Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: bpf: Ensure that the internal and UAPI bpfredirect flags do not overlap. The bpfredirectinfo is shared between the SKB and XDP redirection paths. Both paths use the same numerical flag values in the ri-flags field specifically,...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: cmd-db: Maps shared memory as WC, not WB. Linux does not write to the cmd-db region. This memory region is protected from writing by XPU. XPU may sometimes incorrectly detect a clean cache eviction as a “write” to the...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: jffs2: Fixed potential illegal address access in jffs2freeinode. During the stress testing of the jffs2 file system, the following abnormal outputs were found: 2430.649000 Unable to handle kernel paging request at virtual...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: serial: max3100: Lock port-lock when calling uarthandlectschange The uarthandlectschange function must be called with the port locked. Since we execute it in a separate thread, the lock might not be acquired at the time of...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: efi: libstub – Only privRuntimeMap is freed when it is allocated. privRuntimeMap is only allocated when efinovamap is not set. Otherwise, it remains uninitialized. In the error path, privRuntimeMap is freed unconditionally. Avoid...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: IB/hfi1: Fix for early init panic An early failure in hfi1ipoibsetuprn can lead to the following panic: BUG: Unable to handle a NULL pointer derefrence in the kernel at 00000000000001b0 PGD 0 P4D 0 Oops: 0002 1 SMP NOPTI...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: memcg: fixed a possible use-after-free in memcgwriteeventcontrol The memcgwriteeventcontrol function accesses the dentry-dname of the specified control file to route the write operation. Since a cgroup interface file cannot be...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: The line “Revert “block, bfq: honor already-setup queue merges”” has been removed. A crash occurred in conjunction with the commit 2d52c58b9c9b “block, bfq: honor already-setup queue merges”. This issue was later corrected by the...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: The BUG function call has been removed after failing to insert a delayed directory index entry. Instead of calling BUG when we fail to insert a delayed directory index entry into the delayed node’s tree, we can simply...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: tee, amdtee: fixed the use-after-free vulnerability in amdteeclosesession. There is a potential race condition in amdteeclosesession that may cause a use-after-free in amdteeopenSession. For example, if a session has a referen...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed the remap of the arena. The BPF arena logic did not account for the mremap operation. Added a reference count for multiple mmap events to prevent use-after-free in arenavmclose...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: tc358743 – The v4l2 async device is registered only after a successful setup. Ensure that the device has been set up correctly before registering the v4l2 async device, thereby allowing userspace to access it...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

A null pointer dereference flaw was discovered in the Linux kernel’s DECnet networking protocol. This issue could allow a remote user to crash the system...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/msm: Fixed the leak in the waitfence submitqueue operation. We were not releasing the reference to submitqueue in all paths. In particular, when the fence has already been signaled. We have created a helper function to...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: Staging: rtl8712: fixed an issue with uninit-value in usbread8 and related functions. When r8712usbctrlvendorreq returns a negative value, the “data” obtained from usbread8,16,32 will not be initialized. Bug: KMSAN: uninit-val...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Address reentrant enqueue adding class to eltree twice Savino says: “We are writing to report that this recent patch 141d34391abbb315d68556b7c67ad97885407547 1 can be bypassed, and a UAF can still occur when HFSC ...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: drm/panel: fixed a possible null pointer dereferencing issue. In versatilepanelgetmodes, the return value of drmmodeduplicate is assigned to mode, which could lead to a NULL pointer dereferencing issue if drmModeduplicate fails. ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Avoid potential “vm use-after-free” situations. By adding the virtual machine to the vmxa table, it becomes visible to user space. This could potentially cause user space to attempt to close the virtual machine at the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: IMA: Do not clear the IMADIGSIG flag when setting or removing non-IMA xattr. Currently, when both IMA and EVM are in “fix” mode, the IMA signature will be reset to the IMA hash if a program first stores the IMA signature in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: usb: isp1760: Fixed out-of-bounds array access issues Running the driver through KASAN reveals the following issues: BUG: KASAN: Global out-of-bounds access in isp1760register+0x180/0x70c Reading a size of 20 bytes from addr...