Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Skips the dev-iotlb flush for inaccessible PCIe devices without scalable mode. PCIe endpoints with ATS enabled and passed through to userspace e.g., QEMU, DPDK can cause a system hard lock when their link fails, eithe...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: GPIO: sysfs: fix the issue where removing a chip with GPIOs exported through sysfs occurs. Currently, if we export a GPIO through sysfs and unbind the parent GPIO controller, the exported attribute will remain under...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: Ensure that we call ipv6mcdown at most once. There are two reasons why addrconfnotify is called with NETDEVDOWN: Either the network device is actually going down, or IPv6 was disabled on the interface. If either of the...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: drm/sti: The return type of stidvo,hda,hdmiconnectormodevalid has been corrected. With Clang’s Kernel Control Flow Integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer...

Astra Linux - уязвимость в linux-5.10

A race condition was detected in the Linux kernel’s watch queue due to a missing lock in the piperesizering function. The specific flaw lies in the handling of pipe buffers. The problem arises from the lack of proper locking when performing operations on an object. This flaw allows a local user t...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: sched/core: Page allocation is disabled in tasktickmmcid. With KASAN and PREEMPTRT enabled, calling taskworkadd within tasktickmmcid may cause the following crash. 63.696416 BUG: A sleeping function is called from an invalid...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fixed a slab-out-of-bounds issue in sesintfremove. A fix for the issue is as follows: BUG: KASAN: A slab-out-of-bounds condition occurred in sesintfremove+0x23f/0x270 ses. The size of the read operation was 8 bytes at...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: mac80211: A potential double-free operation occurred during mesh join. While commit 6a01afcf8468 “mac80211: Mesh: Deleting ie data when leaving the mesh” fixed a memory leak that occurred during mesh leave/teardown, it introduced...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: iio: accel: sca3300: fixed uninitialized iio scan data Fixed the potential leak of uninitialized stack data into the user space by ensuring that the channels array is cleared before use...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k – Fixed deadlock during the flushing of management frames The commit 1 converted the management transmission work item into a wiphy work item. Since a wiphy work item can only run under wiphy lock protection, a race...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xprtrdma: Decrementing rereceiving on early exit paths In cases where rpcrdmapostrecvs fails to create a work request due to memory allocation failures, for example or exits early, we should decrement ep-rereceiving before...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Clearing DMA operations when switching domains Since the commit 08a27c1c3ecf “iommu: Adding support for changing the default domain of an iommu group”, a user can switch a device between IOMMU and direct DMA through...

Astra Linux - уязвимость в linux-5.10, linux-5.15

A use-after-free flaw was discovered in the Linux kernel’s netfilter, where a user triggers the nftpipaporemove function with an element without using NFTSETEXTKEYEND. This issue could allow a local user to crash the system or potentially escalate their privileges on the system...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: capabilities: Defined behavior in bit shifting for CAPTOMASK was fixed. Shifting a signed 32-bit value by 31 bits is undefined; therefore, the significant bit was changed to unsigned. The UBSAN warning during call tracing is a...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: Removed the RTNL dance for SIOCBRADDIF and SIOCBRDELIF. SIOCBRDELIF is passed to devioctl first, and then forwarded to brioctlcall, which causes unnecessary RTNL dance and a segmentation fault below 0 under RTNL pressure...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumrouter: Fix neighbor use-after-free We sometimes observe use-after-free when dereferencing a neighbor 1. The problem seems to be that the driver stores a pointer to the neighbor, but does not hold a reference to it...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: In the fbdev subsystem, within the vt8623fb function, there is a issue where the value of screensize is calculated based on user input. If an improper value is provided by the user, the value of screensize may be larger than...

Astra Linux - уязвимость в linux-5.10, linux

A use-after-free flaw was identified due to a race between the superblock operations in the gadgetfs Linux driver. This flaw could be triggered by removing a device that is running the gadgetfs side...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: fixed a transaction abort during file creation due to name hash collisions. If we attempt to create several files with names that result in the same hash, we must package them in the same directory item, and there is a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: macsec: Fixed the offload support for the NETDEVUNREGISTER event. The current macsec netdev notify handler handles the NETDEVUNREGISTER event by releasing only the relevant software resources. This can lead to resource leaks...