Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Fixed the polling for GICRCTLR.RWP. It turns out that our polling of RWP is completely incorrect when checking it in the redistributors. We were testing the distributor bit index, but it’s actually a different bit...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Audit: fixed a possible null-pointer dereference in auditfilterrules. A possible null-pointer dereference was addressed in auditfilterrules. Error in auditfilterrules: we previously assumed that ‘ctx’ could be null...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: clk: socfpga: Fixed a memory leak in socfpgagateinit The objects @socfpgaclk and @ops were freed on the error path to avoid the memory leak issue...

Astra Linux - уязвимость в linux-5.15

A race condition in the x86 KVM subsystem within the Linux kernel, as of 6.1-rc6, allows guest OS users to cause a denial of service host OS crash or host OS memory corruption when nested virtualization is enabled and the TDP MMU is also enabled...

Astra Linux - уязвимость в linux-5.15

A buffer overflow vulnerability was discovered in the Linux kernel’s Intel iSMT SMBus host controller driver. This vulnerability allows a local user to crash the system by triggering the I2CSMBUSBLOCKDATA function with malicious input data. source-iocs-preserved const=I2CSMBUS...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix warning message due to adisc being flushed Fix warning message due to adisc being flushed. Linux kernel triggered a warning message where a different error code type is not matching up with the expected type. A...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec – Fixed memory leak during the release of the sec resource. The AIV is one of the SEC resources. When releasing resources, it is necessary to release the AIV resources at the same time. Otherwise, memory...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ftrace: A null pointer dereference occurred in ftraceaddmod. The @ftracemod is allocated using kzalloc. Therefore, both members prev, next of @ftracemode-list are NULL. This makes calling listdel invalid. If kstrdup for...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fixed the use of VAS memory after freeing it. The reference count on the memory module is dropped before the coprocessor is detached...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fixed null pointer dereferencing in pinctrldttomap Here is the BUG report by KASAN regarding null pointer dereferencing: BUG: KASAN: nullptrderef in strcmp+0x2e/0x50 A read of size 1 was performed at address...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: arm64/crc-t10dif: fixed the use of an array that was used outside of its scope in crct10difarch. A silly bug was fixed, where an array was used beyond its scope...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: i2c: Fixed a potential use after free The adap structure should only be freed after we have finished using it. This patch simply moves the putdevice function slightly to avoid the potential issue after freeing the structure. wsa:...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Watchdog: sc520wdt: A possible use-after-free occurred in wdtturnoff. The remove method of this module calls deltimer. However, that function does not wait for the timer handler to complete. This means that the timer handler may...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Input: imxsckey – fixed memory corruption upon unloading. It should be labeled as “priv”, but we accidentally passed “&priv”, which is an address in the stack. This can lead to memory corruption when the imxsckeyaction function i...

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in the ksmbd component of the Linux kernel. A deadlock occurs when multiple session setup requests are sent simultaneously, which may lead to a denial of service...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm: Don’t spin in addstackrecord when gfp flags don’t allow. The syzbot tool was able to identify the following functions: addstackrecordtolist in mm/pageowner.c:182 inline incstackrecordcount in mm/pageowner.c:214 inline...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: arm/crc-t10dif: Fixed the use of an array that was used outside of its scope in crct10difarch. Fixed a silly bug where an array was used beyond its scope...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: skmsg: Fixed the incorrect last sg check in skmsgrecvmsg. Also, one instance of a kernel NULL pointer dereferencing was fixed as follows: 224.462334 Call Trace: 224.462394 tcpbpfrecvmsg+0xd3/0x380 224.462441 ? sockhasperm+0x78/0x...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rtc: tps6594: Fixed integer overflow on 32-bit systems The issue arises from the multiplication in tps6594rtcsetoffset. c tmp = offset TICKSPERHOUR; The tmp variable is of type s64, but offset is of type long and lies in the rang...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv – Properly handles the EBUSY error. Since seqiv only handles the special return value of EINPROGERSS, it means that in all other cases, it will free the data related to the request. However, since the caller of seqi...