721 matches found
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: s390/ap: Fixed a crash in the AP internal function modifybitmap A system crash occurred as follows: Failing address: 200000cb7df6f000 TEID: 200000cb7df6f403 Fault occurred in the home space mode while using the kernel ASCE...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: Timer – Setting a lower limit on the start tick time Currently, the ALSA timer does not have a lower limit for the start tick time. It allows a very small size, such as 1 tick with a 1ns resolution for the hrtimer. Such a...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: meson: axg-card: fixed “use-after-free” issue The buffer “card-dailink” is reallocated in “mesoncardreallocatelinks”. Therefore, the initialization of the “pad” pointer should be moved after this function, when the memor...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible NULL deref in fib6nhinit syzbot reminds us that in6devget can return NULL. fib6nhinit ip6validategw &idev ip6routechecknh idev idev = in6devgetdev; // can be NULL Oops: general protection fault, probably fo...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: security/keys: Fixed an out-of-bounds read in keytaskpermission. KASAN reported an out-of-bounds read: - BUG: KASAN: Out-of-bounds read in kuidval, include/linux/uidgid.h: Line 36 - BUG: KASAN: Out-of-bounds read in uideq,...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exit When a task is scheduled out, pending sigtrap deliveries are deferred to the target task upon resume to user space via taskwork. However, failures during the addition of an event’s callback to the...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: Stopping the “cleaner” kthread before unmounting the volume causes issues. During the unmount process, at closectree, we first stop the “cleaner” kthread using kthreadstop, which frees the associated taskstruct. However,...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: net/sched: Fixed a UAF issue when resolving a collision. KASAN reports the following UAF issues: - BUG: KASAN: A slab-use-after-free issue in tcfctflowtableprocessconn+0x12b/0x380 actct. A size 1 read at address ffff888c076036...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix use-after-free during gpu recovery Why 754.862560 refcountt: underflow; use-after-free. 754.862898 Call Trace: 754.862903 754.862913 amdgpujobfreecb+0xc2/0xe1 amdgpu 754.863543 drmschedmain.cold+0x34/0x39 amdsched...
Astra Linux - уязвимость в linux-5.10
An out-of-bounds memory access flaw was found in the iouring SQ/CQ rings functionality in the Linux kernel. This issue could allow a local user to crash the system...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix double free during GPU reset on DC streams Why The issue only occurs during the GPU reset code path. We first backup the current state prior to commiting 0 streams internally from DM to DC. This state backup...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm/vma: add giveuponoom option on modify/merge, use in uffd release Currently, if a VMA merge fails due to an OOM condition arising on commit merge or a failure to duplicate anonvma's, we report this so the caller can handle it...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: netns: Ensure that getnetns handles zero refcount nets properly. Syzkaller encountered a warning: refcountt: Addition on 0; use-after-free. WARNING: CPU: 3 PID: 7890 at lib/refcount.c:25 refcountwarnsaturate+0xdf/0x1d0 Linked...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fixed the buffer overflow in showrcutasksTracegpkthread. There is a possibility of buffer overflow in showrcutasksTracegpkthread if the counters passed to sprintf are very large. The counter values used for this functi...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow The sanitizer reports the following issues: 62.982337 ------------ Cut here ------------ 62.985692 cgroup:...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Net: Ethernet: lantiqetop: fixed a double-free condition in the “detach” operation. The number of descriptors that have been released so far is never incremented, which results in the same skb being released multiple times...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: wifi: mt76: replace skbput with skbputzero Avoid potentially reusing uninitialized data...
Exploit for Privilege Context Switching Error in Canonical Ubuntu_Linux
PoC exploit for CVE-2021-3493, a local privilege escalation vulnerability in Ubuntu OverlayFS. The target is the Linux kernel, specifically the overlayfs file system, which did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker coul...
kernel: SELinux and mmap_min_addr
The Linux kernel before 2.6.31-rc7 does not properly prevent mmap operations that target page zero and other low memory addresses, which allows local users to gain privileges by exploiting NULL pointer dereference vulnerabilities, related to 1 the default configuration of the allowunconfinedmmapl...
nfs-utils: missing tcp_wrappers support
A certain Red Hat build script for nfs-utils before 1.0.9-35z.el52 on Red Hat Enterprise Linux RHEL 5 omits TCP wrappers support, which might allow remote attackers to bypass intended access restrictions...