Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Fixed unbalanced regulator disabling in UTMI PHY mode When transitioning from USBROLEDEVICE to USBROLENONE, the code assumed that the regulator should be disabled. However, if the regulator is marked as always-o...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disabling coherent dumb buffers is no longer necessary when 3D is not enabled. Coherent surfaces make sense only if the host renders to them using accelerated APIs. Without 3D, all the content in dumb buffers remains ...

Astra Linux - уязвимость в qemu

A use-after-free vulnerability was discovered in the am53c974 SCSI host bus adapter emulation in QEMU in versions prior to 6.0.0, during the handling of the ‘Information Transfer’ command CMDTI. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial ...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Drivers: USB: Host: Fixed a deadlock in oxubussuspend There is a deadlock in oxubussuspend, as shown below: Thread 1 | Thread 2 | timeraction oxubussuspend | modtimer spinlockirq //1 | Wait for a while ... | oxuwatchdog...

Astra Linux - уязвимость в nodejs

A OS command injection vulnerability exists in Node.js versions 14.20.0, 16.20.0, 18.5.0 due to an insufficient IsAllowedHost check. This vulnerability can be easily exploited, as the IsIPAddress function does not properly check whether an IP address is invalid before making DBS requests, thereby...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: core: Fixed a regression issue related to the removal of the procfs host directory The commit fc663711b944 “scsi: core: Removed the /proc/scsi/$procname directory earlier” fixed a bug related to module loading/unloading...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: PCI: rcar-host: The proper IRQ domain must be passed to generichandledomainirq. Starting with the commit dd26c1a23fd5 “PCI: rcar-host: Switch to msicreateparentirqdomain”, the MSI parent IRQ domain is set to NULL because the obje...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: sched: schcake: bounds checks were added to the host bulk flow fairness counts. Although we fixed a logic error in the commit cited below, syzbot still managed to cause an underflow in the per-host bulk flow counters, leading to ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: xhci-mtk: Fixed an issue where shared HCD resources were leaked when attempting to set the wake-up IRQ. The issue occurred because it was not possible to set @sharedhcd to NULL before reducing the usage count using usbputhcd...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mmc: mmcspi: fixed error handling in mmcspiprobe If mmcaddhost fails, there is no need to call mmcremovehost; otherwise, it may cause a null-ptr-deref due to deleting a device that was not properly added in mmcremovehost. To fix...

Astra Linux - уязвимость в qemu

A reentrancy issue related to DMA was discovered in the Tulip device emulation in QEMU. When Tulip reads from or writes to the rx/tx descriptor, or copies a rx/tx frame, it does not check whether the destination address is its own MMIO address. This can cause the device to trigger MMIO handlers...

Astra Linux - уязвимость в open-vm-tools

A fully compromised ESXi host can cause VMware Tools to fail in authenticating host-to-guest operations, thereby affecting the confidentiality and integrity of the guest virtual machine...

Astra Linux - уязвимость в runc-app

Runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, as well as 1.3.0-rc.1 through 1.3.1, and 1.4.0-rc.1 and 1.4.0-rc.2, runc did not perform sufficient verification to ensure that the source of the bind-mount i.e., the container’...

Astra Linux - уязвимость в qemu

A reachable assertion issue was detected in the USB EHCI emulation code of QEMU. This issue can occur during the processing of USB requests due to a faulty handling of the DMA memory map. A malicious privileged user within the guest environment may exploit this flaw to send invalid USB requests,...

Astra Linux - уязвимость в python-webob

WebOb provides objects for HTTP requests and responses. When WebOb normalizes the HTTP Location header to include the request hostname, it does so by parsing the URL that the user will be redirected to using Python’s urlparse function, and joining that parsed URL to the base URL. However, the...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mmc: mxcmmc: Fix the return value check in mmcaddhost. The mmcaddhost function may return an error. If we ignore its return value, the memory allocated by mmcallochost will be leaked. This can lead to a kernel crash due to the...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: Check actuallength before accessing the header. The driver expects to receive a struct gshostframe in gsusbreceivebulkcallback. Use structgroup to describe the header of the struct gshostfram...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: vhost: vringh: Fixed the check on the return value of copytoiter. The return value of copytoiter cannot be negative; instead of checking for negative values, we should check whether the copied length is equal to the requested...

Astra Linux - уязвимость в qemu

A heap-based buffer overflow was discovered in the SDHCI device emulation of QEMU. The bug is triggered when both s-datacount and the size of s-fifobuffer are set to 0x200, leading to an out-of-bound access. A malicious guest could exploit this flaw to crash the QEMU process on the host, resultin...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: It is now possible to use hdev-workqueue when scheduling hdev-cmd,ncmdtimer works. The syzbot is reporting an attempt to schedule the hdev-cmdwork task from systemwq to hdev-workqueue WQ, which is currently in a draini...