Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the bpf function, the task with pid=1 can be skipped in the sendsignalcommon function. The following kernel panic can occur when a task with pid=1 attempts to send a killing signal to itself. For more details, see 1. Kernel...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: LoongArch: All reserved memblocks on Node0 are set at initialization. After the commit 61167ad5fecdea "mm: pass nid to reservebootmemregion", a panic occurs if DEFERREDSTRUCTPAGEINIT is enabled: 0.000000 CPU 0 Unable to handle...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Disable IRQs before initfn for non-boot CPUs. Disable IRQs before initfn for non-boot CPUs during hotplug operations, in order to silence such warnings and also to avoid potential errors due to unexpected interrupts...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: powerpc/fadump: The code for fadumpcmainit should be moved to setuparch, after initmeminit. During early initialization, CMAMINALIGNMENTBYTES can be set to PAGESIZE, since pageblockorder is still zero and is initialized later...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: jffs2: fixed a memory leak in jffs2domountfs. If jffs2buildfilesystem in jffs2domountfs returns an error, we can observe the following kmemleak report: -------------------------------------------- unreferenced object...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Prevent double-free on error. The error handling path in itsvpeirqdomainalloc causes a double-free when itsvpeinit fails after successfully allocating at least one interrupt. This occurs because...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: Fixed an uninitialized value in ocfs2filereaditer. Syzbot has reported the following KMSAN errors: BUG: KMSAN: Uninitialized value in ocfs2filereaditer+0x9a4/0xf80; ocfs2filereaditer+0x9a4/0xf80; ioread+0x8d4/0x20f0;...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: igb: A potential invalid memory access issue has been fixed in igbinitmodule. The pciregisterdriver function may fail. When this occurs, the dcanotifier needs to be unregistered. Otherwise, the dcanotifier can be called when igb...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: fixed out-of-bounds access in opsinit The netallocgeneric function is called by netalloc, which does not use any locking mechanisms. It reads maxgenptrs, which is modified under the pernetopsrwsem context. This reading occur...

Astra Linux – Vulnerability in OpenLDAP

In OpenLDAP versions 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function due to a malicious packet. This leads to a denial of service daemon exits caused by a short timestamp. This issue is related to the schemainit.c file and the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi parser: A check was added to avoid out-of-bound access. There is a possibility that initcodecs may be invoked multiple times during manipulation of the payload from video firmware. In such cases, if codecscount...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fixed a memory leak in dwc3qcominterconnectinit. In the alloc Resources for path handle function of oficcget, resources should be released when they are no longer needed. This should be done similarly in the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: IB/hfi1: Fixed an early init panic issue. An early failure in hfi1ipoibsetuprn can lead to the following panic: BUG: Unable to handle a NULL pointer derefrence in the kernel at 00000000000001b0 PGD 0 P4D 0 Oops: 0002 1 SMP NOP...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: clk: samsung: Fixed the UBSAN panic in samsungclkinit. With UBSANARRAYBOUNDS=y, I encounter the following panic due to dereferencing ctx-clkdata.hws before setting ctx-clkdata.num = nrclks. This issue needs to be fixed. Panic...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: cdnsp: Fixed a NULL pointer dereference in cdnspendpointinit In cdnspendpointinit, the function cdnspringalloc is assigned to pep-ring. There is a dereference of this variable in cdnspendpointinit, which could lead to a NULL...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: btrfs: set generation before calling btrfscleantreeblock in btrfsinitnewbuffer syzbot is reporting uninit-value in btrfscleantreeblock 1, for commit bc877d285ca3dba2 "btrfs: Deduplicate extentbuffer init code" missed that...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: tegra – Do not transfer requests when tegrainit fails The tegracmacinit or tegrashainit functions may return an error when memory is exhausted. In such cases, requests should not be transferred when an error occurs...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail out from dwc3gadgetexit if dwc-gadget is NULL. There exists a possible scenario in which dwc3gadgetinit may fail: during the switch between peripheral and host modes in dwc3setmode, and if a pending gadget...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: PID: Taking a reference when initializing cadpid During boot, kernelinitfreeable initializes cadpid to the struct pid of the init task. Later, we may change cadpid via sysctl. When this happens, procdocadpid will increment the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: The release path was called before initializing the extent tree in btrfsreadlocked inode. In btrfsreadlocked inode, we call btrfsinitfileextenttree while holding a lock on a read-locked leaf of the subvolume tree...