Astra Linux - уязвимость в linux-5.15, linux-6.1

A flaw was discovered in vringhkiovadvance in drivers/vhost/vringh.c, located in the host side of a virtio ring within the Linux Kernel. This issue may lead to a denial of service from the guest to the host through zero-length descriptors...

Astra Linux - уязвимость в linux-5.10, linux-5.15

A use-after-free vulnerability in the Linux kernel’s netfilter:nftables component can be exploited to achieve local privilege escalation. When an error occurs during the creation of a nftables rule, deactivating immediate expressions in nftimmediatedeactivate can cause the chain to be unbound,...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Ring Buffer: Do not attempt to read beyond the “commit” boundary. When iterating over the ring buffer while the ring buffer is active, the writer can corrupt the reader. There are mechanisms to detect and handle this issue, but t...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: brcmnand: Fixed a potential out-of-bounds access during oob writing. When the oob buffer length is not a multiple of words, the oob writing function may cause out-of-bounds reading of the oob source buffer during th...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: iommu/omap: Fixed buffer overflow in debugfs There are two issues here: 1 The “len” variable needs to be checked before the very first write. Otherwise, if omap2iommudumpctx is called with “bytes” less than 32, it will result ...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent buffer overflow crashes in debugfs due to malformed user input. Malformed user input to debugfs can lead to buffer overflow crashes. Adjust the length of the input string to fit within the internal buffers,...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

A race condition was detected in the GSM 0710 tty multiplexor within the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled. It can lead to a use-after-free issue with the struct gsmdlci during the...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

A use-after-free flaw was discovered in the ext4remount function in the fs/ext4/super.c file within ext4 in the Linux kernel. This flaw allows a local user to cause an information leak issue when freeing the old quota file names before a potential failure, resulting in a use-after-free condition...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

A use-after-free flaw was discovered in xen9pfsfrontremovet in net/9p/transxen.c within the Xen transport for 9pfs in the Linux kernel. This flaw could allow a local attacker to cause the system to crash due to a race condition, potentially leading to a kernel information leak...

Astra Linux - уязвимость в linux

A vulnerability was discovered in the Linux kernel’s EBPF verifier when handling internal data structures. Internal memory locations could be exposed to userspace. A local attacker with the permission to insert eBPF code into the kernel can exploit this vulnerability to leak internal kernel memor...

Astra Linux - уязвимость в linux, linux-5.10

A data race flaw was discovered in the Linux kernel, between the allocation of the con variable and the setting of con-sock. This issue results in a NULL pointer dereferencing when accessing con-sock-sk in the net/tipc/topsrv.c file within the tipc protocol in the Linux kernel...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

A flaw was discovered in the Linux Kernel’s RDS Reliable Datagram Sockets protocol. The rdsrmzerocopycallback function uses listentry on the head of a list, resulting in a type confusion. A local user can trigger this with the rdsmessageput function. This type confusion causes the struct...

Astra Linux - уязвимость в linux-5.10, linux

A memory leak flaw was discovered in the Linux kernel’s Stream Control Transmission Protocol. This issue may occur when a user initiates a malicious networking service, and someone connects to this service. This could allow a local user to deplete resources, resulting in a denial of service...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fixed a use-after-free issue related to aborted TMF sastask. Currently, a use-after-free might occur if the TMF sastask is aborted before we handle the I/O completion in mpisspcompletion. This abort occurs due to a...

Astra Linux - уязвимость в linux, linux-5.10

A vulnerability, classified as critical, has been discovered in the Linux kernel. The affected component is the deltimer function in the file drivers/isdn/mISDN/l1oipcore.c of the Bluetooth module. This vulnerability allows for manipulation leading to memory deallocation after it has been freed. ...

Astra Linux - уязвимость в linux-5.10, linux

A flaw related to the use of “free” in the Linux kernel’s Video4Linux driver was discovered in the way that triggers em28xxusbprobe, for Empia 28xx-based TV cards. A local user could exploit this flaw to crash the system or potentially escalate their privileges on the system...

Astra Linux - уязвимость в linux, linux-5.10

A use-after-free flaw was discovered in the Linux kernel’s Bluetooth subsystem. In this flaw, users can simultaneously call the connect and disconnect functions on the socket, leading to a race condition. This flaw may cause the system to crash or allow an escalation of privileges. The most...

Astra Linux - уязвимость в linux

A NULL pointer dereference flaw was discovered in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem, regarding the way the user terminates the LR-WPAN connection. This flaw allows a local user to crash the system. The greatest threat posed by this vulnerability is to system...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: usbnet: Fixed the issue where linkwatch used-after-free occurred after a disconnection. usbnet uses the function usbnetdeferredkevent to perform tasks that might sleep. After a disconnection, the completion of these tasks was...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: i2c: core: Perform atomic i2c transfers when !preemptible is set. Since bae1d3a05a8b, i2c transfers are not atomic if preemption is disabled. However, non-atomic i2c transfers require preemption e.g., during waitforcompletion, wh...