Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net:sched: fix memory leak in tcindexpartialdestroywork Syzbot reported a memory leak in tcindexsetparms. The issue arose from the non-freeing of the perfect hash within tcindexpartialdestroywork. In tcindexsetparms, a new...

Astra Linux - уязвимость в linux

In the IPv6 implementation in the Linux kernel before 5.13.3, the net/ipv6/outputcore.c file has an information leak due to certain uses of a hash table. This hash table is large, but it does not properly take into account that IPv6-based attackers can typically choose from many IPv6 source...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: BPF: Allow deletion from sockmap/sockhash only if updating is allowed. We have received a surge in reports from syzkaller instances where a BPF program attached to a tracepoint triggered a locking rule violation by performing a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: fixed the issue with the hash calculation for hugetlb faults involving mutexes. In mfillatomichugetlb, the linearpageindex function is used to calculate the page index for hugetlbfaultmutexhash. However,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ima: A memory leak was fixed in imainodehash. The commit f3cc6b25dcc5 “ima: always measure and audit files in policy” allows measurement or auditing to occur even when the file digest cannot be calculated. As a result, iint-imaha...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: vxlan: Fixed the nexthop hash size. The nexthop code expects a 31-bit hash, such as the one returned by fibmultipathhash and rt6multipathhash. Passing a 32-bit hash returned by skbgethash can lead to issues, especially when th...

Astra Linux - уязвимость в abseil

There exists a heap buffer overflow vulnerability in Abseil-cpp. The constructor methods reserve and rehash, which are used to manage the size of the container’s backing store, do not impose an upper limit on the size of these methods’ arguments. As a result, a caller could pass a very large size...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: ipv4: Fixed an alignment fault in the multipath hash seed for ARM64 architectures. The struct sysctlfibmultipathhashseed contains two u32 fields userseed and mpseed, making it an 8-byte structure with a 4-byte alignment...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: UDF: Fixed uninitialized array access for some pathnames For filenames that start with . and are between 2 and 5 characters long, the UDF charset conversion code would read uninitialized memory from the output buffer. The only...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ftrace: The function that reads filter files now allocates and copies the hash value required for this purpose. Currently, the functions setftracefilter and setftracenotrace simply add a pointer to the global tracer hash value in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: The hash table is now created per queue. Sharing a global hash table among all queues is tempting, but it can lead to crashes. Bug: KASAN: A “slab-use-after-free” issue exists in...

Astra Linux - уязвимость в php8.1, php7.3

In PHP versions 8.1. before 8.1.28, 8.2. before 8.2.18, and 8.3. before 8.3.5, if a password stored using passwordhash starts with a null byte \x00, testing a blank string as the password via passwordverify will incorrectly return true...

Astra Linux - уязвимость в 389-ds-base

A denial-of-service vulnerability was discovered in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service when attempting to log in using a user with a malformed hash in their password...

Astra Linux - уязвимость в linux, linux-5.10

A issue was discovered in the Linux kernel through version 5.16.11. The mixed IPID assignment method, combined with the hash-based IPID assignment policy, allows an off-path attacker to inject data into a victim’s TCP session or terminate that session...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ima: fixed the buffer overflow issue in imaeventdigestinitcommon. The function imaeventdigestinit calls imaeventdigestinitcommon, using HASHALGOLAST. This value is then used to access the array hashdigestsize, resulting in a buff...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: net/xen-netback: This issue prevents a Use-after-Free UAF condition in xenvifflushhash. During the listforeachentryrcu iteration, when calling xenvifFlushHash, kfreercu does not exist within the rcu read critical section...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The “binding mark” of a reused connection was unset. Steve French reported a null pointer dereference error from the sha256 lib.cifs.ko library. The cifs.ko library can send session setup requests on reused connections. If...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: TCP: Fixed handling of refcnt in inethashconnect. syzbot reported a warning in sknullsdelnodeinitrcu. The commit 66b60b0c8c4a “dccp/tcp: Unhash sk from ehash for tb2 allocation failure after checkestablished” attempted to fix ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bpf/bonding: Rejects changes to vlan+srcmac xmithashpolicy when an XDP program is loaded. The function bondoptionmodeset already rejects changes to the mode that would make a loaded XDP program incompatible through bondxdpcheck...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: conntrack: Serialize hash resizes and cleanups Syzbot was able to trigger the following warning 1 No repro found by syzbot yet, but I was able to trigger a similar issue by having two scripts running in parallel,...