Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

A use-after-free vulnerability in the Linux kernel’s netfilter:nftables component can be exploited to achieve local privilege escalation. The function nftpipapowalk does not skip inactive elements during the set walk, which can result in double deactivation of PIPAPO Pile Packet Policies elements...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

A denial-of-service vulnerability due to a deadlock was discovered in sctpautoasconfinit in net/sctp/socket.c within the SCTP subsystem of the Linux kernel. This flaw allows users with local user privileges to trigger a deadlock and potentially cause the system to crash...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

A use-after-free vulnerability was discovered in the siano smsusb module within the Linux kernel. The bug occurs during device initialization, when the siano device is plugged in. This flaw allows a local user to crash the system, resulting in a denial-of-service condition...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

A denial-of-service issue was detected, possibly due to a recursive locking scenario, which led to a deadlock in the tableclear function in drivers/md/dm-ioctl.c within the Linux Kernel Device Mapper-Multipathing sub-component...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

A use-after-free flaw was discovered in xen9pfsfrontremovet in net/9p/transxen.c within the Xen transport for 9pfs in the Linux kernel. This flaw could allow a local attacker to cause the system to crash due to a race condition, potentially leading to a kernel information leak...

Astra Linux - уязвимость в linux-5.10, linux

A vulnerability has been discovered in the Linux kernel. It has been identified as a problem. The vulnerability affects the intrcallback function in the drivers/net/usb/r8152.c file of the BPF component. Manipulation of this function results in the logging of excessive data. The attack can be...

Astra Linux - уязвимость в linux, linux-5.10

A list management bug in BSS handling in the mac80211 stack of the Linux kernel versions 5.1 through 5.19.x, prior to 5.19.16, could be exploited by local attackers those capable of injecting WLAN frames to corrupt a linked list and, in turn, potentially execute unauthorized code...

Astra Linux - уязвимость в linux, linux-5.10

A vulnerability, classified as critical, has been discovered in the Linux kernel. The affected component is the deltimer function in the file drivers/isdn/mISDN/l1oipcore.c of the Bluetooth module. This vulnerability allows for manipulation leading to memory deallocation after it has been freed. ...

Astra Linux - уязвимость в linux-5.10, linux

A flaw was discovered in the Linux kernel’s implementation of proxied virtualized TPM devices. In a system where virtualized TPM devices are enabled which is not the default setting, a local attacker can exploit this flaw to create a “use-after-free” condition, potentially allowing them to escala...

Astra Linux - уязвимость в linux, linux-5.10

A flaw was discovered in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability...

Astra Linux - уязвимость в linux, linux-5.10

A use-after-free flaw was discovered in fs/ext4/namei.c:dxinsertblock, within the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with user privileges to cause a denial of service...

Astra Linux - уязвимость в linux, linux-5.10

A use-after-free flaw was discovered in the Linux kernel’s Bluetooth subsystem. In this flaw, users can simultaneously call the connect and disconnect functions on the socket, leading to a race condition. This flaw may cause the system to crash or allow an escalation of privileges. The most...

Astra Linux - уязвимость в linux, linux-5.10

A flaw was discovered in the s390 eBPF JIT mechanism within bpfjitinsn in the arch/s390/net/bpfjitcomp.c file of the Linux kernel. In this flaw, a local attacker with special user privileges can bypass the verifier, potentially leading to confidentiality issues...

Astra Linux - уязвимость в linux

In the Linux kernel, from drivers/staging/rtl8188eu/osdep/ioctllinux.c, the function rtwwxsetscan allows writing beyond the end of the -ssid array. NOTE: From the perspective of kernel.org’s release processes, CVE IDs are not typically used for drivers/staging/ unfinished work. However, system...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Tracing: The WARNON message in tracingbuffersmmapclose has been fixed. When a process forks, the child process copies the parent’s virtual memory addresses, but the reference count of usermapped is not incremented. As a result,...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: iio: health: afe4403: Fixed an out-of-bounds read in afe4403readraw The KASAN report indicates an out-of-bounds read, as follows: BUG: KASAN: Global-out-of-bounds in afe4403readraw+0x42e/0x4c0 A read of size 4 was performed at th...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: misc: bcmvk: Fixed possible null-pointer dereferencies in bcmvkread. In the function bcmvkread, the pointer entry is checked, indicating that it can be NULL. If the entry is NULL and rc is set to -EMSGSIZE, the following code may...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: ti: icssg-prueth: Fix missing data copying and incorrect recycling in ZC RX dispatch. emacdispatchskbzc allocates a new skb using napiallocskb, but never copies the packet data from the XDP buffer into it. The skb is pass...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerabilities have been resolved: tpm: efi: Use a local variable to calculate the final log size When tpmreadlogefi is called multiple times, which occurs when one loads and unloads a TPM2 driver multiple times, the global variable efitpmfinallogsize will...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: smb: server: avoid double-free in smbdirectfreesendmsg after smbdirectFlushsendlist smbdirectFlushsendlist already calls smbdirectfreesendmsg; therefore, we should not call it again after postsendmsg. It has been moved to the...