Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: afunix: Fixed a data race around unixtotinflight. unixtotinflight is updated under spinlockunixgclock, but unixreleasesock reads it without locking. We should use READONCE for unixtotinflight. Note that the writer side was...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mptcp: handle large GSO sizes After the committed changes below, TCP sockets and MPTCP subflows can generate egress packets that are larger than 64K. This exceeds the maximum DSS data size; the packet length is misrepresented ove...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: udf: Avoid double calls to brelse in udfrename syzbot reported a warning like below 1: VFS: brelse: Trying to free a free buffer WARNING: CPU: 2 PID: 7301 at fs/buffer.c:1145 brelse+0x67/0xa0 ... Call trace:...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ARP: Do not assume that devhardheader does not change skb-head. arpcreate is the only function that calls devhardheader, and it makes an assumption that skb-head remains unchanged. A recent commit broke this assumption. Initializ...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: iio: trigger: sysfs: fix use-after-free on remove Ensure that the irqwork has completed before the trigger is freed. ================================================================== BUG: KASAN: use-after-free in irqworkrunli...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3-sva: Fixed the issue of memory use-after-free. Currently, we call arm64mmcontextput without holding a reference to the MM register, which can lead to use-after-free. We call mmgrab/mmdrop to ensure that the MM...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: CDC-NCM: Avoid overflow in sanity checks. A malfunctioning device may produce an extreme offset like 0xFFF0, along with a fragment of reasonable length. In the currently formulated sanity check, this will cause an integer overflo...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Staging: greybus: audiohelper: Remove unused and incorrect usage of debugfs. In the greybus audiohelper code, the debugfs file related to dapm has the potential to be removed, and memory may be leaked. There is also a high...

Astra Linux - уязвимость в linux-5.10, linux

With shadow paging enabled, the INVPCID instruction results in a call to kvmmmuinvpcidgva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set, and the result is a NULL pointer dereference...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

A use-after-free vulnerability in the Linux kernel’s netfilter:nftables component can be exploited to achieve local privilege escalation. The nftverdictinit function allows positive values as drop errors within the hook verdict, and thus the nfhookslow function can cause a double-free vulnerabili...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

A null pointer dereference flaw was discovered in the hugetlbfsfillsuper function within the Linux kernel’s hugetlbfs Huge TLB pages functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on the system...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iouring: prevents reg-wait speculation. By using ENTEREXTARGREG instead of passing a user pointer along with arguments for the waiting loop, the user can specify an offset within a pre-mapped region of memory. In this case, offse...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: fixed a UAF in smb20oplockbreakack. removed references after using opinfo...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Netwerk: wwan: t7xx: Split 64-bit accesses to fix alignment issues Some registers are aligned at a 32-bit boundary, causing alignment errors on 64-bit platforms. It is not possible to handle kernel paging requests at the virtu...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: mmmremap.c: Avoid unnecessary calls to invalidrangestart/invalidaterangeend when using mremap with oldsize=0. If the mremap system call with oldsize=0 ends up in movepagetables, it will unnecessarily call...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: dma-debug: Do not call dmaentryalloccheckleak under freeEntriesLock. dmaEntryallocCheckleak calls into printk, which results in serial console output qcom GenI. It also grabs portLock under freeEntriesLock. This involves a...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: i915/perf: Fixed NULL dereference bugs with drmdbg calls When the i915 perf interface is not available, dereferencing it will result in NULL references. Returning -ENOTSUPP is a clear indication of a return value when the perf...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed the DRM panic due to a null pointer when the driver does not support atomic operations. When the driver does not support atomic operations, fb uses plane-fb instead of plane-state-fb. Identified from commit...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fixed bugs that occurred outside the bounds of the allowed values, caused by the absence of skb-macheader. If an AFPACKET socket is used to send packets through ipvlan, and the default xmit function of the AFPACKET socket...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: iouring: fixed the truncation of the regbuf vector size. There is a report that ioestimatebvecsize truncates the calculated number of segments, leading to corruption issues. Ensure that the “int” variables used later do not...