17786 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed the issue where dcc-f2fsissuediscard was not invalidated during the error path. Syzbot reports a NULL pointer dereference issue as follows: refcountadd include/linux/refcount.h:193 inline refcountinc...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: smb: client: Fixed the directory separator in SMB1 UNIX mounts. When calling cifsmountgettcon with SMB1 UNIX mounts, @cifssb-mntcifsflags needs to be read or updated only after calling resetcifsunixcaps. Otherwise, the...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: nilfs2: A potential UAF Use-After-Free error in struct nilfsscinfo can be prevented in nilfssegctorthread. The finalization of nilfssegctorthread may race with nilfssegctorkillthread, which terminates that thread. This could...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: cifs: The xid leak in cifsflock has been fixed. If flock is not used, before returning -ENOLCK, the xid should be freed; otherwise, the xid will be leaked...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fixed a NULL pointer dereferencing issue in gfs2rgrpdump. Syzkaller reported a NULL pointer dereferencing issue when accessing rgd-rdrgl in gfs2rgrpdump. This can occur when creating rgd-rdgl fails in readrindexentry. A NUL...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: jfs: fixed an array-index-out-of-bounds issue in diNewExt Syz report UBSAN: array-index-out-of-bounds in fs/jfs/jfsimap.c:2360:2 Index -878706688 is out of range for the type 'struct iagctl128' CPU: 1 PID: 5065 Comm:...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
A use-after-free flaw was discovered in the setupasyncwork function in the KSMBD implementation of the in-kernel Samba server and CIFS services in the Linux kernel. This issue could allow an attacker to crash the system by accessing freed resources...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: nfsd: Fixed the handling of cached open files in the nfsd4open code path. The commit fb70bf124b05 “NFSD: Instantiate a struct file when creating a regular NFSv4 file” added the ability to cache an open file descriptor across...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: NFSD: Fixed the behavior of the READ operation near OFFSETMAX. Dan Aloni reports: Due to commit 8cfb9015280d “NFS: Always provide aligned buffers to RPC read layers” on the client, a read of 0xfff is aligned up to the server’s...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: NFSD: Fixed the handling of large file sizes in NFSv3 SETATTR/CREATE procedures. iattr::iasize is a lofft type; therefore, these NFSv3 procedures must be careful to handle incoming client size values that are larger than s64ma...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cifs: A memory leak was fixed when using fscache. If the condition “index == nextcached” is encountered, a reference count of the struct page is leaked. This issue is fixed by using readaheadfolio, which handles the reference cou...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: Reworked the handling of scratch space for READPLUS again. I found that the read code might send multiple requests using the same nfspgioheader. However, the nfs4procreadsetup function is only called once. As a result, w...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: NFS/localio: Fixed a race condition in nfslocalopenfh Once the clp-cluuid.lock is dropped, another CPU may come in and free the structnfsdfile that was just added. To prevent this from happening, take the RCU read lock before...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: f2fs: Fixed a kernel crash that occurred due to a null io-bio. We should return immediately if io-bio is null before performing any actions. Otherwise, a panic will occur. BUG: Kernel NULL pointer dereferencing, address:...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel 6.0.8, there is a use-after-free in the rununpack function in fs/ntfs3/run.c, which is related to a difference between the NTFS sector size and the media sector size...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: Invoking MMU notifiers in shmem/file collapse paths. Any code path that updates page table entries must invoke MMU notifiers to ensure that secondary MMUs such as those related to KVM do not continue to access page...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: NFS: Avoid writeback threads getting stuck in mempoolalloc In situations with low memory availability, allow the NFS writeback code to fail without getting stuck in infinite loops in mempoolalloc...
Astra Linux – Vulnerability in Linux, Linux 5.10
A issue was discovered in fs/nfs/dir.c in the Linux kernel before version 5.16.5. If an application sets the ODIRECTORY flag and attempts to open a regular file, nfsatomicopen performs a regular lookup. If a regular file is found, ENOTDIR should be returned; however, the server instead returns...
Astra Linux – Vulnerability in ntfs-3g
A properly crafted NTFS image can cause a heap-based buffer overflow in the ntfsmftrecalloc function within NTFS-3G from version 2021.8.22 onwards...
Astra Linux – Vulnerability in ntfs-3g
In NTFS-3G, from version 2021.8.22, ntfsck has a heap-based buffer overflow issue, involving a value of buffer+5123-2. NOTE: The upstream documentation states that ntfsck is deprecated; however, it is still being distributed with some Linux distributions...