Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: rtw89: Fix for soft lockup in rtw89entityrecalcmgntroles. During rtw89entityrecalcmgntroles, there is a normalization process that will reorder the list if an entry with the target pattern is found. Once such an entry is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: vsock/bpf: Return early if the transport is not assigned. Some of the core functions can only be called if the transport has been assigned. As Michal reported, a socket may have NULL as the transport value, for example after a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nvmet: Fixed a crash that occurs when a namespace is disabled. The percpu counter in the namespace is responsible for handling pending I/O operations. We can safely disable the namespace only after the counter drops to zero...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm/zswap: fixed an inconsistency when zswapstorepage fails. The commit b7c0ccdfbafd “mm: zswap: support large folios in zswapstore” skips charging any zswap entries when it fails to zswap the entire folio. However, when some...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: airoha: Fixed the qid issue in the airohatcgethtbgetleafqueue routine. Fixed the following kernel warnings when deleting HTB offloaded leafs and/or root HTB qdisc in the airohaeth driver: The HTB qdisc properly reports qi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: The ctx variable was initialized to avoid a memory allocation error. It is possible that the ctx variable in nfqnlbuildpacketmessage could be used before it is properly initialized. It is only initializ...

Astra Linux - уязвимость в linux-5.10, linux

A issue was discovered in the Linux kernel, specifically in the nfconntrackirc module. In this case, the message handling mechanism can become confusing, and messages may be matched incorrectly. It is possible for a firewall to be bypassed when users use unencrypted IRC with the nfconntrackirc...

Astra Linux - уязвимость в linux, linux-5.10

A vulnerability has been identified in the Linux kernel and is classified as problematic. This vulnerability affects the function inet6streamops/inet6dgramops of the IPv6 Handler component. The vulnerability causes a race condition. It is recommended that a patch be applied to address this issue...

Astra Linux - уязвимость в linux-5.10, linux

An incorrect TLB flush issue was detected in the Linux kernel’s GPU i915 kernel driver. This flaw may lead to random memory corruption or data leaks. It could also allow a local user to crash the system or escalate their privileges on the system...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a bug in extent parsing when ehentries == 0 and ehdepth 0. When traversing inode extents, the ext4extbinsearchidx function assumes that the extent header has been validated previously. However, there are no checks ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cgroup: Added the missing cpusreadlock function to cgroupattachtaskall. The syzbot tool encounters a warning regarding percpurwsemassertheld&cpuhotpluglock when calling cpusetattach 1. This issue was missed because cpusetattach i...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer The driver’s probe allocates memory for the RX FIFO port-rxfifo based on the default RX FIFO depth, such as 16. Later, during serial initialization,...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Regulator: da9211 – Use the irq handler when ready. If the system does not start from a reset state such as when it is in kexec mode, the regulator might have an IRQ waiting for processing. If we enable the IRQ handler before its...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: perf: Fix for perfpendingtask UaF According to syzbot, it is possible for perfpendingtask to continue running after the event has been freed. There are two related but distinct cases: - The taskwork was already queued before the...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Check bounds for the second channel in sndsocputvolswsx The bounds checks in sndsocputvolswsx are only applied to the first channel. This means that it is possible to write out-of-bounds values to the second channel in...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: afunix: The userns value is obtained from inskb in unixdiaggetexact. Wei Chen reported a NULL derefrence in skuserns 01. Paolo identified the root cause: in unixdiaggetexact, the newly allocated skb does not have the sk structure...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: drm/shmem-helper: Removed the erroneous “put” operation in the error path. The drmgemshmemmmap function does not handle this reference properly, resulting in the GEM object being freed prematurely, leading to a “use-after-free...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: The issue of reference count leak for PCI devices in hasexternalpci has been fixed. foreachpcidev is implemented through pcigetdevice. The comment accompanying pcigetdevice states that it will increase the reference...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: phy: Fixed a null-ptr-deref issue when the probe function failed. I received a report of a null-ptr-deref issue during the fault injection test. Bug: NULL pointer dereferencing in the kernel. Address: 0000000000000058 Oops:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: libbpf: Handling of size overflow for ringbuf mmap The maximum size of a ringbuf on an x86-64 host is 2GB. Therefore, 2 maxentries will cause an overflow of type u32 when mapping producer pages and data pages. Simply casting...