Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Handled the chunk tree lookup error in btrfsrelocatesyschunks. The unhandled case in the btrfsrelocatesyschunks loop is a corruption. This can only occur under two impossible conditions: - First, the search key is set t...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: The dcn301calculatewmanddlg function for the FPU is wrapped around. The logic for this function mirrors that of dcn30. This fix results in a lot of WARN messages and some kernel panics...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Fork: Defer linking of vma until vma is fully initialized. Thorvald reported a WARNING 1. The root cause of the issue lies in a race condition: CPU 1 CPU 2 fork hugetlbfsfallocate dupmmap hugetlbfspunchhole...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: veth: Ensure that the eth header is in the linear part of the skb structure. After feeding a decapsulated packet to a veth device using actmirred, skbheadlen may be 0. However, vethxmit calls devforwardskb, which expects at...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: blktrace: Fixed a UAF in the blkTraceAccess function after removal by sysfs. There is a use-after-free issue triggered by the following process: bash P1sda P2sdb echo 0 /sys/block/sdb/trace/enable blkTraceRemoveQueue...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Tracing: The length check that causes memory corruption was corrected. We have experienced severe kernel crashes due to memory corruption in our production environment. For example: Call Trace: 1640542.554277 General protectio...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Firmware: armscpi: Fixed string overflow in the SCPI genpd driver. Without the bounds checks for scpipd-name, a buffer overflow could occur when copying the SCPI device name from the corresponding device tree node. This occurs...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed an issue where reservations were advanced beyond their limit in the ringbuf structure. The BPF ring buffer is internally implemented as a circular buffer of a power-of-2 size. It contains two logical counters that are...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: cpufreq: Avoid a bad reference count on the CPU node. In the parseperfdomain function, if the call to ofparsephandlewithargs returns an error, then the reference to the CPU device node acquired at the beginning of the function wi...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: gso: Fixed the udp gso fraglist segmentation issue after pulling from fraglist. Detect gso fraglist skbs with corrupted geometry see below, and pass these to skbsegment instead of skbSegmentList, as the former can segment them...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Revert to the previous state of “ACPICA: Avoid Info: mapping multiple BARs. Your kernel is fine.” Undo the modifications made in the commit d410ee5109a1 “ACPICA: Avoid “Info: mapping multiple BARs. Your kernel is fine.””...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: liquidio: The handling of NULL pointers in liovfrepcopypacket was adjusted. In liovfrepcopypacket, pginfo-page is compared to a NULL value, but it is then unconditionally passed to skbaddrxfrag. This seems strange and could lead ...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Correct check for empty list Since the commit a3c53be55c95 “net: dsa: mv88e6xxx: Support multiple MDIO buses”, the mv88e6xxxdefaultmdiobus function has checked that the return value of listfirstentry is...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: amdgputtmgartbind set gtt bound flag Otherwise, after the GTT context is released, the GTT and gart space are freed. However, amdgputtmbackendunbind does not clear the gart page table entry, leaving a valid mapping...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Prevent out-of-bounds memory access The testtag test triggers an unhandled page fault: ./testtag 130.640218 CPU 0 Unable to handle kernel paging request at virtual address ffff80001b898004, era == 9000000003137f7c...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Check that the null return value of ACPIALLOCATEZEROED in acpidbdisplayobjects is valid. ACPICA commit: 0d5f467d6a0ba852ea3aad68663cbcbd43300fd4 The ACPIALLOCATEZEROED function may fail, and objectinfo might be null. This...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, from version 5.19.9 onwards, the drivers/scsi/stex.c file allows local users to access sensitive information from kernel memory. This occurs because the stexqueuecommandlck function lacks a memset for the PASSTHRUCMD case...

Astra Linux - уязвимость в linux-5.10

A flaw was discovered in the Linux kernel. The existing KVM SEV API contains a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM instance in an AMD CPU that supports Secure Encrypted Virtualization SEV...

Astra Linux - уязвимость в linux-5.10, linux

A issue was discovered in the Linux kernel through version 5.16-rc6. The function malidpcrtcreset in the file drivers/gpu/drm/arm/malidpcrtc.c lacks a check on the return value of kzalloc. This could lead to a null pointer dereferencing...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The rcubarrier function was called in ksmbdserverexit. The bug is triggered due to racing between closing a connection and the rmmod operation. In ksmbd, rcubarrier is not called at the time of module unloading, so nothing...