Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: dosysnametohandle: The use of kzalloc instead of kmalloc was corrected to prevent kernel-infoleak vulnerabilities. The syzbot identified a kernel information leak vulnerability in dosysnametohandle. The following reports were...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: fpga: manager: Added a module owner field and used its pointer to count the reference count of the module. The current implementation of the fpgamanager assumes that the low-level module registers a driver for the parent devic...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: iommu/vt-d: debugfs: Fixed the legacy mode page table dump logic In legacy mode, SSPTPTR is ignored if TT is not 00b or 01b. SSPTPTR might be uninitialized or zero in that case, and this could lead to errors such as: - General...

Astra Linux - уязвимость в linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftlimit: Configurations that cause integer overflow are now rejected. False configurations where the internal token counter wraps around are now prevented. This only occurs with very, very large requests, such as...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In btrfsgetrootref in fs/btrfs/disk-io.c within the Linux kernel, up to version 6.7.1, there may be an assertion failure and a crash occurring because a subvolume can be read out too early after its root item is inserted during subvolume creation...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: hfsplus: Do not query the device’s logical block size multiple times. The block sizes of devices may change. One of these cases is a loop device, where the ioctl LOOPSETBLOCKSIZE is used. While this may cause other issues such as...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Ensure that the cache entry is active before calling cacheshow. The function cshow was called with protection from RCU. This only ensures that cp will not be freed. As a result, the reference count of cp can drop to zero,...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: netns: Make getnetns handle zero refcount net Syzkaller hit a warning: refcountt: addition on 0; use-after-free. WARNING: CPU: 3 PID: 7890 at lib/refcount.c:25 refcountwarnsaturate+0xdf/0x1d0 Modules linked in: CPU: 3 PID: 7890...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: vmcihost: A race condition in vmcihostpoll was fixed, which could cause a General Protection Fault. During fuzzing, a General Protection Fault was observed in vmcihostpoll. The fault occurred due to a dereferencing of a wrong...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel before version 5.17.1, a refcount leak bug was discovered in the net/llc/afllc.c file...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netdevsim: A trailing zero was added to terminate the string in nsimnexthopbucketactivitywrite. This issue was identified by a static analyzer. We should not forget the trailing zero after copyfromuser if we will perform further...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: added error handling to avoid out-of-bounds access. If the sdmav40irqidtoseq function returns -EINVAL, the process should be stopped to prevent out-of-bounds reading; therefore, -EINVAL should be returned directly...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Handling of errors when calling attrsetsize during file truncation. If attrsetsize fails during file truncation, the error is silently ignored, and the inode may remain in an inconsistent state...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: udf: Fixed a slab-out-of-bounds write bug in udffindentry Syzbot reported a slab-out-of-bounds Write bug: loop0: A capacity change from 0 to 2048 was detected. ==================================================================...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: serial: 8250bcm7271: The leak in brcmuartprobe has been fixed. Smatch report: drivers/tty/serial/8250/8250bcm7271.c: Line 1120 of brcmuartprobe, warning: “‘baudmuxclk’ from clkprepareenable was not released”. The issue was fixed ...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: bcache: Fixup btreecachewait list damage We encountered a kernel crash due to “listadd corruption”. next-prev should be prev 0xffff9c801bc01210, but it was actually fff9c77b688237c. The correct value is next=ffffae586d8afe68...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: bpf, sockmap: Fixed the warning related to sk-skforwardalloc in skstreamkillqueues. When running testsockmap in selftests, the following warning appears: WARNING: CPU: 2 PID: 197 at net/core/stream.c:205...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/ipv6: ioam6: This vulnerability prevents a wraparound in the schema length during the trace fill operation. The ioam6fillTraceData function stores the schema contribution to the trace length in an u8 type variable. When bit 2...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Prevention of division by zero The user can set any speed value. If the speed is greater than UINTMAX/8, a division by zero is possible. Found by the Linux Verification Center linuxtesting.org with SVACE...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ata: patapxa: Fixed a potential NULL pointer dereferencing in pxaataprobe. devmioremap returns NULL upon error. Currently, pxaataprobe does not check for this case, which could lead to a NULL pointer dereferencing. Add a NULL che...