329 matches found
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: RISCV: Check whether the code to be patched lies within the exit section. Otherwise, we proceed to vmalloctopage, which panics because the address does not lie within the vmalloc region...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: jbd2: Check ‘jh-btransaction’ before removing it from the checkpoint. The following process will corrupt the ext4 image: Step 1: jbd2journalcommittransaction jbd2journalinsertcheckpointjh, committransaction // Place jh into...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: xen/events: The close evtchn operation is performed after mapping cleanup is completed. shutdownpirq and startuppirq do not take the irqmappingupdatelock, as they cannot do so due to lock inversion. Both functions are called...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: UDP: Do not accept non-tunnel GSO packets that land in a tunnel. When rx-udp-gro-forwarding is enabled, UDP packets may be forwarded in a way that causes them to land in a tunnel. This can lead to various issues. udpgroreceive...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: A mistake of “one” was corrected in qlaedifappgetstats. The appreply-elem array is allocated earlier in this function, and it contains appreq.numports elements. Therefore, the comparison operator needs to be change...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fixed the use of VAS memory after freeing it. The reference count on the memory module is lowered before the coprocessor is detached...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: icmp6: Fixed the null-ptr-deref of ip6nullentry-rt6iidev in icmp6dev. With some IPv6 Ext Hdr RPL, SRv6, etc., we can send a packet that has the link-local address as src and dst IP, and it will be forwarded to an external IP in t...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: nfs: fixed a panic that occurred when nfs4fflayoutprepareds failed. We have observed the following panics in production: BUG: NULL pointer dereferencing in the kernel, address: 0000000000000065 PGD: 2f485f067; P4D: 2f485f067;...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: Ring-Buffer: Fixed a deadloop issue when reading tracepipe. A soft lockup occurs when reading the file ‘tracepipe’: - Watchdog: BUG: Soft lockup – CPU6 stuck for 22 seconds! cat:4488 - ... - RIP: 0010:...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A null pointer dereference flaw was discovered in the hugetlbfsfillsuper function within the Linux kernel’s hugetlbfs Huge TLB pages functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on the system...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ftrace: Added condresched to ftracegraphsethash. When the kernel contains a large number of functions that can be traced, the loop in ftracegraphsethash may take a long time to execute. This may trigger the softlockup watchdog. B...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a reference count leak when an invalid session is found during session lookup. When a session is found, but its state is not SMB2SESSIONVALID, it indicates that no valid session was found. However, the reference coun...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fixed the issue where a tainted pointer was deleted instead of the previously created rules when the flow rule creation failed. This issue occurs when the mlx5lagcreateportseltable function fails to create flow rules...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
A transient execution vulnerability in some AMD processors may allow an attacker to extract data from previous memory stores, potentially leading to the leakage of privileged information...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: rcuscale: Move rcuscalewriter’s scheduletimeoutuninterruptible function to idle. The rcuscale.holdoff module parameter can be used to delay the start of rcuscalewriter’s kthread. However, the hung-task timeout will trigger when t...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: igc: Fixed kernel panic during ndotxtimeout callback The Xeon validation group has conducted some load tests with various hardware configurations. They observed that transmit queue timeouts occurred during these tests. This cause...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: A potential use-after-free issue has been addressed in nilfsgccachesubmitreaddata. In nilfsgccachesubmitreaddata, the function brelsebh is called to decrement the reference count of bh when the call to nilfsdattranslate...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: fixed a UAF Unauthorized File Access issue in smb20oplockbreakack. Also, the reference was removed after using opinfo...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: dcb: The correct policy must be chosen to parse DCBATTRBCN. The function dcbnlbcnsetcfg uses an incorrect policy to parse tbDCBATTRBCN. This issue was introduced in commit 859ee3c43812 “DCB: Add support for DCB BCN”. Please...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...