Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: A possible reference count leak in smb2open has been fixed. The reference count of ACLs will cause a leak when memory allocation fails. This issue has been addressed by adding the missing posixaclrelease function...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Validating the payload size in the IPC response When installing malicious ksmbd-tools, ksmbd.mountd may return an invalid IPC response to the ksmbd kernel server. ksmbd should validate the payload size of the IPC response...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Fixed the error handling code for allocrange. A few users have reported display corruption when booting the machine into KDE Plasma or playing games. We identified a problem where, whenever allocrange failed to find th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/dp: Fixed a divide-by-zero regression that occurred when unplugging a StarTech MSTDP122DP DisplayPort 1.2 MST hub using nouveau. Fixed a regression that occurred when using nouveau and unplugging a StarTech MSTDP122DP...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a slab-out-of-bounds issue in smb2allocaterspbuf. If -ProtocolId is set to SMB2 TRANSFORMPROTONUM, the validation of the request size could be skipped. If the request size is smaller than sizeofstruct smb2queryinfore...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: NFS: Fixed the xarray locking mechanism in nfsnetfsissueread for writeback interrupts. The loop within nfsnetfsissueread currently does not disable interrupts during the iteration of pages in the xarray to perform NFS reads. This...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: libbpf: Use of the OPTSSET macro in bpfxdpquery When the featureFlags and xdpzcmaxsegs fields were added to the libbpf bpfxdpQueryOpts structure, the code that wrote these fields did not use the OPTSSET macro. This causes libbpf ...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: Do not reallocate the workqueue every time an interface is added. The commit 09ed8bfc5215 “wilc1000: Rename the workqueue from “WILCwq” to “NETDEV-wq” moved the creation of the workqueue in wilcnetdevifcinit, in...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix NULL-dereferencing on non-serdev controllers during suspension Qualcomm ROME controllers can be registered through the Bluetooth interface. In this case, the HCI UART serdev pointer is NULL. A missing sanity...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: gro: fixed ownership transfer If packets are received using GRO, they may be segmented later on and continue their journey within the stack. In skbSegmentlist, these segments can be reused as they are. This is a problem because...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Register devlink first under the devlink lock. If the device encounters a non-fatal firmware error during the probe, the driver will report the error to the user via devlink. This will trigger a WARN, since mlx5 calls...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: tlb: Fixed the TLBI RANGE operand KVM/arm64 relies on the TLBI RANGE feature to flush TLBs when the dirty pages are collected by the VMM and the page table entries become write-protected during live migration. Unfortunatel...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: virtionet: Do not send RSS commands if the feature is not available on the device. There is a bug when setting RSS options in virtionet that can cause the entire machine to become unstable, leading to an infinite loop in the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: igb: Fixed string truncation warnings in igbsetfwversion. Commit 1978d3ead82c “intel: fixed string truncation warnings” fixes the warning “-Wformat-truncation=” in igbmain.c by using kasprintf. In...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: Use mlx5ipsecrxstatusdestroy to correctly delete status rules. rxcreate no longer allocates a modifyhdr instance that needs to be cleaned up. The mlx5modifyheaderdealloc call will lead to a NULL pointer dereference. ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Thermal/debugfs: Fixed two locking issues related to the thermal zone debug. With the current locking mechanism for thermal zones in the debugfs code, user space can open the “mitigations” file for a thermal zone before the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-glue: Fix for ofk3udmaglueParsechnbyid The ofk3udmaglueParsechnbyid helper function erroneously invokes “ofnodeput” on the “udmaxnp” device node that was passed to it. Additionally, its reference count was...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: s390/mm: The handling of VMFAULTHWPOISON in doexception has been fixed. There is no support for HWPOISON, MEMORYFAILURE, or ARCHHASCOPYMC on s390. Therefore, we do not expect to see VMFAULTHWPOISON in doexception. However, since...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/filemap: Skip the creation of a PMD-sized page cache if necessary. On ARM64, HPAGEPMDORDER is 13 when the base page size is 64KB. The PMD-sized page cache cannot be supported by xarray, as indicated by the following error...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ionic: Use devconsumeskbany outside of NAPI. If we are not in a NAPI softirq context, we need to be careful about how we call napiconsumeskb. Specifically, we need to call it with budget == 0 to signal that we are not in a safe...