Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: cgroup: The cgroupgetfromid function must check that the looked-up key is a directory. The cgroup object must be a kernfs directory; otherwise, a kernel panic will occur, especially when the cgroup ID is provided from the user...

SUSE CVE-2022-48638

In the Linux kernel, the following vulnerability has been resolved: cgroup: cgroupgetfromid must check the looked-up kn is a directory cgroup has to be one kernfs dir, otherwise kernel panic is caused, especially cgroup id is provide from userspace...

CVE-2022-48638

In the Linux kernel, the following vulnerability has been resolved: cgroup: cgroupgetfromid must check the looked-up kn is a directory cgroup has to be one kernfs dir, otherwise kernel panic is caused, especially cgroup id is provide from userspace...

CVE-2022-48638

CVE-2022-48638 pertains to the Linux kernel cgroup subsystem. The issue stems from cgroup_get_from_id() not validating that the looked-up kn is a directory, which must be a kernfs directory. If the id supplied by userspace points to a non-directory, it can trigger a kernel panic. The connected As...

kernel: kernfs: fix potential NULL dereference in __kernfs_remove

In the Linux kernel, the following vulnerability has been resolved: kernfs: fix potential NULL dereference in kernfsremove When lockdep is enabled, lockdepassertheldwrite would cause potential NULL pointer dereference. Fix the following smatch warnings: fs/kernfs/dir.c:1353 kernfsremove warn:...