Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RCU: Fixed the lockdep warning in thiscpuread in rcuforcequiescentstate. Running rcutorture with a non-zero fqsduration module parameter in a kernel built with CONFIGPREEMPTION=y results in the following error: BUG: Using...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: When performing a btrfs mount, the block device is not set correctly. The user sets the block size of the block device to 0x4000 by executing the BLKBSZSET command. Since changing the block size also affects the...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed an issue in verifying allowptrleaks. After we changed the capabilities of our networking-bpf program from capsysadmin to capnetadmin+capbpf, our networking-bpf program failed to start. This was because it failed the bp...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: bug fix while parsing mipi-sdca-control-cn-list The struct sdcacontrol structure declares the “values” field as an integer array. However, the memory allocated for this field is actually a char array. This causes a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: idpf: Detaching and closing netdevs while handling a reset Protect the reset path from callbacks by setting the netdevs to detached state and closing any netdevs in UP state until the reset handling is completed. During a reset,...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/client: Fixed a memory leak in drmclienttargetcloned. The dmtmode variable is allocated but never freed within this function. This issue was discovered with the ast driver, but most drivers that use the generic fbdevsetup...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: mt76: mt7996: fixed a memory leak in mt7996mcuexit. The mcuskb queues in the mt7996mcuexit routine must always be purged, even if mt7996firmwarestate fails...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: vduse: fixed NULL pointer dereference. The vdusevdpasetvqaffinity callback can be called with a NULL value as the cpumask when deleting the vduse device. This patch resets virtqueue’s IRQ affinity mask value to set all CPUs inste...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Fuse: A missing copyfinish function in fuse-over-io-uring argument copies. This issue causes a possible reference count leak of payload pages during argument copies. Joanne: Simplified error cleanup...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Unallocated resources are no longer allowed to be returned. In cases where the topology requests resources that have not been created by the system since they are typically not represented in dpumdsscfg, the resource...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: dm: verity-loadpin: Only trust verity targets with enforcement Verity targets can be configured to ignore corrupted data blocks. LoadPin must only trust verity targets that are configured to perform some kind of enforcement when...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k: A NULL pointer dereferencing issue was fixed in ath12kmacophwscan. In ath12kmacophwscan, the return value of kzalloc is directly used in memcpy, which may lead to a NULL pointer dereferencing if kzalloc fails. This...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k: The peer lookup in ath12kdpmonrxdelivermsdu failed because rxcb-peerid was not updated with a valid value. This issue is expected in monitor mode, where RX frames bypass the regular RX descriptor path, which typical...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: erofs: Fixed invalid cases for encoded extents. Robert recently reported two corrupted images that can cause system crashes. These issues are related to the new encoded extents introduced in Linux 6.15: - The first image has...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: HSI: omapssi: Fixed a refcount leak in ssiprobe. When returning from or prematurely terminating a foreachavailablechildofnode loop, we need to explicitly call ofnodeput on the child node to potentially release the node...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed a memory leak in the ntfsfillsuper error path. syzbot reported the issue as follows: BUG: Memory leak Unreferenced object: 0xffff8880122f1540 size: 32 bytes Command: "a.out", PID: 6664; Jiffies: 4294939771 time...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ethtool: eeprom: fixed the null-dereference on genlinfo in the dump. A similar fix, as described in commit 46cdedf2a0fa “ethtool: pse-pd: fixed the null-dereference on genlinfo in the dump”, is also required for ethtool eeprom...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: Dropping aux devices along with the DP controller Using devres to depopulate the aux bus ensured that upon a probe delay, the EDP panel device would be destroyed and recreated upon the next attempt. However, the struc...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: seccomp: Move copyseccomp to the no-failure path. Our syzbot instance reported memory leaks in doseccomp, similar to the reports 1. This indicates that we are failing to properly free the struct seccompfilter and some objects...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Fixed the direction of 0-length ioctl control messages The syzbot fuzzer identified a issue with the usbtmc driver: When a user sends an ioctl with a 0-length control transfer, the driver does not check whether the...