Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Use rawsmpprocessorid instead of smpprocessorid. The following call trace was observed: localhost kernel: nvme nvme0: NVME-FC0: Controller connect complete localhost kernel: BUG: Using smpprocessorid in preemptible...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: cfg80211 – Reject authentication/association requests to APs using our own address. If the AP uses our own address as its MLD Media Access Layer address or BSSID Basic Service Set Identifier, then something is clearly wrong...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ipmisi: fixed a memory leak in trysmiinit Kmemleak reported the following information regarding the memory leak in trysmiinit: Unreferenced object 0xffff00018ecf9400 size 1024: Command "modprobe", PID 2707763, jiffies 43008514...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: interconnect: Do not access reqlist while it’s being manipulated. The icclock mutex was split into separate icclock and iccbwlock mutexes in 1 to avoid lockdep splats. However, this did not adequately protect access to...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: SCTP: Added a refcnt to sctpstreampriorities to avoid a nested loop. With this refcnt added to sctpstreampriorities, we no longer need to traverse all streams to check whether a priority is used by other streams when freeing the...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

The IPv6 implementation in the Linux kernel before version 6.3 has a maxsize threshold in the net/ipv6/route.c file that can be easily exceeded. This can lead to a denial of service condition, where the network becomes unreachable, resulting in errors when IPv6 packets are sent through a raw sock...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: A NULL pointer dereference occurred in the updatecpuqosrequest function. The updatecpuqosrequest function attempts to initialize the freq variable by dereferencing cpudata before verifying whether the policy...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Tracing: A memory leak was fixed in testgensynthcmd and testemptysynthevent. In testgensynthcmd, the buffer is freed only in the “fail” path. Therefore, the buffer may be leaked when there is no failure. Adding kfreebuf preven...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mctp: i2c: Fixed a skb memory leak in the receive path. When midev-allowrx is set to false, the newly allocated skb is not consumed by netifrx. It is necessary to free the skb directly...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs: init flagsvalid before calling vfsfileattrget syzbot reported a uninit-value bug in 1. Similar to the “get” context, where the kernel’s filekattr structure is initialized before calling vfsfileattrget, we should use the same...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to perform sanity checks on inline inode. Yanming reported a kernel bug on Bugzilla Kernel 1, which can be reproduced. The bug message is as follows: The kernel message is displayed as follows: Kernel BUG at...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls bpfxdppulldata or bpfxdpadjusttail. The referenced commit in the fixes tag...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net-shapers: Do not free the reply skb after genlmsgreply. genlmsgreply passes the reply skb to netlink, and netlinkunicast consumes it on all return paths, regardless of whether the skb is successfully queued or freed due to an...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: mpi3mr: Issues in the mpi3mrgetalltgtinfo function have been fixed. The function mpi3mrgetalltgtinfo has four issues: 1 It calculates the valid entry length in alltgtinfo by assuming that the header part of the struct...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: mt7925: fixed an off-by-one issue in mt7925mcuhwscan. The ssid-ssids and sreq-ssids arrays contain elements with the value MT7925RNRSCANMAXBSSIDS; therefore, this value should be set to a larger value to prevent...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: firmware: armsdei: Fix sleep from invalid context BUG Running a preempt-rt v6.2-rc3-rt1 based kernel on an Ampere Altra triggers: BUG: sleeping function called from invalid context at kernel/locking/spinlockrt.c:46 inatomic: 0,...

Astra Linux - уязвимость в linux, linux-5.10

The function emsusbstartxmit in the file drivers/net/can/usb/emsusb.c within the Linux kernel, up to version 5.17.1, contains a double-free...

Astra Linux - уязвимость в linux-5.10, linux

A flaw was discovered in the Linux kernel. A denial-of-service attack may occur if a consecutive request for NVMEIOCTLRESET and NVMEIOCTLSUBSYSRESET is made through the device file of the driver, resulting in a disconnection of the PCIe link...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: Netfilter: conntrack – re-fetching of conntrack entries after insertion. In cases where conflicts occur between conntrack entries, the insertion operation can free the skb-nfct field, and set skb-nfct to the already-confirmed...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nstree: tightened permission checks for listing. Even privileged services should not necessarily be able to access the namespaces of other privileged services, so that they cannot leak information to each other. Use the...