Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: filelock: Fixed the race condition recovery mechanism for fcntl/close operations. When I wrote the commit 3cad1bc01041 “filelock: Remove locks reliably when a fcntl/close race is detected”, I overlooked the fact that there were t...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nfs4setupreaddir: Insufficient locking for -dparent-d inode dereferencing. Theoretically, this could lead to an oops error due to a race condition, but I don’t believe it can actually be exploited on real hardware. It might be...

Astra Linux - уязвимость в mariadb-10.3

MariaDB Server before version 10.7 is vulnerable to Denial of Service attacks. In the file extra/mariabackup/dsxbstream.cc, when an error occurs e.g., streamctxt-destfile == NULL while executing the xbstreamopen method, the held lock is not released properly. This allows local users to trigger a...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tptunnelregister When a file descriptor of the pppol2tp socket is passed as a file descriptor of the UDP socket, a recursive deadlock occurs in l2tptunnelregister. This situation can b...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: In the vfs layer, a race condition related to mFlags has been fixed in vfscache. The ksmbd function maintains states such as “delete-on-close” and “pending-delete” in ksmbdinode-mFlags. In vfscache.c, this field is...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: wifi: cfg80211: The process of initializing wiphywork before allocating rfkill fails. The issue syzbort reported an uninitialized wiphyworklock in cfg80211devfree. 1 When the allocation of rfkill fails, the wiphy release proce...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Fixed deadlock with the SPI chip variant When SMP is enabled and spinlocks are actually functional, there is a deadlock with the ‘statelock’ spinlock between ks8851startxmitspi and ks8851irq: watchdog: BUG: Soft lock...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Consider the return from setmemoryrox when using bpfjitbinarylockro. setmemoryrox may fail, leaving memory unprotected. Check the return value and bail out if bpfjitbinarylockro returns an error...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In multiple functions of iouring.c, there is a possibility of kernel memory corruption due to improper locking. This could lead to a local escalation of privileges in the kernel, as execution privileges are required. User interaction is not necessary for exploiting this vulnerability...

Astra Linux - уязвимость в linux-5.10

A race condition was detected in the Linux kernel’s RxRPC network protocol, during the processing of RxRPC bundles. This issue arises due to the lack of proper locking when performing operations on an object. This could allow an attacker to escalate privileges and execute arbitrary code within th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: HID: corsair-void: Update power supply values using a unified work handler. The function corsairvoidprocessreceiver can be called from an interrupt context. Locking the batterymutex in this function caused a kernel panic. This...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: schedext: Fixed unsafe locking in the scxdumpstate function. For kernels built with CONFIGPREEMPTRT=y, the dumplock will be converted to a sleepable spinlock instead of a disable-irq one. This can lead to the following scenarios:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ntfs3: fixed a circular locking dependency in rununpackex. Syzbot reported a circular locking dependency between wnd-rwlock sbi-used.bitmap and ni-file.runlock. The deadlock scenario is as follows: 1. ntfsextendmft acquires...

Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: Fixed a use-after-free in l2capsockcleanuplisten. syzbot reported the issue without providing a reproducible example. In the affected code, a single thread called btacceptdequeue freed the socket object sk and then...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Input: cyapa – add missing input core locking to suspend/resume functions. Lock the “grabinput” mutex during suspend/resume functions, just as it is done in other input drivers. This fixes the following warning during system...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: NFS: Fixed the xarray locking mechanism in nfsnetfsissueread for writeback interrupts. The loop within nfsnetfsissueread currently does not disable interrupts during the iteration of pages in the xarray to perform NFS reads. This...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: 9p: Added missing locking around accessing the dentry fid list. Fixed a use-after-free issue when a thread accesses the dentry’s dfsdata fid list while another thread unlinks it from the dentry. UAF thread issues: refcountt:...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ptp: The logic that checks ptp-nvclocks has been removed from ptpvclockinuse. It’s clear that we should check both ptp-isvirtualclock and ptp-nvclocks to determine whether the ptp virtual clock is in use. However, when we access...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcisync: Fixed a double-free in ‘hcidiscoveryfilterclear’. The function ‘hcidiscoveryfilterclear’ frees the ‘uuids’ array and then sets it to NULL. There is a small chance that the following races will occur:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Ensure that memcg is instructed to use allowspinning=false in bpftimerinit. Currently, calling bpfmapkmallocnode from bpfasyncinit can cause various locking issues; see the following stack trace edited for style as an...