Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Do not cause overflow in the peek function. When we started assigning new inode numbers to most of the 64-bit inode space, it triggered some edge-case bugs, particularly some integer overflows related to...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Prevent the release of journal inode after journal shutdown. Before calling ocfs2deleteosb, the function ocfs2journalshutdown has already been executed in ocfs2dismountvolume. Therefore, osb-journal must be NULL. As a...

Astra Linux – Vulnerability in Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: f2fs: A sanity check was added for the F2FSInlineDATA flag in the inode during garbage collection GC. The syzbot reports the following f2fs bug: ------------ Cut here ------------ Kernel BUG: At fs/f2fs/inline.c:258 CPU: 1 PID: 3...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: A NULL dereference in niwriteinode has been fixed. Syzbot reported a NULL dereference in niwrite inode. When creating a new inode, if the allocation fails in the miinit function called in the miformatnew function, mi-mr...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: fixed a warning in ext4iomapbegin due to a race between bmap and write The issue occurs as follows: ------------ cut here ------------ WARNING: CPU: 3 PID: 9310 at fs/ext4/inode.c:3441 ext4iomapbegin+0x182/0x5d0 RIP:...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Do not create EA inodes under the buffer lock The ext4xattrsetentry function creates new EA inodes while holding the buffer lock on the external xattr block. This is problematic because all allocation-related locking...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: NFS: Issues with the LTP test failing when timestamps are delegated have been fixed. The utimes01 and utime06 tests fail when delegated timestamps are enabled, especially in subtests that modify the atime and mtime fields using t...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed a warning in ext4handleinodeextension We encountered the following issues: EXT4-fs error device loop0 in ext4reserveinodewrite:5741: Out of memory EXT4-fs error device loop0: ext4setattr:5462: inode 13: comm...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed the issue of waiting for block writeback in the postread case. If the inode is compressed but not encrypted, the function f2fswaitonblockwriteback was not called properly, resulting in waiting for the page writebac...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed the bug in estreesearch caused by a faulty quota inode We have the following issues: ========================================= Kernel bug in fs/ext4/extentsstatus.c:202! Invalid opcode: 0000 1 PREEMPT SMP CPU: 1 PI...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: writeback: Fixed the use of “free” after deallocating memory in inodeswitchwbsworkfn. The function inodeswitchwbsworkfn has a loop like this: c wbgetnewwb; while 1 list = llistdelall&newwb-switchwbsctxs; / Nothing to do? / if !li...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: jfs: Verify the inode mode when loading from disk. The inode mode loaded from a corrupted disk may be invalid. Do as described in the commit 0a9e74051313 “isofs: Verify the inode mode when loading from disk”...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Squashfs: Check that the inode number is not the invalid value of zero. Syskiller has identified an out-of-bounds access in the fillmetaindex function. This out-of-bounds access occurs because the inode has an inode number of...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: A possible null pointer dereference has been fixed in niclear. In a previous commit c1006bd13146, ni-mi.mrec in niwrite inode could be NULL. Therefore, a NULL check was added for this variable. However, in the same call...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: vfs: Do not evict inode under the inode lru traversing context The inode reclaiming process see function pruneicachesb collects all reclaimable inodes and marks them with the IFREEING flag. At that time, other processes will b...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ovl: fixed null pointer dereference in ovlgetaclrcu The following processes are involved: P1 P2 pathopenat linkpathwalk maylookup inodepermissionrcu ovlpermission aclpermissioncheck checkacl getcachedaclrcu ovlget inodeacl...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed an issue where inode lists were leaked during backref walking in findparentnodes. During backref walking, when findparentnodes is called, if we are dealing with a data extent and an error occurs while resolving...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed a traversal bug in ext4mbusepreallocated. During allocation, when searching for pre-allocations PA in the per-inode rbtree, we cannot perform a direct traversal of the tree because ext4mbdiscardgrouppreallocation may...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ceph: avoided a kernel bug for encrypted inodes with unaligned file sizes The generic/397 test encountered a bug in the case of encrypted inodes with unaligned file sizes for example, 33K or 1K: 877.737811 ran fstests generic/397...

AlmaLinux 10 : kernel (ALSA-2026:18134)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:18134 advisory. kernel: tcpbpf: Fix the skmemuncharge logic in tcpbpfsendmsg CVE-2024-56633 kernel: KVM: x86: Load DR6 with guest value only before entering .vcpurun lo...