Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: nfs: Fixed the KMSAN warning in decodegetfattr attrs. Fixed the following KMSAN warnings: CPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G B Tainted: B=BADPAGE Hardware name: QEMU Standard PC Q35 + ICH9, 2009...

Astra Linux - уязвимость в linux, linux-5.10

A guest can force the Linux netback driver to consume a large amount of kernel memory. This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVEs. Incoming data packets for a guest in the Linux kernel’s netback driver are buffere...

Astra Linux - уязвимость в linux, linux-5.10

A guest can force the Linux netback driver to consume a large amount of kernel memory. This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVEs. Incoming data packets for a guest in the Linux kernel’s netback driver are buffere...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: hfsplus: fixed the KMSAN uninit-value issue in hfsplusextcacheextent The syzbot reported an issue in hfsplusextcacheextent: 70.194323 T9350 BUG: KMSAN: uninit-value in hfsplusextcacheextent+0x7d0/0x990 70.195022 T9350...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: pmdomain: arm: scmi: Fixed the issue where genpd leaks occur during provider registration failures. If the ofgenpdaddprovideronecell function fails during the probe phase, the previously created generic power domains are not...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: tipc: Changed the nlapolicy for bearer-related names to NLANULSTRING. The syzbot reported the following uninit-value access issues 1: ===================================================== BUG: KMSAN: uninit-value in strlen in...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb-len The packet length retrieved from skb data may be larger than the actual socket buffer length up to 9026 bytes. In such cases, the cloned skb passed through the network stack may...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer. Since the report buffer is used by various drivers in various ways, let’s initialize it to zero during allocation, so that it cannot ever be used to leak kernel memory through special...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: imx: csc/scaler: fix v4l2ctrlhandler memory leak The memory allocated in v4l2ctrlhandlerinit is freed upon release...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel up to version 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory through a Speculative Store Bypass side-channel attack, because the protection mechanism ignores the possibility of uninitialized memory locations within the BPF stack...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Fix: Use strings instead of literals when defining tracepoints for DA monitors. Using DA monitor tracepoints with KASAN enabled triggers the following warning: Bug: KASAN: Global-out-of-bounds access in...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fixed the PTE update for kernel memory on radix. When adding a PTE, a ptesync is required to ensure that the PTE update is performed correctly before subsequent accesses. Otherwise, a spurious fault may occur...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: pptp: Ensure a minimal skb length in pptpxmit. The commit aabc6596ffb3 “net: ppp: Add bound checking for skb data on pppsynctxmung” fixed pppsynctxmunge. We need a similar fix in pptpxmit; otherwise, we might read uninit data ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RISCV: Misaligned – Restricts user access to kernel memory. The rawcopyto,fromuser function does not call accessok, allowing userspace to access any virtual memory address...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: mm/vmalloc: Fixed vmalloc, which may return null if called with GFPNOFAIL. The commit a421ef303008 "mm: Allow !GFPKERNEL allocations for kvmalloc" includes support for GFPNOFAIL, but it creates a conflict with the commit...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: smb: client: fixed a memory leak in cifsconstructtcon When using a multiuser mount with domain= specified and cifscreds, cifssetcifscreds will set @ctx-domainname, so it needs to be freed before leaving cifsconstructtcon. This...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15, linux

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: Validating user input for expected length I received multiple syzbot reports indicating that old bugs were exposed due to BPF after committing 20f2505fb436 “bpf: Trying to avoid kzalloc in cgroup/s,getsockopt”. The...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021591)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021591 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix a memory leak Add a forgotten kfree. Tenable has extracted the preceding...

FreeBSD -- Heap overflow in FUSE_LISTXATTR

Problem Description: When a fusefs file system implements extended attributes, the kernel may send a FUSELISTXATTR message to the userspace daemon to retrieve the list of extended attributes for a given file. The FUSE protocol requires the daemon to return a packed list of NUL-terminated strings...

GHSA-FJQ3-FFVR-VM46 OpenTelemetry eBPF Instrumentation: Java TLS ioctl kprobe allows kernel memory disclosure

Summary The Java TLS ioctl probe reads user-controlled ioctl pointers with bpfproberead instead of bpfprobereaduser. An instrumented local process can therefore point OBI at kernel memory and cause that memory to be copied into telemetry. Details The vulnerable path is in...