GFPATOMIC fails, then the first stateful expression remains in place without...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fixed the exception exit lock checking for subprogs. The processbpfexitfull function passes checklock = !curframe to checkresourceleak, which results in a false negative in cases where bpfthrow is called from a static...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: perf: Make sure to use pmuctx-pmu for groups. Oliver reported that the x86pmudel function actually performed an out-of-bound memory access when groupschedin failed and needed to be rolled back. This issue should be handled by the...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerabilities have been resolved: cifs: Return the correct error code from smb2getenckey Avoid a warning if the error is passed back up: 440700.376476 CIFS VFS: \otters.example.com cryptmessage: Could not get encryption key 440700.386947 ------------ Cut here...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: phy: Fixed a null-ptr-deref issue when the probe function failed. I received a report of a null-ptr-deref issue during the fault injection test. Bug: NULL pointer dereferencing in the kernel. Address: 0000000000000058 Oops:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: Error handling in atatdevadd was fixed. In atatdevadd, the return value of transportadddevice is not checked. As a result, a nullptrderef exception occurs when removing the module. This happens because...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Free IRQs before removing the device. In the pciendpointtestremove function, freeing the IRQs after removing the device creates a small race window during the test process. This allows IRQs to be received b...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: rapidio: rio: Fixed a possible name leak in rioregistermport. If deviceregister returns an error, the name allocated by devsetname needs to be freed. This should be done using putdevice, so that the reference in the error path is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Clear XSTATEBVi in the guest XSAVE state whenever XFDi=1 When loading the guest XSAVE state via KVMSETXSAVE, and when updating XFD in response to a guest WRMSR, clear the XFD-disabled features in the saved or to be...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k – Fixed a memory leak in ath12kservicereadyextevent. Currently, in ath12kservicereadyextevent, svcrdyext.macPhyCaps is not freed in the failed case, resulting in a memory leak. The following trace is observed in...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ASoC: core: Fixed a use-after-free in sndsocexit KASAN reported a use-after-free: BUG: KASAN: Use-after-free in devicedel+0xb5b/0xc60 A size 8 byte read at address ffff888008655050 was performed by the task rmmod/387. CPU: 2; PID...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed the RX consumer index logic in the error path. In bnxtrxpkt, the RX buffers are expected to complete in order. If the RX consumer index indicates an out-of-order buffer completion, it means we are encountering a...