Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fixed a potential data race in the PCM memory allocation helpers The PCM memory allocation helpers include a sanity check to prevent too many buffer allocations. However, this check is performed without proper locking,...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: um: time-travel: fix time corruption In the “basic” time-travel mode without =inf-cpu or =ext, we still encounter timer interrupts. These can occur at arbitrary times, for example, while inside the timerread function, which simpl...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: KEYS: Trusted – Fixed a memory leak in tpm2loadcmd. tpm2loadcmd allocates a temporary blob indirectly through tpm2keydecode, but the blob is not freed during failure paths. This issue can be addressed by wrapping the blob with a...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Do not abort the filesystem when attempting to take a snapshot of a deleted subvolume. If the source file descriptor for the snapshot ioctl refers to a deleted subvolume, the following abort occurs: BTRFS: Transaction...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Fixed the issue where sclpinit fails and does not clean up properly. If sclpinit fails, it only partially cleans up resources. If there are multiple failed calls to sclpinit, sclpstatechangeevent will be added multiple...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed an issue where reservations were advanced beyond their limit in the ringbuf structure. The BPF ring buffer is internally implemented as a circular buffer of a power-of-2 size. It contains two logical counters that are...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: liquidio: The handling of NULL pointers in liovfrepcopypacket was adjusted. In liovfrepcopypacket, pginfo-page is compared to a NULL value, but it is then unconditionally passed to skbaddrxfrag. This seems strange and could lead ...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: relaxed the check on socket state during the accept process. Christoph reported the following issue: WARNING: CPU: 1 PID: 772 at net/ipv4/afinet.c:761 inetaccept+0x1f4/0x4a0 Modules linked in: CPU: 1 PID: 772 Comm:...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: llc: Call to sockorphan at the release time. syzbot reported an interesting trace 1 caused by a stale sk-skwq pointer in a closed llc socket. In the commit ff7b11aa481f “net: socket: set sock-sk to NULL after calling...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: rt2x00 – The beacon queue is restarted when a hardware reset occurs. When a hardware reset is triggered, all registers are reset, causing all queues to stop in the hardware interface. However, mac80211 does not automaticall...

Astra Linux - уязвимость в linux-5.15, linux-6.1

A null pointer dereference vulnerability was discovered in the nftdynsetinit function in net/netfilter/nftdynset.c within nftables in the Linux kernel. This issue may allow a local attacker with the CAPNETADMIN user privilege to trigger a denial of service attack...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Check the return value of allocworkqueue in radeoncrtcinit. Check the return value of allocworkqueue in radeoncrtcinit to avoid null-ptr-deref...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: sched/core: Prevent rescheduling when interrupts are disabled. David reported a warning observed during loop testing of the kexec jump: Intercepts were enabled after irqrouterresume+0x0/0x50. Warning: CPU: 0 PID: 560 at...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Bonding: Do not assume that the skbmacheader is set. Drivers must not assume in their ndostartxmit function that skbs have their macheader set. skb-data is sufficient. Bonding seems to be one of the last vulnerabilities that a...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

A transient execution vulnerability in some AMD processors may allow an attacker to extract data from previous memory stores, potentially leading to the leakage of privileged information...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ila: blocking BH in ilaoutput As explained in commit 1378817486d6 “tipc: blocking BH before using dstcache”, the net/core/dstcache.c helper functions need to be called with blocking BH disabled. ilaoutput is called from...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: - dmaengine: ti: edma: Add some null pointer checks to the edmaprobe. - devmkasprintf returns a pointer to dynamically allocated memory; this pointer may be NULL in case of failure. Ensure that the allocation was successful by...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

A race condition was detected in the Linux kernel’s media/xc4000 device driver, specifically in the xc4000getfrequency function. This can lead to a return value overflow issue, potentially causing malfunctions or denial-of-service problems...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: mptcp: made the fallback action and decision atomic. Syzkaller reported the following errors: WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcpdofallback net/mptcp/protocol.h:1223 inline WARNING: CPU: 1 PID: 7704 at...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: igc: Fixed kernel panic during ndotxtimeout callback The Xeon validation group has conducted some load tests with various hardware configurations. During these tests, some transmit queue timeouts occurred. This caused the reset...