Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Fixed a null-ptr-deref issue in inode-iop in ntfslookup. Syzbot reported a null-ptr-deref bug: ntfs3: loop0: The sector size of NTFS is 1024, while the media sector size is 512. ntfs3: loop0: Marking the volume as...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In md/raid10, there is a issue where memory leaks occur in the MD thread. In raid10run, if setupconf succeeds and raid10run fails before setting ‘mddev-thread’, then the variable ‘conf-thread’ is not freed after the failure. This...

Astra Linux – Vulnerability in Linux, Linux 5.10, Intel-Microcode

Incomplete cleanup of multi-core shared buffers on certain Intel processors may allow an authenticated user to potentially disclose information through local access...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: smb/client: fixed a memory leak in smb2openfile Reproducing steps: 1. Server: Directories are exported as read-only. 2. Client: mount -t cifs //$serverip/export /mnt. 3. Client: dd if=/dev/zero of=/mnt/file bs=512 count=1000...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Tracing: Fixed a race condition in kprobe initialization that could lead to NULL pointer dereferencing. There is a critical race condition in kprobe initialization that can result in NULL pointer dereferencing and the kernel...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: exfat: fixed a potential deadlock in exfatgetdentryset When accessing a file with more entries than ESMAXENTRYNUM, the bh-array is allocated in exfatgetdentryset. The problem is that the bh-array is allocated using GFPKERNEL. Thi...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fixed an issue involving an untrusted unsigned subtraction operation. The following warnings from the “SMatch static checker” have also been fixed: net/rxrpc/rxgkapp.c:65 rxgkyfsdecodeticket Warning: Untrusted unsigned...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: NFSD: Fixed a potential use-after-free in nfsdfileput The nfsdfileputnoref function can free the @nf object. Therefore, do not dereference @nf immediately after returning from nfsdfileputnoref...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed another “off-by-one” issue with the fsmap for 1k-block file systems. It seems that syzbot discovered that issuing the FSMAP call as follows: c struct fsmaphead cmd = .fmhcount = ...; .fmhkeys = .fmrdevice = / ext4...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: NFS: Fixed a deadlock involving nfsreleasefolio Wang Zhaolong reported a deadlock involving NFSv4.1 state recovery, waiting on kthreadd, which attempts to reclaim memory by calling nfsreleasefolio. The latter cannot proceed due t...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed the sanity check on summary information As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 BUG: KASAN: use-after-free in recoverdata+0x63ae/0x6ae0 f2fs Read of size 4 at addr...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ppp: Fixed race conditions in pppfillforwardpath. pppfillforwardpath has two race conditions: 1. The ppp-channels list can change between listempty and listfirstentry, as ppplock is not held. If the only channel is deleted in...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Check instead of asserting on nested TSC scaling support Check for nested TSC scaling support on nested SVM VMRUN instead of asserting that TSC scaling is exposed to L1 if L1’s MSRAMD64TSCRATIO has diverged from KVM’s...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: iouring: Fixed a null-ptr-deref in iotctxexitcb. Syzkaller reports a NULL deref bug as follows: BUG: KASAN: null-ptr-deref in iotctxexitcb+0x53/0xd3 Read of size 4 at address 0000000000000138 by task file1/1955 CPU: 1 PID: 195...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: The folio lock is released upon a successful read from fscache. Under the current code, when cifsreadpageworker is called, the contract between the caller and the callee is that the callee should unlock the page. This is...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the bpf and arm64 architectures, there is a vulnerability where forced 8-byte alignment of the JIT buffer is required to prevent atomic tearing. The struct bpfplt structure contains a u64 target field. Currently, the BPF JIT...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ACPI: Processor – Check for a null return value from devmkzalloc in fchmiscsetup The devmkzalloc function may fail, and clkdata-name may be NULL. This could lead to a NULL pointer dereferencing later. rjw: Subject and changelog...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: ov8865: Fixed an error handling path in ov8865probe The commit in “Fixes” also introduced some new error handling mechanisms; these new mechanisms should replace the existing error handling paths. Otherwise, some resources...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nfc: virtualncidev: Fixed a memory leak in virtualncisend The skb object should be freed in virtualncisend; otherwise, kmemleak will report a memleak. Steps for reproduction simulated in qemu: cd tools/testing/selftests/nci make...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: gtp: Fixed use-after-free and null-ptr-deref issues in gtpgenldumppdp. The gtpnetops pernet operations structure for the subsystem must be registered before registering the generic netlink family. Syzkaller reported a “general...